CVE-2007-4913

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files

VISIT ORIGINAL ADVISORY FOR MORE DETAILS http://myimei.com/security/2007-09-01/olate-download-342-useruploadphp-upload-executable-files.html VISIT ORIGINAL ADVISORY FOR MORE DETAILS/ ——-Summary—— Software: Olate Download Sowtware's Web Site: http://www.olate.co.uk/ Versions: 3.4.2 Class: Remote...

CVE-2007-3912

checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process...

CVE-2007-3912

checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process...

Checkpoint ZoneAlarm multiple privilege escalations

Vsdatant.sys driver multiple IOCTLs buffer overflows. Weak permissions for executable files...

Baidu Soba ActiveX code execution

Unsafe function allows to download and execute executable file...

Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)

Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda Antivirus 2008 Not Affected Products: - Panda...

[Full-disclosure] CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability

CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability BACKGROUND: =========== BlueSkychat is a professional voice and video chat software widely used by large chat websites in china. DESCRIPTION: ============ Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered ...

Not dead shellcode-exploit warning-the black bar safety net

HEE HEE,today the computer some of the things transferred to the mobile hard disk,find yourself previously voted over the few manuscript,crude see an article but there are a few articles or a little heat,simply submit to the evil eight,hope can be a friend in need some help...rookie write the dis...

Internet Explorer drag-n-drop vulnerability

By using javaasript in conjunction with shell:startup it's possible to place executable into startup folder if user drags an object on the page or scrolls the page...

Symantec Mail Security for SMTP libdayzero.dll Executable Parsing DoS

Symantec Mail Security for SMTP, which provides antispam and antivirus protection for the IIS SMTP Service, is installed on the remote Windows host. The version of Symantec Mail Security for SMTP installed on the remote host contains boundary errors in its detection of executable packers in...

Symantec Mail Security for SMTP可执行程序附件解析拒绝服务漏洞

BUGTRAQ ID: 24625 CVECAN ID: CVE-2007-1792 Symantec Mail Security for SMTP是用于扫描邮件的反垃圾邮件、杀毒和内容过滤软件包。 Mail Security的SMS Filter Hub服务没有正确地解析邮件附件中的可执行程序，如果攻击者发送了恶意邮件的话就可能导致无法处理的访问破坏，服务会周期性的拒绝邮件。 Symantec Mail Security for SMTP 5.0.1 Symantec Mail Security for SMTP 5.0 Symantec Mail Security Appliance...

Openedge _mprosrv buffer overflow

There is a potential for a buffer overflow in the database executable mprosrv while reading a TCP/IP message that is incorrectly formatted. To avoid this problem, additional checking has been added to the mprosrv executable that will prevent incorrectly formatted messages from causing buffer...

Code injection

libdayzero.dll in the Filter Hub Service filter-hub.exe in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service crash via a crafted executable attachment in an e-mail, involving the detection of...

CVE-2007-1792

libdayzero.dll in the Filter Hub Service filter-hub.exe in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service crash via a crafted executable attachment in an e-mail, involving the detection of...

Symantec Mail Security for SMTP Executable Attachment Parsing Denial of Service

SUMMARY A denial of service has been discovered in Symantec Mail Security for SMTP when parsing Executable Attachments. Risk Impact Low Remote Access | Yes ---|--- Local Access | No Authentication Required | No Exploit publicly available | No AFFECTED PRODUCTS Products | Versions | Solution...

Stack overflow

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...

CVE-2007-3314

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...

CVE-2007-3314

CVE-2007-3314 describes a stack-based overflow in Altap Servant Salamander 2.5 (peviewer.spl) and related PE Viewer components that can be triggered by a crafted PE file, allowing a remote attacker to execute arbitrary code. The vulnerability is caused by processing a long PDB debug filename and ...

CentOS 3 : gdb (CESA-2007:0469)

An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a...