CVE-2005-2657

Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before...

CVE-2005-2657

Removed by vendor...

Twiki rev Parameter Arbitrary Shell Command Execution

Binary data 3223.prm...

MS Windows (keybd_event) Local Privilege Elevation Exploit

Exploit for unknown platform in category local exploits ========================================================== MS Windows keybdevent Local Privilege Elevation Exploit ========================================================== / Microsoft Windows keybdevent validation vulnerability. Local...

LeapFTP .lsq Buffer Overflow Vulnerability

LeapFTP .lsq Buffer Overflow Vulnerability by Sowhat Last Update:2005.08.24 http://secway.org/advisory/AD20050824.txt Vendor: LeapWare Inc. Product Affected: LeapFTP 2.7.6.612 Overview: LeapFTP is the award-winning shareware FTP client that combines an intuitive interface with one of the most...

CVE-2005-2559

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via 1 shell metacharacters in the epingcount parameter or 2 restricted shell metacharacters such as "" and "&" in the epinghost parameter, which is not handled by the...

[Full-disclosure] Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHPXMLRPC Remote PHP Code Injection Vulnerability Release Date: 2005/08/15 Last Modified: 2005/08/15 Author: Stefan Esser [email protected] Application: PHPXMLRPC = 1.1....

GNOME gedit contains format string vulnerability

Overview gedit has a format string vulnerability in some error dialogs that can occur when a file is opened for editing. Description gedit is the official text editor of the GNOME desktop environment. gedit 2.10.2 has a format string error in some some error dialogs that can occur when a file is...

MySQL AB Eventum 1.x - view.php?id Cross-Site Scripting

MySQL AB Eventum 1.x - view.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

CVE-2005-2372

Oracle Forms 4.5 through 10g starts form executables from arbitrary directories and executes them as the Oracle or System user, which allows attackers to execute arbitrary code by uploading a malicious .fmx file and referencing it using an absolute pathname argument in the 1 form or 2 module...

Asn Guestbook 1.5 - footer.php?version Cross-Site Scripting

Asn Guestbook 1.5 - footer.php?version Cross-Site Scripting source: https://www.securityfocus.com/bid/14356/info Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Debian DSA-765-1 : heimdal - buffer overflow

Gael Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server. %NASLMINLEVEL 70300 C Tenable...

Debian DSA-762-1 : affix - several vulnerabilities

Kevin Finisterre discovered two problems in the Bluetooth FTP client from affix, user space utilities for the Affix Bluetooth protocol stack. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-2250 A buffer overflow allows remote attackers to...

Small HTTP Server 3.05.28 - Arbitrary Data Execution

!/usr/bin/perl sHTTP FTPServer Abritary Data Execution Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\PERLperl shttp.pl localhost C:\shttps ? Version: libwww-perl-5.76 + Connect to localhost... + Connected + Send user and pass.. + Logged in! +...

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow

source: https://www.securityfocus.com/bid/14282/info Microsoft Internet Explorer is prone to a buffer overflow vulnerability in the JPEG image rendering library used by the browser. This issue is due to a failure of the application to properly bounds check input data prior to copying it to a fixe...

CVE-2005-2269

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...

CVE-2005-2269

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...

FreeBSD : ruby -- arbitrary command execution on XMLRPC server (594eb447-e398-11d9-a8bd-000cf18bbe54)

Nobuhiro IMAI reports : the default value modification on Modulepublicinstancemethods from false to true breaks s.addhandlerXMLRPC::iPIMethods'sample', MyHandler.new style security protection. This problem could allow a remote attacker to execute arbitrary commands on XMLRPC server of libruby...

FreeBSD : horde -- XSS vulnerabilities (338d1723-5f03-11d9-92a7-000bdb1444a4)

A Hyperdose Security Advisory reports : Horde contains two XSS attacks that can be exploited through GET requests. Once exploited, these requests could be used to execute any JavaScript commands in the context of that user, potentially including but not limited to reading and deleting email, and...

MITKRB5-SA-2005-003: double-free in krb5_recvauth

MIT krb5 Security Advisory 2005-003 Original release: 2005-07-12 Topic: double-free in krb5recvauth Severity: CRITICAL SUMMARY ======= The krb5recvauth function can free previously freed memory under some error conditions. This vulnerability may allow an unauthenticated remote attacker to execute...