Microsoft SMBv2 signing vulnerability

Overview A vulnerability in the way Microsoft Server Message Block Version 2 SMBv2 implements digital signing of packets may allow a remote, unauthenticated attacker to gain local user privileges and execute arbitrary code. Description Microsoft Server Message Block SMB Protocol is a network file...

Remote file inclusion

PHP remote file inclusion vulnerability in userspopupL.php3 in phpMyChat 0.14.5 allows remote attackers to execute arbitrary PHP code via a URL in the From parameter...

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

openSUSE 10 Security Update : glib2 (glib2-4768)

Glib2 contains a copy of the pcre library. Specially crafted regular expressions could lead to a buffer overflow in the pcre library. Applications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code...

CVE-2007-6238

Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organizati...

CVE-2007-6189

A certain ActiveX control in 1 OScan8.ocx and 2 Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leadi...

CVE-2007-6165

Mail in Apple Mac OS X Leopard 10.5.1 allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a...

CVE-2007-6115

Buffer overflow in the ANSI MAP dissector for Wireshark formerly Ethereal 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors...

CVE-2007-6117

Unspecified vulnerability in the HTTP dissector for Wireshark formerly Ethereal 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted chunked messages...

CVE-2007-6112

Buffer overflow in the PPP dissector Wireshark formerly Ethereal 0.99.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

Memory corruption

Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service application termination or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption...

CVE-2007-4697

Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service application termination or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption...

Double free

Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service system shutdown or execute arbitrary code via crafted IPV6 packets...

CVE-2007-4268

Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value,...

CVE-2007-4697

Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service application termination or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption...

Format string

Format string vulnerability in the extyahoocontactadded function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle who...

Ubuntu 5.04 / 5.10 / 6.06 LTS : imagemagick vulnerability (USN-337-1)

Damian Put discovered a buffer overflow in imagemagick's SGI file format decoder. By tricking an user or automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted t...

CVE-2007-5396

Format string vulnerability in the extyahoocontactadded function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle who...

Buffer overflow

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function...

CVE-2007-5904

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function...