Downloading executables with "Save Image As..." — Mozilla

By layering a transparent image link to an executable on top of a visible and presumably desirable image a malicious site might be able to convince some visitors to right-click and choose "Save image as..." from the context menu and fool them by giving them the executable instead. When the users...

CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

Code injection

Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.1023, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying executable programs such as 1 tmntsrv.exe and 2 tmproxy.exe...

PT-2006-2390 · Trend Micro · Trend Micro Officescan

Name of the Vulnerable Software and Affected Versions: Trend Micro OfficeScan versions prior to 6.5 Description: The issue allows local users to gain SYSTEM privileges by modifying the tmlisten.exe file due to insecure DACLs used for critical files. Recommendations: For versions prior to 6.5,...

Multiple Firebird vulnerabilities

Few executable files are installed suid firebird, one of them has buffer overflow...

Fedora Core 4 : kernel-2.6.15-1.1833_FC4 (2006-131)

This update rebases to the latest -stable release 2.6.15.5, which fixes a number of security problems. - sysmbind failed to sanity check its arguments, leading to a potential local DoS. - A specially crafted ELF executable could cause Intel EM64T boxes to crash. CVE-2006-0741 - Normal users could...

Hauri Virobot antivirus privilege esalation

Local user can obtain unrestricted access with suid CGI executable...

CVE-2006-0787

wimpytrackplays.php in Plaino Wimpy MP3 Player, possibly 5.2 and earlier, allows remote attackers to insert arbitrary strings into trackme.txt via the 1 trackFile, 2 trackArtist, and 3 trackTitle parameters, which can result in providing false information about songs, occupying excessive disk spa...

CVE-2006-0787

wimpytrackplays.php in Plaino Wimpy MP3 Player, possibly 5.2 and earlier, allows remote attackers to insert arbitrary strings into trackme.txt via the 1 trackFile, 2 trackArtist, and 3 trackTitle parameters, which can result in providing false information about songs, occupying excessive disk spa...

Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability

Description The Microsoft Windows Media Player plugin for non-Microsoft browsers is prone to a buffer-overflow vulnerability. The application fails to do proper boundary checks on user-supplied data before using it in a finite-sized buffer. An attacker can exploit this issue to execute arbitrary...

[Full-disclosure] [USN-245-1] KDE library vulnerability

=========================================================== Ubuntu Security Notice USN-245-1 January 20, 2006 kdelibs vulnerability CVE-2006-0019 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Hoary Hedgehoga Ubuntu...

Ubuntu 4.10 / 5.04 : binutils vulnerability (USN-136-1)

Tavis Ormandy found an integer overflow in the Binary File Descriptor BFD parser in the GNU debugger. The same vulnerable code is also present in binutils. By tricking an user into processing a specially crafted executable with the binutils tools strings, objdump, nm, readelf, etc., an attacker...

eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit (2)

No description provided by source. !/usr/bin/perl -s damn-hippie.pl by kokanin google estara, it shows sip stuff and a hippie Remote "estara softphone" exploit, executable version info = 3.0.1.2 kokanin did the research, metasploit.com did the encoded bindshell on tcp/5060 Lets face it, most user...

Apple QuickTime 6.4/6.5/7.0.x - PictureViewer '.JPEG'/.PICT' File Buffer Overflow

source: https://www.securityfocus.com/bid/16212/info Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers. An attacker may be able to exploit this issue to...

clamav -- possible heap overflow in the UPX code

The Zero Day Initiative reports: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Clam AntiVirus installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within libclamav/upx.c during the unpacking of executable files...

DiscusWare Discus 3.10 - Error Message Cross-Site Scripting

source: https://www.securityfocus.com/bid/16119/info DiscusWare Discus is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...