5334 matches found
CVE-2006-7151
Untrusted search path vulnerability in the libtool-ltdl library libltdl.so 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the 1 hwcap, 2 0, and 3 nosegneg subdirectories...
CVE-2007-0713
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted QuickTime movie file...
CVE-2007-1251
Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...
CVE-2007-1247
Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the pathtonews parameter to 1 listing.php or 2 visview.php...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the donsimgbasepath parameter to 1 attributes.php, 2 images.php, or 3 scan.php in admin/; or 4 attributes.php, 5 dbutils.php, 6 images.php, 7 utils.php, or ...
CVE-2007-1190
Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Remote file inclusion
PHP remote file inclusion vulnerability in fcring.php in FCRing 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the sfuss parameter...
Memory corruption
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain vectors that trigger memory corruption...
Remote file inclusion
PHP remote file inclusion vulnerability in functions.php in Extreme phpBB aka phpBB Extreme 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2007-0321
Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect formerly InstallShield Update Service allows remote attackers to execute arbitrary code via the Download method...
Remote file inclusion
PHP remote file inclusion vulnerability in adminrebuildsearch.php in phpbbwordsearch allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in include.php in Meganoide's news 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the SERVERDOCUMENTROOT parameter...
CVE-2007-1006
Multiple format string vulnerabilities in the gmmainwindowflashmessage function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet...
CVE-2007-1006
CVE-2007-1006 affects Ekiga prior to 2.0.5, where multiple format string vulnerabilities in gm_main_window_flash_message can be triggered by a crafted Q.931 SETUP packet. This could cause denial of service and potentially allow arbitrary code execution. The advisory details indicate the issue res...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5, when PHP 5.0.0 or later is used, allows remote attackers to execute arbitrary PHP code via an ftp URL in the n parameter...
CVE-2007-0976
Buffer overflow in the ActSoft DVD-Tools ActiveX control dvdtools.ocx allows remote attackers to execute arbitrary code via a long DVDTOOLS.OpenDVD property value...
Heap overflow
Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a torrent file with a crafted announce header...
CVE-2007-0770
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for...
Remote file inclusion
PHP remote file inclusion vulnerability in classes/menu.php in Site-Assistant 0990 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathsversion parameter...
CVE-2007-0828
PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter...