Lucene search
K

8905 matches found

Tenable Nessus
Tenable Nessus
added 2005/09/14 12:0 a.m.39 views

NOD32 Antivirus ARJ Archive Filename Handling Overflow

The remote host is running NOD32 Antivirus, from eset. The installed version of NOD32 Antivirus is reportedly prone to a heap-based buffer overflow when processing ARJ archives with long filenames. An attacker may be able to exploit this issue to execute arbitrary code on the remote host. C Tenab...

7.5CVSS6.1AI score0.0385EPSS
Exploits1References3
NVD
NVD
added 2005/09/08 10:3 a.m.38 views

CVE-2005-2856

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including 1 ALZip 5.51 through 6.11, 2 Servant Salamander 2.0 and 2.5 Beta 1, 3 WinHKI 1.66 and 1.67, 4 ExtractNow 3.x, 5 Total Commander 6.53, 6 Anti-Trojan 5.5.421,...

7.5CVSS7.7AI score0.15681EPSS
Exploits0References84
NVD
NVD
added 2005/08/16 4:0 a.m.26 views

CVE-2005-2102

The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service application crash via a filename that contains invalid UTF-8 characters...

5CVSS9AI score0.01887EPSS
Exploits0References7
Cvelist
Cvelist
added 2005/08/16 4:0 a.m.18 views

CVE-2004-2384

NullSoft Winamp 5.02 allows remote attackers to cause a denial of service crash by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line...

6.7AI score0.02618EPSS
Exploits1References4
FreeBSD
FreeBSD
added 2005/08/09 12:0 a.m.36 views

gaim -- AIM/ICQ non-UTF-8 filename crash

The GAIM team reports: A remote user could cause Gaim to crash on some systems by sending the Gaim user a file whose filename contains certain invalid characters. It is unknown what combination of systems are affected, but it is suspected that Windows users and systems with older versions of GTK+...

5CVSS6.3AI score0.01887EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2005/07/27 12:0 a.m.26 views

MDaemon 8.0 - Content Filter Directory Traversal

source: https://www.securityfocus.com/bid/14400/info MDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input. Failure to sanitize the filename and path may result in compromise of the file system outside of the application's quarantine directory...

7AI score
Exploits0
Cvelist
Cvelist
added 2005/07/19 4:0 a.m.19 views

CVE-2004-2284

The readlistfromfile function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument...

7.6AI score0.03404EPSS
Exploits0References6
Cvelist
Cvelist
added 2005/07/17 4:0 a.m.26 views

CVE-2004-2255

Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename...

6.9AI score0.01983EPSS
Exploits0References7
Cvelist
Cvelist
added 2005/07/17 4:0 a.m.39 views

CVE-2005-2195

Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service application crash via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502...

6.2AI score0.01561EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2005/07/14 4:0 a.m.36 views

CVE-2002-2047

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript EPS file...

10CVSS7AI score0.03288EPSS
Exploits0
Debian CVE
Debian CVE
added 2005/07/14 4:0 a.m.36 views

CVE-2001-1562

Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...

7.2CVSS6.4AI score0.00397EPSS
Exploits0
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.22 views

CVE-2001-1562

Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...

6.3AI score0.00397EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.22 views

FreeBSD : portupgrade -- insecure temporary file handling vulnerability (22f00553-a09d-11d9-a788-0001020eed82)

Simon L. Nielsen discovered that portupgrade handles temporary files in an insecure manner. This could allow an unprivileged local attacker to execute arbitrary commands or overwrite arbitrary files with the permissions of the user running portupgrade, typically root, by way of a symlink attack...

7.2CVSS5.9AI score0.00385EPSS
Exploits0References2
CVE
CVE
added 2005/07/10 4:0 a.m.58 views

CVE-2004-2187

Technical details are not publicly available in the provided documents for CVE-2004-2187; the description remains generic (MediaWiki 1.3.5 and filename validation) with unknown impact vectors. Monitor for updates as more information becomes available.

5CVSS6.5AI score0.00895EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2005/07/10 4:0 a.m.17 views

CVE-2004-2187

Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors...

6.5AI score0.00895EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2005/07/10 4:0 a.m.39 views

CVE-2004-2187

Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors...

5CVSS6.4AI score0.00895EPSS
Exploits0
Cvelist
Cvelist
added 2005/06/29 4:0 a.m.27 views

CVE-2005-2075

PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/dbbackups directory in PHP-Fusion 6.0 ...

6.2AI score0.06844EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.26 views

CVE-2002-1812

Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter...

7.5AI score0.01123EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.20 views

CVE-2002-1692

Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up...

7.7AI score0.01505EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/06/20 4:0 a.m.20 views

CVE-2005-1994

Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e"...

6.7AI score0.01425EPSS
Exploits0References5
Rows per page
Query Builder