Remote file inclusion

PHP remote file inclusion vulnerability in chreadalso.php in News Manager 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the readxmlinclude parameter...

CVE-2008-1944

Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer PVFB Message 3.0 through 3.0.3 allows local users to cause a denial of service SDL crash and possibly execute arbitrary code via "bogus screen updates," related to missing validation of the "format of message...

CVE-2008-2145

Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long username in the "forgotten password" dialog...

CVE-2008-2144

Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors...

CVE-2008-1801

Integer underflow in the isorecvmsg function iso.c in rdesktop 1.5.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Remote Desktop Protocol RDP request with a small length field...

CVE-2003-1558

Vulnerability: CVE-2003-1558 affects fnord 1.6,×specifically the httpd.c do_cgi function. The issue is a buffer overflow caused by a long CGI request. Impact: Remote attackers can cause a denial of service (crash) and may potentially execute arbitrary code. Details: Described as a buffer overflow...

Buffer overflow

Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI...

CVE-2008-2069

CVE-2008-2069 affects Novell GroupWise 7, where a buffer overflow in the mailto: URI handler allows remote attackers to cause a denial of service or execute arbitrary code. The vulnerability is triggered by a long argument in a mailto: URI, with public references noting exploitation in exploit pa...

CVE-2008-2043

Multiple cross-site request forgery CSRF vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to 1 execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via 2 frontend/x2/sql/adddb.html, 3...

CVE-2008-2040

Stack-based buffer overflow in the HTTP::getAuthUserPass function core/common/http.cpp in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Basic Authentication string with a long 1 username or 2 password...

CVE-2008-2010

Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a...

vlc-format.txt

/ Epibite // bite since 1442 pown meme ta mamie / / Advisory from Luigi Auriemma CVE-2007-6682 / format string in VideoLAN VLC 0.8.6d Description : Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary cod...

Input validation

startkdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" probably command-line arguments that cause startkdeinit to send SIGUSR1 signals to other processes...

Stack overflow

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1973

Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allows remote attackers to cause a denial of service crash or execute arbitrary code via a long subtitle file...

Heap overflow

Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allows remote attackers to cause a denial of service crash or execute arbitrary code via a long subtitle file...

CVE-2008-1959

Stack-based buffer overflow in the getremotevideoportmedia function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtained from third party information...

Stack overflow

Stack-based buffer overflow in the getremotevideoportmedia function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtained from third party information...

SuSE 10 Security Update : libpng (ZYPP Patch Number 5181)

Specially crafted png files could overwrite arbitrary memory. Attackers could potentially exploit that to execute arbitrary code. CVE-2008-1382 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

Input validation

A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service browser crash via an invalid WksPictureInterface property value, which triggers an improper...