CVE-2006-7067

Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and possibly have other impacts, via an "alter session set events" command with invalid arguments. NOTE: this issue was originally disputed by a third party, but the dispute was retracted. NOTE: this iss...

SUSE-SA:2006:053: flash-player

The remote host is missing the patch for the advisory SUSE-SA:2006:053 flash-player. Multiple input validation errors have been identified in the Macromedia Flash Player that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered...

axigen 1.2.6 - 2.0.0b1 DoS (x86-lnx)

No description provided by source. / doaxigen.c axigen 1.2.6 - 2.0.0b1 DoS x86-lnx by mu-b - Sat Oct 22 2006 - Tested on: AXIGEN 1.2.6 lnx AXIGEN 2.0.0b1 lnx 0x08088054: parsing error results in DoS little-endian, confirmed DoS + off-by-one heap smash big-endian Note: if you receive a SIGPIPE the...

CVE-2007-0419

The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service server outage...

FreeBSD : joomla -- multiple remote vulnerabilities (7bb127c1-a5aa-11db-9ddc-0011098b2f36)

Secunia reports : Some vulnerabilities have been reported in Joomla!, where some have unknown impacts and one can be exploited by malicious people to conduct cross-site scripting attacks. - Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This...

DEBIAN-CVE-2007-0254

Format string vulnerability in the errorscreatewindow function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors...

The Firewall on - time nearly successful violent social engineering-vulnerability warning-the black bar safety net

I this person is relatively outdated, and often in the movie heat put long after only to see, such as the firewall. Because it is your own Bank, so for this movie there is a very high interest, and the entire process and also see the comparison carefully. Look after not only lament, this is how...

CVE-2007-0124

Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist...

Code injection

Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist...

DEBIAN-CVE-2007-0109

wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks...

Drupal core - Denial of service

The way page caching was implemented allows a denial of service attack. An attacker has to have the ability to post content on the site. He or she would then be able to poison the page cache, so that it returns cached 404 page not found errors for existing pages. If the page cache is not enabled,...

About the database the simple intrusion and rogue damage-vulnerability warning-the black bar safety net

For domestic and foreign a lot of news, BBS and e-Commerce site using ASP+SQL design, and write an ASP programmer many many have just graduated, so, ASP+SQL attack success rate is relatively high. This type of attack method with the NT version and SQL version is not much relationship, there is no...

joomla -- multiple remote vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Joomla!, where some have unknown impacts and one can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This can...

[Full-disclosure] Coolplayer buffer overflow vulnerabilities

Affected software: Coolplayer coolplayer.sourceforge.net Versions: = 215 Discovered by: Mehdi Oudad and Kevin Fernandez, zone-h.fr The coolplayer authors have been mailed through contact at/ daansystems. com on november 15 2005 but we never got any reply. On november 30 2006 they published a new...

GLSA-200612-04 : ModPlug: Multiple buffer overflows

The remote host is affected by the vulnerability described in GLSA-200612-04 ModPlug: Multiple buffer overflows Luigi Auriemma has reported various boundary errors in loadit.cpp and a boundary error in the 'CSoundFile::ReadSample' function in sndfile.cpp. Impact : A remote attacker can entice a...

ModPlug: Multiple buffer overflows

Background ModPlug is a library for playing MOD-like music. Description Luigi Auriemma has reported various boundary errors in loadit.cpp and a boundary error in the "CSoundFile::ReadSample" function in sndfile.cpp. Impact A remote attacker can entice a user to read crafted modules or ITP files,...

CVE-2006-6309

Multiple array index errors in IBM Tivoli Storage Manager TSM before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service crash via a large index value in unspecified messages, a different issue than CVE-2006-5855...

CVE-2006-6309

CVE-2006-6309 describes multiple array/index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4. A remote attacker could read arbitrary memory locations and trigger a denial of service (crash) via a large index value in unspecified messages. This vulnerability is disti...

CVE-2006-6309

Multiple array index errors in IBM Tivoli Storage Manager TSM before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service crash via a large index value in unspecified messages, a different issue than CVE-2006-5855...

CVE-2006-6282

members.php in Vikingboard 0.1.2 allows remote attackers to trigger a forced SQL error via an invalid s parameter, a different vector than CVE-2006-4709. NOTE: might only be an exposure if displayerrors is enabled, but due to lack of details, even this is not clear...