CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...

Remote file inclusion

PHP remote file include vulnerability in 1 include/templates/categories/default.php and 2 certain other include/templates/categories/ PHP scripts in Valdersoft Shopping Cart 3.0 allows remote attackers to execute arbitrary code via a URL in the catalogDocumentRoot parameter...

CVE-2006-0082

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...

Buffer overflow

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector...

CVE-2005-4817

Format string vulnerability in ui.c in Textbased MSN Client TMSNC before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function...

CVE-2005-4817

Format string vulnerability in ui.c in Textbased MSN Client TMSNC before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function...

CVE-2005-3535

Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors...

CVE-2005-3535

Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors...

CVE-2005-3535

Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors...

CVE-2005-4466

Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab...

CVE-2005-4465

The Internet Key Exchange version 1 IKEv1 implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...

CVE-2005-4457

MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via several "..." triple dot sequences in a UID FETCH command...

CVE-2005-4287

PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php...

CVE-2005-3903

Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S scheme argument that specifies a large file, a different vulnerability than CVE-2001-1063...

CVE-2005-3533

Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename...

CVE-2005-4092

Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 3 and earlier allow remote attackers to cause a denial of service crash and execute arbitrary code via a .mov file with 1 a Movie Resource atom with a large size value, or 2 an stsd atom with a...

CVE-2005-3995

Format string vulnerability in the dosyslog function in the OBEX server obexsrv.c for Sobexsrv before 1.0.0-pre4, when the syslog -S function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands...

CVE-2005-3985

The Internet Key Exchange version 1 IKEv1 implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...

CVE-2005-3915

The Internet Key Exchange version 1 IKEv1 implementation in Clavister Client Web allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the...

Unalz 0.x - Archive Filename Buffer Overflow

Unalz 0.x - Archive Filename Buffer Overflow source: https://www.securityfocus.com/bid/15577/info The 'unalz' utility is prone to a buffer-overflow vulnerability. This issue is exposed when the application extracts an ALZ archive that contains a file with a long name. An attacker could exploit th...