Code injection

The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module...

CentOS Update for firefox CESA-2008:0549 centos3 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2008:0549 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for xorg-x11 CESA-2008:0503 centos4 i386

Check for the Version of xorg-x11 OpenVAS Vulnerability Test CentOS Update for xorg-x11 CESA-2008:0503 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for XFree86-100dpi-fonts CESA-2008:0502 centos3 i386

Check for the Version of XFree86-100dpi-fonts OpenVAS Vulnerability Test CentOS Update for XFree86-100dpi-fonts CESA-2008:0502 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

CentOS Update for XFree86 CESA-2008:0512-01 centos2 i386

Check for the Version of XFree86 OpenVAS Vulnerability Test CentOS Update for XFree86 CESA-2008:0512-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Mandrake Security Advisory MDVSA-2009:043 (gnumeric)

The remote host is missing an update to gnumeric announced via advisory MDVSA-2009:043. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Stack overflow

Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained...

CVE-2009-0569

Buffer overflow in Becky! Internet Mail 2.48.02 and earlier allows remote attackers to execute arbitrary code via a mail message with a crafted return receipt request...

CVE-2009-0139

Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service system shutdown or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow...

Memory corruption

Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service application termination and execute arbitrary code via a crafted resource fork that triggers memory corruption...

CVE-2009-0020

Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service application termination and execute arbitrary code via a crafted resource fork that triggers memory corruption...

CVE-2009-0544

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length...

Buffer overflow

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length...

Remote file inclusion

PHP remote file inclusion vulnerability in examples/exampleclientsidejavascript.php in patForms, as used in Sourdough 0.3.5, allows remote attackers to execute arbitrary PHP code via a URL in the neededFilespatForms parameter...

CVE-2008-6071

Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from...

CVE-2009-0490

Stack-based buffer overflow in the Stringparse::getnonspacequoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a .gro file containing a long string...

CVE-2009-0490

Stack-based buffer overflow in the Stringparse::getnonspacequoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a .gro file containing a long string...

CVE-2009-0490

Stack-based buffer overflow in the Stringparse::getnonspacequoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a .gro file containing a long string...

CVE-2009-0441

PHP remote file inclusion vulnerability in skinshop/standard/2viewbody/bodydefault.php in TECHNOTE 7.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the shopthisskinpath parameter, a different vector than CVE-2008-4138...

CVE-2009-0388

Multiple integer signedness errors in 1 UltraVNC 1.0.2 and 1.0.5 and 2 TightVnc 1.3.9 allow remote VNC servers to cause a denial of service heap corruption and application crash or possibly execute arbitrary code via a large length value in a message, related to the a...