cups-base -- HPGL buffer overflow vulnerability

Ariel Berkman has discovered a buffer overflow vulnerability in CUPS's HPGL input driver. This vulnerability could be exploited to execute arbitrary code with the permission of the CUPS server by printing a specially crated HPGL file...

jdk/jre -- Security Vulnerability With Java Plugin

The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code...

CVE-2004-0292

Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

RealPlayer Skin File Remote Buffer Overflow

According to its build number, the installed version of RealPlayer / RealOne Player for Windows may allow an attacker to execute arbitrary code on the remote host, with the privileges of the user running RealPlayer because of an overflow vulnerability in the third-party compression library...

Apache 1.3.x mod_include - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/11471/info The problem presents itself when the affected module attempts to parse modinclude-specific tag values. A failure to properly validate the lengths of user-supplied tag strings before copying them into finite buffers facilitates the overflow. ...

ncompress: Buffer overflow

Background ncompress is a utility handling compression and decompression of Lempel-Ziv archives, compatible with the original nix compress and uncompress utilities .Z extensions. Description compress and uncompress do not properly check bounds on command line options, including the filename. Larg...

CVE-2004-0905

CVE-2004-0905 affects Mozilla Firefox (before the Preview Release), Mozilla (before 1.7.3), and Thunderbird (before 0.8). The issue enables remote attackers to perform cross-domain scripting and potentially execute arbitrary code by convincing a user to drag and drop javascript: links to a frame ...

MacOSXLabs RsyncX 2.1 - Local Privilege Escalation

MacOSXLabs RsyncX 2.1 - Local Privilege Escalation source: https://www.securityfocus.com/bid/11211/info It is reported that RsyncX is prone to a local privilege escalation vulnerability. RsyncX is installed setuid root and setgid wheel. It is reported that RsyncX drops root privileges properly bu...

MacOSXLabs RsyncX 2.1 - Local Privilege Escalation

source: https://www.securityfocus.com/bid/11211/info It is reported that RsyncX is prone to a local privilege escalation vulnerability. RsyncX is installed setuid root and setgid wheel. It is reported that RsyncX drops root privileges properly but fails to drop setgid wheel privileges before...

Microsoft Office WordPerfect 5.x Converter contains a buffer overflow vulnerability

Overview A buffer overflow vulnerability in the Microsoft Office WordPerfect 5.x Converter could allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Office WordPerfect 5.x Converter allows users to convert documents in WordPerfect format to Microsof...

CVE-2004-0643

CVE-2004-0643 describes a double-free vulnerability in MIT Kerberos 5 (krb5) prior to or at 1.3.1, specifically in krb5_rd_cred, potentially allowing arbitrary code execution on vulnerable KDC/clients. Connected advisories extend this class of issues to Kerberos KDC and libraries (double-free bug...

CVE-2004-0822

Buffer overflow in The Core Foundation framework CoreFoundation.framework in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable...

Ipswitch WhatsUp Gold 7.0/8.0 - Notification Instance Name Remote Buffer Overflow

source: https://www.securityfocus.com/bid/11109/info The Ipswitch WhatsUp Gold web interface is prone to a remotely exploitable buffer overflow vulnerability. This may be exploited by authenticated users of the interface to execute arbitrary code in the context of the program. !/usr/bin/perl...

Grokster 1.32.6 KaZaA Media Desktop 1.3.x1.6.12.0.x - ActiveX Control Remote Buffer Overflow

Grokster 1.32.6 KaZaA Media Desktop 1.3.x1.6.12.0.x - ActiveX Control Remote Buffer Overflow source: https://www.securityfocus.com/bid/11101/info Altnet is reported prone to a remote buffer overflow vulnerability. This issue presents itself in an ActiveX control installed by the application...

CVE-2004-0754

Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages...

CVE-2002-0969

Buffer overflow in MySQL daemon mysqld before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group...

CVE-2002-1424

CVE-2002-1424 describes a buffer overflow in the munpack component of the mpack package (version 1.5 and earlier). The underlying issue allows remote attackers to cause a denial of service and potentially execute arbitrary code. Public advisories indicate fixes have been released in subsequent De...

CVE-2002-1244

Pablo FTP Server (versions 1.3 and 1.5, and possibly others) is affected by a format string vulnerability in the USER command due to incorrect handling of format string markers in user input. This can allow a remote attacker to cause a denial of service and, potentially, execute arbitrary code. T...

CVE-2002-1391

The CVE-2002-1391 issue affects mgetty prior to 1.1.29, where a buffer overflow in the internal handling of Caller ID CallerName could allow a remote attacker to cause a Denial of Service and potentially execute arbitrary code via a long Caller Name. The vulnerability is documented in multiple ad...

CVE-2002-1468

Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root...