CVE-2011-4357

Format string vulnerability in the pcgierror function in python/neocgi.c in the Python CGI Kit neocgi module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers that are not properly handled...

[SECURITY] [DSA 2355-1] clearsilver security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2355-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2011 http://www.debian.org/security/faq -...

Debian DSA-2355-1 : clearsilver - format string vulnerability

Leo Iannacone and Colin Watson discovered a format string vulnerability in the Python bindings for the Clearsilver HTML template system, which may lead to denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

[SECURITY] [DSA 2355-1] clearsilver security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2355-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2011 http://www.debian.org/security/faq -...

DSA-2355-1 clearsilver - format string vulnerability

Bulletin has no description...

PHP 5.1.x < 5.1.2 Multiple Vulnerabilities

According to its banner, the version of PHP 5.1.x installed on the remote host is older than 5.1.2. Such versions may be affected by multiple vulnerabilities : - A format string vulnerability exists in the error-reporting feature of the mysqli extension. CVE-2006-0200 - Multiple HTTP response...

Format string

Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file...

CVE-2011-0185

The CVE-2011-0185 entry concerns a format-string vulnerability in the Application Firewall’s debug-logging feature on Apple Mac OS X prior to 10.7.2, allowing local privilege escalation via a crafted executable name. Affected product: Mac OS X (Application Firewall). Root cause: format string iss...

CVE-2011-0185

Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file...

FreeBSD : pecl-phar -- format string vulnerability (da3d381b-0ee6-11e0-becc-0022156e8794)

Entry for CVE-2010-2094 says : Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the 1...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

DEBIAN-CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

Format string

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

CVE-2011-1764

Summary: CVE-2011-1764 is a format string vulnerability in Exim’s DKIM handling. The flaw affects Exim before 4.76, in the dkim_exim_verify_finish function (src/dkim.c). By injecting format specifiers (e.g., a % character) into data used for DKIM logging (identity field), an unauthenticated remot...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

Quick easy ftp server 4.0.0 plurality of command format string vulnerability-vulnerability warning-the black bar safety net

Version: Quick easy ftp server 4.0.0 other version not test Test: W2K SP4 Quick easy ftp server 4.0.0 is not safe to use wsprintfA function for string operations, resulting in format string vulnerabilities. The affected commands include LS, CD, USER, etc. Wherein the USER command does not need to...

Nfs-utils rpc.statd Multiple Remote Format String Vulnerabilities

The remote statd service is prone to multiple remote format string vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Fortinet FortiClient Crafted VPN Connection Name Handling Local Format String

FortiClient, a client-based software solution intended to provide security features for enterprise computers and mobile devices, is installed on the remote Windows host. The installed version does not properly handle format string specifiers within a VPN connection name. A local user may be able ...