8515 matches found
Debian DSA-1543-1 : vlc - several vulnerabilities
Luigi Auriemma, Alin Rad Pop, Remi Denis-Courmont, Quovodis, Guido Landi, Felipe Manzano, Anibal Sacco and others discovered multiple vulnerabilities in vlc, an application for playback and streaming of audio and video. In the worst case, these weaknesses permit a remote, unauthenticated attacker...
[NEWS] Xitami Web Server Multiple Vulnerabilities (Exploit)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Xitami web server format string vulnerability
Format string vulnerability on SSI files handling...
Format string
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface...
CVE-2008-0963
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface...
CVE-2008-0963
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface...
CVE-2008-0963
EMC DiskXtender MediaStor 6.20.060 is affected by a format-string vulnerability in the RPC interface (UUID b157b800-aef5-11d3-ae49-00600834c15f). The service passes an unvalidated string to a formatting function, allowing remote authenticated users to execute arbitrary code with the privileges of...
ICQ 6 HTML Code Generation Remote Format String
Binary data 4405.prm...
EMC DiskXtender multiple security vulnerabilities
Authentication bypass, buffer overflow, format string vulnerability...
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability
iDefense Security Advisory 04.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 09, 2008 I. BACKGROUND EMC DiskXtender is a data backup and migration suite. It consists of several applications that are used to manage storing large quantities of files across multiple storage devices...
EMC DiskXtender MediaStor组件远程格式串处理漏洞
CVECAN ID: CVE-2008-0963 EMC DiskXtender是一款数据备份、迁移套件。 DiskXtender产品的MediaStor组件在处理UUID为b157b800-aef5-11d3-ae49-00600834c15f的RPC接口上请求时,服务没有正确地验证请求中格式串的内容。由于该格式串直接传送给了格式化函数,因此远程攻击者可以执行格式串攻击,导致以受影响服务的权限执行任意指令。必须要通过认证才能利用这个漏洞。 EMC DiskXtender 6.20.60 EMC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
GNU m4格式串及文件名引用漏洞
BUGTRAQ ID: 28688 CVECAN ID: CVE-2008-1687,CVE-2008-1688 GNU M4是广泛应用的GNU宏处理器。 GNU M4的src/freeze.c文件中的producefrozenstate函数存在格式串处理漏洞,如果向m4 -F传送了特制的文件名参数的话,就可能导致执行任意指令。 GNU M4在实现maketemp和mkstemp宏时存在漏洞,如果输出字符串中包含有特殊字符的话,就可能导致处理不正确的文件。 GNU m4 1.4.10 GNU --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Format string
Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...
CVE-2008-1658
Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...
CVE-2008-1658
Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...
DEBIAN-CVE-2008-1658
Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...
CVE-2008-1658
Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...
CVE-2008-1658
The CVE-2008-1658 entry describes a format string vulnerability in PolicyKit’s grant helper (polkit-grant-helper.c) affecting PolicyKit 0.7 and earlier. The vulnerability can cause a denial of service (crash) and may allow arbitrary code execution via crafted format strings in a password. Public ...
CVE-2008-1658
Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...
CVE-2008-1705
Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the 1 user name, 2 peer name, and possibly unspecified other fields...