CVE-2002-1139

The CVE-2002-1139 issue affects Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP under the Compressed Folders feature. The root cause is that the destination folder is not properly validated during ZIP decompression, allowing an attacker to place an executable in a known location ...

Gadu-Gadu 6.0 - File Download Filename Obfuscation

Gadu-Gadu 6.0 - File Download Filename Obfuscation source: https://www.securityfocus.com/bid/11017/info Gadu-Gadu is a Polish instant messaging application for Microsoft Windows operating systems. It is reported that the Gadu-Gadu instant messenger application contains a weakness allowing attacke...

Netwin WebNews Webnews.exe Remote Overflow

Binary data 1716.prm...

PDGSoft Shopping Cart changepw.exe Remote Overflow

Binary data 1629.prm...

Linux Service Modification Service Start (via Splunk): systemd (executable .service file)

Binary data 710044.prm...

Trend Micro Virus Buster cgiWebupdate.exe Arbitrary File Access

Binary data 1627.prm...

SMTP Server Inbound .exe Attachment Detection

Binary data 1173.prm...

Internet Security Systems BlackICE PC Protection 3.6 - Firewall.INI Local Buffer Overrun

source: https://www.securityfocus.com/bid/10915/info It is reported that BlackICE PC Protection is prone to a local buffer overrun when handling excessive input in certain configuration directives parsed from the firewall.ini file included with the software. It is reported that when the system is...

CVE-2004-0213

Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context...

Mandrake Linux Security Advisory : gnupg (MDKSA-2001:053-1)

A format string vulnerability exists in gnupg 1.0.5 and previous versions which is fixed in 1.0.6. This vulnerability can be used to invoke shell commands with privileges of the currently logged-in user. Update : The /usr/bin/gpg executable was installed setuid root and setgid root. While being...

Norton AntiVirus DoS

Programs hangs with 100 on malcrafted executable file...

UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit

Exploit for unix platform in category local exploits ========================================================= UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit ========================================================= / Exploit for /bin/mkdir Unix V7 PDP-11. mkdir has a buffer overflow...

vpasp5x.txt

VP-ASP Shopping Cart Multiple Vulnerabilities Release Date: June 14, 2004 Severity: High Vendor: Virtual Programming Software: VP-ASP Shopping Cart Version 5.x Remote: Remotely executable Vulnerabilities: Cross Site Scripting SQL Injection Technical Details: Cross Site Scripting Vulnerability was...

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method source: https://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods...

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method

source: https://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a malicious website and may result i...

[Full-Disclosure] VP-ASP Shopping Cart Multiple Vulnerabilities

VP-ASP Shopping Cart Multiple Vulnerabilities Release Date: June 14, 2004 Severity: High Vendor: Virtual Programming Software: VP-ASP Shopping Cart Version 5.x Remote: Remotely executable Vulnerabilities: Cross Site Scripting SQL Injection Technical Details: Cross Site Scripting Vulnerability was...

CVE-2004-0503

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format RTF message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to...

IBM EGatherer 2.0 - ActiveX Control Dangerous Method

IBM EGatherer 2.0 - ActiveX Control Dangerous Method source: https://www.securityfocus.com/bid/10562/info It is reported that the IBM eGatherer ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods ma...

IBM EGatherer 2.0 - ActiveX Control Dangerous Method

source: https://www.securityfocus.com/bid/10562/info It is reported that the IBM eGatherer ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a malicious website and may result i...

Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass

Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass source: https://www.securityfocus.com/bid/10164/info A vulnerability has been reported in Symantec Norton AntiVirus 2002 that may potentially cause deeply nested files with specific names to bypass manual scanning. This could permit...