CVE-2007-1582

The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD ext/gd extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify...

CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/base.php in Radical Designs Activist Mobilization Platform AMP 3.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter...

Format string

Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...

Integer overflow

Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large maxsamples value...

CVE-2003-1321

CVE-2003-1321 concerns Avant Browser 8.02, where a buffer overflow can be triggered by a long URL in an HTTP request, enabling remote denial-of-service and potentially arbitrary code execution. The provided documents do not specify a fix/patch version or remediation. No exploitation status is det...

CVE-2007-1466

Integer overflow in the WP6GeneralTextPacket::readContents function in WordPerfect Document importer/exporter libwpd before 0.8.9 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file, a different...

Buffer overflow

Multiple buffer overflows in LIBFtp 5.0 allow user-assisted remote attackers to execute arbitrary code via certain long arguments to the 1 FtpArchie, 2 FtpDebugDebug, 3 FtpOpenDir, 4 FtpSize, or 5 FtpChmod function...

CVE-2007-1472

CVE-2007-1472 affects Groupit 2.00b5: a variable overwrite vulnerability in groupit.start.inc allows remote inclusion and arbitrary PHP execution by arguments written to $_GLOBALS. Exploitation demonstrated via c_basepath URL parameter to content.php, userprofile.php, password.php, dispatch.php, ...

CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255)

According to its version, the installation of BrightStor ARCserve Backup on the remote host is affected by multiple buffer overflows involving the application's Tape Engine and portmapper services. An unauthenticated, remote attacker may be able to leverage these issues to crash or disable the...

CVE-2007-0733

Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption...

CVE-2007-1429

Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 allow remote attackers to execute arbitrary PHP code via a URL in the cmd parameter to 1 admin/utfdbmigrate.php or 2 filter.php...

CVE-2007-1429

Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 allow remote attackers to execute arbitrary PHP code via a URL in the cmd parameter to 1 admin/utfdbmigrate.php or 2 filter.php...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0.13 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 classpath parameter to a includes/resafunc.inc.php b admin/notices/perso.inc.php, or c admin/quotas/main.inc.php; the 2 basepath parameter ...

Debian DSA-1265-1 : mozilla - several vulnerabilities

Several security related problems have been discovered in Mozilla and derived products. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-6497 Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and...

CVE-2007-1371

Multiple buffer overflows in Conquest 8.2a and earlier 1 allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; 2 all...

Directory traversal

Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . dot characters adjacent to 1 users and 2 users/members strings, which are removed by blacklisting functions that filter the...

CVE-2007-1329

Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . dot characters adjacent to 1 users and 2 users/members strings, which are removed by blacklisting functions that filter the...

CVE-2007-1329

Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . dot characters adjacent to 1 users and 2 users/members strings, which are removed by blacklisting functions that filter the...