security flaw

Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in 1 the TIFFFetchAnyArray function in a tifdirread.c; 2 certain "codec cleanup methods" in b tiflzw.c, c tifpixarlog.c, and d tifzip.c; 3 and...

DEBIAN-CVE-2006-2025

Integer overflow in the TIFFFetchData function in tifdirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image...

security flaw

Buffer overflow in the imapfetchoverview function in the IMAP functionality phpimap.c in PHP before 4.3.3 allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long e-mail address in a 1 To or 2 From header...

CVE-2006-0051

Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the httppeek function...

[SA19168] Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability

TITLE: Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability SECUNIA ADVISORY ID: SA19168 VERIFY ADVISORY: http://secunia.com/advisories/19168/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: IMail Secure Server 2006 http://secunia.com/product/8651/ IMail Server 2006...

CVE-2005-4457

MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via several "..." triple dot sequences in a UID FETCH command...

phpBB Fetch All < 2.0.12

The remote host is running a version of phpBB FetchAll older than 2.0.12. It is reported that this version of phpBB Fetch All is susceptible to an SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL quer...

CVE-2005-3330

The httpsrequest function in Snoopy 1.2, as used in products such as 1 MagpieRSS, 2 WordPress, 3 Ampache, and 4 Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function...

CVE-2005-3330

The httpsrequest function in Snoopy 1.2, as used in products such as 1 MagpieRSS, 2 WordPress, 3 Ampache, and 4 Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function...

PT-2005-3723 · Microsoft +1 · Windows +3

Name of the Vulnerable Software and Affected Versions: Rediff Bol version 7.0 Description: The issue allows remote attackers to read the Windows Address Book. This is achieved via the FullAddressBook method of the Fetch.FetchContact.1 ActiveX control, which is part of the Fetch.dll component...

FreeBSD : Cyrus IMAPd -- FETCH command out of bounds memory corruption (c0a269d5-3d16-11d9-8818-008088034841)

The argument parser of the fetch command suffers a bug very similiar to the partial command problem. Arguments like 'bodyp', 'binaryp' or 'binaryp' will be wrongly detected and the bufferposition can point outside of the allocated buffer for the rest of the parsing process. When the parser trigge...

Debian DSA-732-1 : mailutils - several vulnerabilities

'infamous41md' discovered several vulnerabilities in the GNU mailutils package which contains utilities for handling mail. These problems can lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities. ...

DEBIAN-CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-0247

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

security flaw

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

security flaw

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...