CVE-2006-4346

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...

CVE-2006-3464

TIFF library libtiff before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic...

CVE-2006-3908

Format string vulnerability in the flushoutput function in ConsoleStreambuf.cpp in Game Network Engine GNE 0.70 and earlier allows remote attackers to cause a denial of service crash and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console...

CVE-2006-3908

Format string vulnerability in the flushoutput function in ConsoleStreambuf.cpp in Game Network Engine GNE 0.70 and earlier allows remote attackers to cause a denial of service crash and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console...

CVE-2006-3809

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context...

CVE-2006-3809

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context...

DSA-1116 gimp - buffer overflow

Bulletin has no description...

CVE-2006-3600

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp TunePimp 0.4.2 allow remote user-assisted attackers to cause a denial of service application crash and possibly execute code via a long 1 Album release date MBEReleaseGetDate, 2 data, or 3 error strings...

CVE-2006-3600

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp TunePimp 0.4.2 allow remote user-assisted attackers to cause a denial of service application crash and possibly execute code via a long 1 Album release date MBEReleaseGetDate, 2 data, or 3 error strings...

Remote file inclusion

PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 inc/logincheck.inc.php, 2 inc/adminheader.inc.php, 3 inc/global.php, or 4 inc/mainheader.inc.php. NOTE: some of these vectors were also...

CVE-2006-2776

Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended...

Stack overflow

Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy...

CVE-2006-2349

E-Business Designer eBD 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to 1 common/htmleditor/imagebrowser.upload.html, 2 common/htmleditor/imagebrowser.html, or 3 common/htmleditor/htmleditor.html. NOTE: this can al...

Code injection

Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl...

CVE-2006-1594

Multiple directory traversal vulnerabilities in document/rqmkhtml.php in Claroline 1.7.4 and earlier allow remote attackers to use ".." dot dot sequences to 1 read arbitrary files via the file parameter in a rqEditHtml command to document/rqmkhtml.php or 2 execute arbitrary code via the includePa...

Mantis File Inclusion and SQL Injection Flaws

The remote web server contains a PHP application that is affected by multiple flaws. Description : The remote version of Mantis suffers from a remote file inclusion vulnerability. Provided PHP's 'registerglobals' setting is enabled, An attacker may be able to leverage this issue to read arbitrary...

Update Protection against Tftpd32 Request Error Message Format String Vulnerability

Tftpd32 is a freeware TFTP server designed for Microsoft Windows operating systems. A vulnerability has been identified in Tftpd32, specifically in the processing of Get requests containing a malformed filename. An attacker capable of sending a specially crafted filename can cause a vulnerable...

CVE-2006-1182

Adobe Graphics Server 2.0 and 2.1 formerly AlterCast and Adobe Document Server ADS 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the 1 saveContent...

CVE-2006-1182

Adobe Graphics Server 2.x and Adobe Document Server (ADS) 5.x/6.x are affected by CVE-2006-1182. A crafted SOAP request to the AlterCast web service can invoke saveContent, saveOptimized ADS, or loadContent commands to read files with certain extensions, overwrite arbitrary files, or execute code...

linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+

linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+. Shellcode exploit for linx86 platform / linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ This shellcode allows you to download a binary code straight off a standard HTTP server and execute it. The downloaded shellcode e.g. binary code wi...