SUSE-SA:2007:008: XFree86-server,xorg-x11-server,xloader

The remote host is missing the patch for the advisory SUSE-SA:2007:008 XFree86-server,xorg-x11-server,xloader. This update fixes three memory corruptions within the X server which could be used by local attackers with access to this display to crash the X server and potentially execute code...

CVE-2007-0453

Buffer overflow in the nsswinbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the 1 gethostbyname and 2 getipnodebyname functions...

AtomixMP3 <= 2.3 Malformed M3U Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ====================================================== AtomixMP3 November 2006 - Month Of Greg's Media Player Exploits : i'll probably continue it into December Discovered and Reported By: Greg Linares email protected Reported Exploit Date:...

NVIDIA Display Driver for Unix systems vulnerable to buffer overflow

Overview A vulnerability in the NVIDIA Display Driver for Unix systems may allow a remote attacker to execute code on a vulnerable system. Description The NVIDIA Display Driver for Unix systems provides access to the display adapter's accelerated features on supported systems, and includes a modu...

OpenSSH < 4.4 Multiple Vulnerabilities

Binary data 3751.prm...

punbb -- NULL byte injection vulnerability

CVE Mitre reports: PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to adminoptions.php with an avatarsdir parameter ending in %00. NOTE:...

CVE-2006-4346

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...

CVE-2006-3464

TIFF library libtiff before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic...

CVE-2006-3908

Format string vulnerability in the flushoutput function in ConsoleStreambuf.cpp in Game Network Engine GNE 0.70 and earlier allows remote attackers to cause a denial of service crash and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console...

CVE-2006-3908

Format string vulnerability in the flushoutput function in ConsoleStreambuf.cpp in Game Network Engine GNE 0.70 and earlier allows remote attackers to cause a denial of service crash and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console...

CVE-2006-3809

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context...

CVE-2006-3809

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context...

DSA-1116 gimp - buffer overflow

Bulletin has no description...

CVE-2006-3600

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp TunePimp 0.4.2 allow remote user-assisted attackers to cause a denial of service application crash and possibly execute code via a long 1 Album release date MBEReleaseGetDate, 2 data, or 3 error strings...

CVE-2006-3600

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp TunePimp 0.4.2 allow remote user-assisted attackers to cause a denial of service application crash and possibly execute code via a long 1 Album release date MBEReleaseGetDate, 2 data, or 3 error strings...

Remote file inclusion

PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 inc/logincheck.inc.php, 2 inc/adminheader.inc.php, 3 inc/global.php, or 4 inc/mainheader.inc.php. NOTE: some of these vectors were also...

CVE-2006-2776

Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended...

Stack overflow

Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy...

CVE-2006-2349

E-Business Designer eBD 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to 1 common/htmleditor/imagebrowser.upload.html, 2 common/htmleditor/imagebrowser.html, or 3 common/htmleditor/htmleditor.html. NOTE: this can al...

Code injection

Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl...