CVE-2007-3021

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition SAV CE 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via...

GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow

source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrary code outside of a restricted environment, which may...

GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow

GDB 6.6 - ProcessCoffSymbol UPX File Buffer Overflow source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrar...

SOL6919 - Cross-site scripting vulnerability in my.activation.php3 CVE-2007-3097

A cross-site scripting XSS vulnerability exists in the FirePass my.activation.php3 logon page.The affected FirePass logon URL fails to fully sanitize certain URL arguments before the requested web page content is returned to the browser. It is possible for an attacker to create web pages, emails ...

SOL6804 - ClamAV Portable Executable heap overflow Vulnerability - CVE-2006-4182

The FirePass controller provides anti-virus scanning of files uploaded through Portal Access from the ClamAV open source software . Scanning is enabled by selecting the Enable Standalone Virus Scanner option button on the Antivirus tab of the Portal Access: Content Inspection page. A vulnerabilit...

Debian DSA-1287-1 : ldap-account-manager - multiple vulnerabilities

Two vulnerabilities have been identified in the version of ldap-account-manager shipped with Debian 3.1 sarge. - CVE-2006-7191 An untrusted PATH vulnerability could allow a local attacker to execute arbitrary code with elevated privileges by providing a malicious rm executable and specifying a PA...

real-dos.txt

!/usr/bin/python Real player 10 Gold .Ra file remote Dos. Credits to n00b for finding this bug This bug is a nasty memory leak with in Real player 10 gold please remember if your guna test it out save all your info you need first..Coz your probly guna have to reboot also remember all other...

Code injection

Direct static code injection vulnerability in admin/save.php in Stephen Craton aka WiredPHP Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, which are included and executed...

MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)

No description provided by source. / version 0.5 Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows .ANI LoadAniIcon Stack Overflow For Hardware DEP XP SP2 CVE-2007-1765 Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take...

CVE-2007-1658

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a 1 local file or 2 UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using...

Code injection

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a 1 local file or 2 UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using...

EUVD-2007-1546

Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type with a filename containing an executable extension...

CVE-2006-7134

Unrestricted file upload vulnerability in mainuser.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...

Kaspersky Antivirus DoS

Infinite loop on unpacking UPX-packed executable file...

Data URLs with executables and misleading download dialog – Opera Security Advisories

Data URLs with executables and misleading download dialog – Opera Security Advisories OPCOM Team | February 9, 2007 Severity: Moderate Summary A data URL RCF 2397 containing an executable file maycause Opera to mislead the user. Opera’s download dialogwill in some cases say “Open with NOTEPAD.EXE...

Vulnerability in Opera’s use of kfmclient – Opera Security Advisories

Vulnerability in Opera’s use of kfmclient – Opera Security Advisories OPCOM Team | February 9, 2007 Severity: Moderate Since version 7.50, Opera for Linux has offered theuser a new way to open files which Opera can not openitself: “Open with kfmclient”. This feature can beexploited to run malicio...

Buffer overflow

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

CVE-2007-0851

CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...

CVE-2007-0851

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

CVE-2007-0819

HP Network Node Manager NNM Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the H...