GLSA-200711-21 : Bochs: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200711-21 Bochs: Multiple vulnerabilities Tavis Ormandy of the Google Security Team discovered a heap-based overflow vulnerability in the NE2000 driver CVE-2007-2893. He also discovered a divide-by-zero error in the emulated flopp...

Apple QuickTime heap buffer overflow vulnerability

Overview Apple QuickTime contains a buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to execute code. Description Apple QuickTime is a media player that includes a browser plugin. Color table atoms can set a list of preferred colors for displaying movieson...

gtar -- GNU TAR safer_name_suffix Remote Denial of Service Vulnerability

SecurityFocus reports: GNUs tar and cpio utilities are prone to a denial-of-service vulnerability because of insecure use of the alloca function. Successfully exploiting this issue allows attackers to crash the affected utilities and possibly to execute code but this has not been confirmed...

openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-2652)

Following security problems were fixed in OpenOfficeorg : CVE-2007-0002: Various problems were fixed in the Wordperfect converter library libwpd in OpenOfficeorg which could be used by remote attackers to potentially execute code or crash OpenOfficeorg. CVE-2007-0238: A stack overflow in the...

openSUSE 10 Security Update : lighttpd (lighttpd-3985)

Multiple bugs in lighttpd allowed remote attackers to crash lighttpd, circumvent access restricions or even execute code. CVE-2007-3946, CVE-2007-3947, CVE-2007-3948, CVE-2007-3949, CVE-2007-3950 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

phpmyadmin -- cross-site scripting vulnerability

SecurityFocus reports: phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Norman Virus Control nvcoaft51.sys ioctl BF672028 Exploit

No description provided by source. / Norman Virus Control nvcoaft51.sys ioctl BF672028 exploit Abstract nvcoaft51.sys driver receive as parameter in some ioctl's a pointer to a KEVENT struct, calling KeSetEvent without any prior check. The device created by the driver NvcOa can be opened by any...

Microsoft Virtual PC / Virtual Server buffer overflow

Heap based buffer overflow allows guest operation system user with administrative privileges to execute code on host operation system or another guest operation system...

CVE-2007-3302

The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA formerly Computer Associates eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."...

CVE-2007-3666

Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Prototype of an PHP application 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the pathinc parameter to 1 index.php in gestion/; 2 identification.php, 3 disconnect.php, 4 loginliste.php, 5 loginmodif.php, 6 index.php, an...

PT-2007-3426 · Mobilepublisher · Mobilepublisherphp

Name of the Vulnerable Software and Affected Versions: MobilePublisherphp version 1.1.2 Description: A remote file inclusion issue allows remote attackers to execute arbitrary PHP code via a URL in the auth method parameter to various PHP files in the admin directory, including "index.php",...

DSA-1278-1 man-db - buffer overflow

Bulletin has no description...

SUSE-SA:2007:008: XFree86-server,xorg-x11-server,xloader

The remote host is missing the patch for the advisory SUSE-SA:2007:008 XFree86-server,xorg-x11-server,xloader. This update fixes three memory corruptions within the X server which could be used by local attackers with access to this display to crash the X server and potentially execute code...

SUSE-SA:2007:004: krb5

The remote host is missing the patch for the advisory SUSE-SA:2007:004 krb5. Various bugs in the Kerberos5 libraries and tools were fixed which could be used by remote attackers to crash and potentially execute code in kadmind. - CVE-2006-6144 / MITKRB5-SA-2006-002: the RPC library could call an...

CVE-2007-0453

Buffer overflow in the nsswinbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the 1 gethostbyname and 2 getipnodebyname functions...

AtomixMP3 <= 2.3 Malformed M3U Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ====================================================== AtomixMP3 November 2006 - Month Of Greg's Media Player Exploits : i'll probably continue it into December Discovered and Reported By: Greg Linares email protected Reported Exploit Date:...

NVIDIA Display Driver for Unix systems vulnerable to buffer overflow

Overview A vulnerability in the NVIDIA Display Driver for Unix systems may allow a remote attacker to execute code on a vulnerable system. Description The NVIDIA Display Driver for Unix systems provides access to the display adapter's accelerated features on supported systems, and includes a modu...

OpenSSH < 4.4 Multiple Vulnerabilities

Binary data 3751.prm...

punbb -- NULL byte injection vulnerability

CVE Mitre reports: PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to adminoptions.php with an avatarsdir parameter ending in %00. NOTE:...