FreeBSD : a2ps -- format string vulnerability (e359051d-90bd-11e5-bd18-002590263bf5)

Jong-Gwon Kim reports : When user runs a2ps with malicious crafted proa2ps prologue file, an attacker can execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...

Updated latex2rtf packages fix security vulnerability

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...

MGASA-2015-0453 Updated latex2rtf packages fix security vulnerability

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...

a2ps -- format string vulnerability

Jong-Gwon Kim reports: When user runs a2ps with malicious crafted proa2ps prologue file, an attacker can execute arbitrary code...

Internet Bug Bounty: zend_throw_or_error() format string vulnerability

https://bugs.php.net/bug.php?id=70914...

CVE-2001-0187

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment...

CVE-2006-6105

Format string vulnerability in the host chooser window gdmchooser in GNOME Foundation Display Manager gdm allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog...

CVE-2006-0743

Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

The vulnerability of the Kaspersky Anti-Virus antivirus protection allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of Kaspersky Anti-Virus lies in the insufficient processing of a specific format string, which leads to buffer overflows. Exploiting this vulnerability can allow an attacker to cause service interruptions or execute arbitrary code using DEX files during the antivirus software’s...

Cisco Email Security Appliance Format String Vulnerability

Cisco Email Security Appliance contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service condition. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Oracle: Security Advisory (ELSA-2007-0721)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0362)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-6285

Format string vulnerability in Cisco Email Security Appliance ESA 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service memory overwrite or service outage via format string specifiers in an HTTP request, aka Bug ID CSCug21497...

Format string

Format string vulnerability in Cisco Email Security Appliance ESA 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service memory overwrite or service outage via format string specifiers in an HTTP request, aka Bug ID CSCug21497...

CVE-2015-6285

Format string vulnerability in Cisco Email Security Appliance ESA 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service memory overwrite or service outage via format string specifiers in an HTTP request, aka Bug ID CSCug21497...

CVE-2015-6285

CVE-2015-6285 describes a format-string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 that can be exploited remotely by sending crafted HTTP requests to trigger a DoS (memory overwrite or service outage). The issue stems from improper handling/validation of format specifie...

Cisco Email Security Appliance Format String Vulnerability

Cisco Email Security Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition on the affected device. Updates are not available. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a...

Cisco Email Security Appliance Format String Vulnerability

The Cisco Email Security Appliance is an email security protection solution. The Cisco Email Security Appliance has a format string vulnerability that can be exploited by an attacker to cause a denial of service by sending a constructed HTTP request...

Cisco Email Security Appliance Format String Vulnerability

The Cisco Email Security Appliance ESA contains a vulnerability that could allow an unauthenticated, remote attacker to impact the integrity and availability of services and data on the affected device. The impact includes a partial denial of service DoS. In addition, the attacker could override...