CVE-2003-0644

Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands...

GLSA-200503-35 : Smarty: Template vulnerability

The remote host is affected by the vulnerability described in GLSA-200503-35 Smarty: Template vulnerability A vulnerability has been discovered within the regexreplace modifier of the Smarty templates when allowing access to untrusted users. Furthermore, it was possible to call functions from if...

CVE-2004-1710

The CVE-2004-1710 entry describes a remote command execution vulnerability in page.cgi, exploitable by sending shell metacharacters via the url parameter. The available sources do not specify affected products, versions, root cause specifics beyond the described command-injection vector, or concr...

CVE-2004-1660

CVE-2004-1660 affects CuteNews 1.3.6 and earlier. The vulnerability is a PHP remote file inclusion via the cutepath parameter to show_archives.php or show_news.php, enabling remote code execution. Public references (NVD entry) confirm the affected software, vulnerability class, and attack vector ...

CVE-2004-1138

CVE-2004-1138 affects Vim and GVim up to version 6.3. A crafted modeline can be executed when a file is viewed with certain options (termcap, printdevice, titleold, filetype, syntax, backupext, keymap, patchmode, langmenu), enabling local command execution with the user’s privileges. Mitigations/...

freebsd/x86 execve /bin/sh 37 bytes

No description provided by source. / This is FreeBSD execve code.It is 37 bytes long.I'll try to make it smaller.Till then use this one. signed predator preedatoratsendmaildotru / char FreeBSDcode= "\xeb\x17\x5b\x31\xc0\x88\x43\x07\x89\x5b\x08\x89\x43\x0c\x50\x8d"...

CVE-2004-0159

Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and potentially execute arbitrary code via file names crafted to trigger unsafe handling during directory listings. Debian’s DSA-447-1 confirms the fix is to upgrade hsftp (current patched ver...

CVE-2003-0015

CVE-2003-0015 describes a double-free in CVS

CVE-2003-1051

CVE-2003-1051 affects IBM DB2 Universal Database 8.1. It describes multiple format-string vulnerabilities that could allow local users to execute arbitrary code via certain command-line arguments to db2start, db2stop, or db2govd. Root cause: format string handling issues in the involved binaries....

CVE-2003-0538

The mailcap configuration in mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, allowing remote attackers to execute arbitrary Oz programs in a MIME-aware client. Impact is arbitrary code execution under the user running the MIME client; affected: mozart with mail...

CVE-2003-0433

Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code...

CVE-2002-0944

Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03–6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the (1) user-agent or (2) referrer, which are not filtered by the stats program. Affected: DeepMetrix LiveStats versions 5.03 through 6.2.1. Impact: ...

CVE-2002-0959

The CVE-2002-0959 entry refers to a Cross-site scripting vulnerability in Splatt Forum 3.0. The issue allows remote attackers to execute arbitrary script as other users by abusing an tag with a closing quote followed by malicious script. According to the NVD entry, the vulnerability has a base s...

CVE-1999-0343

The CVE-1999-0343 entry concerns the Palace client vulnerability where a malicious Palace server can force a client to execute arbitrary programs. Affected component: Palace (client behavior). Root cause: exploitation by the server could lead to arbitrary code execution on the client. Impact is d...