Lucene search
K

8517 matches found

CVE
CVE
added 2007/11/30 12:0 a.m.65 views

CVE-2007-6183

CVE-2007-6183: A format-string vulnerability in Ruby-GNOME 2 (Ruby-GNOME2) 0.16.0 and SVN builds before 20071127 affects the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c. The message parameter’s format specifiers can allow context-dependent attackers to execute arbitrary code. The is...

6.8CVSS7AI score0.0338EPSS
Exploits1References20Affected Software1
Debian CVE
Debian CVE
added 2007/11/30 12:0 a.m.11 views

CVE-2007-6183

Removed by vendor...

6.8CVSS6.6AI score0.0338EPSS
Exploits1
securityvulns
securityvulns
added 2007/11/29 12:0 a.m.38 views

Ruby/Gnome2 0.16.0 Format String Vulnerability

RubyGnome2 0.16.0 Format String Vulnerability In Gtk::MessageDialog http://em386.blogspot.com Ruby Gnome2 is a project to provide GTK2 bindings to ruby scripts so you can write GUI code in less time. There is a format string vulnerability in Gtk::MessageDialog. This design flaw does not allow for...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/11/29 12:0 a.m.25 views

RubyGnome2 format string vulnerability

Format string vulnerability in Gtk::MessageDialog.new...

6.8CVSS2.1AI score0.0338EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2007/11/27 12:0 a.m.19 views

CVE-2007-6183 ruby-gnome2: format string vulnerability

Format string vulnerability in the mdiaginitialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 aka Ruby/Gnome2 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter...

6.8CVSS7.1AI score0.0338EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2007/11/14 1:46 a.m.17 views

CVE-2007-3880

Format string vulnerability in srsexec in Sun Remote Services SRS Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core SUNWsrspx package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog...

7.2CVSS6.5AI score0.00333EPSS
Exploits0References8
Prion
Prion
added 2007/11/14 1:46 a.m.18 views

Format string

Format string vulnerability in srsexec in Sun Remote Services SRS Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core SUNWsrspx package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog...

7.2CVSS6.8AI score0.00333EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/11/14 1:0 a.m.25 views

CVE-2007-3880

Format string vulnerability in srsexec in Sun Remote Services SRS Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core SUNWsrspx package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog...

6.5AI score0.00333EPSS
Exploits0References8
CVE
CVE
added 2007/11/14 1:0 a.m.52 views

CVE-2007-3880

CVE-2007-3880 is a format-string vulnerability in the srsexec binary of Sun Remote Services Net Connect (SUNWsrspx), affecting Solaris 8/9/10 via NetConnect 3.2.3/3.2.4. An attacker with local access to a set-UID root srsexec can trigger syslog handling of crafted input containing format specifie...

7.2CVSS6.4AI score0.00333EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2007/11/13 12:0 a.m.4 views

DTSA-84-1 perdition - format string vulnerability

Bulletin has no description...

7.5CVSS6.3AI score0.12383EPSS
Exploits0
securityvulns
securityvulns
added 2007/11/12 12:0 a.m.25 views

IBM Informix Dynamic Server privilege escalation

Directory traversal on DBLANG environment variable parsing allows to specify attacker-controlled NLS files, leading to possibility of format string attacks for suid applications...

5.4AI score
Exploits0References1Affected Software1
CVE
CVE
added 2007/11/10 12:0 a.m.37 views

CVE-2007-5396

Miranda IM 0.7.1 is affected by a format-string vulnerability in the ext_yahoo_contact_added function (yahoo.c) that allows remote code execution via a Y7 Buddy Authorization packet containing format specifiers in the contact Yahoo! handle (who). This CVE-2007-5396 issue is triggered by crafted i...

6.8CVSS7.6AI score0.02473EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.40 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 regression (USN-424-2)

USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Multiple buffer overflows have been discovered in various PHP modules. If a PHP application...

10CVSS6.6AI score0.11752EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.19 views

Ubuntu 6.06 LTS / 6.10 : gdm vulnerability (USN-396-1)

A format string vulnerability was discovered in the gdmchooser component of the GNOME Display Manager. By typing a specially crafted host name, local users could gain gdm user privileges, which could lead to further account information exposure. Note that Tenable Network Security has extracted th...

4.3CVSS5.4AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.24 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : ekiga, gnomemeeting vulnerability (USN-434-1)

It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges. Note that Tenable Network...

9.3CVSS6AI score0.03442EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.25 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : samba vulnerabilities (USN-419-1)

A flaw was discovered in Samba's file opening code, which in certain situations could lead to an endless loop, resulting in a denial of service. CVE-2007-0452 A format string overflow was discovered in Samba's ACL handling on AFS shares. Remote users with access to an AFS share could create craft...

7.5CVSS8.7AI score0.06412EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.43 views

Ubuntu 5.10 : mysql-dfsg-4.1 vulnerability (USN-321-1)

Jean-David Maillefer discovered a format string bug in the dateformat function's error reporting. By calling the function with invalid arguments, an authenticated user could exploit this to crash the server. Note that Tenable Network Security has extracted the preceding description block directly...

4CVSS5.3AI score0.26815EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.30 views

Ubuntu 6.06 LTS / 6.10 / 7.04 : qt-x11-free vulnerability (USN-495-1)

Several format string vulnerabilities have been discovered in Qt warning messages. By causing an application to process specially crafted input data which triggered Qt warnings, this could be exploited to execute arbitrary code with the privilege of the user running the application. Note that...

6.8CVSS6AI score0.04203EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.25 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : ekiga, gnomemeeting vulnerabilities (USN-426-1)

Mu Security discovered a format string vulnerability in Ekiga. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding...

10CVSS5.8AI score0.07031EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.24 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : inkscape vulnerability (USN-438-1)

A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from t...

6.8CVSS6AI score0.03364EPSS
Exploits0References3
Rows per page
Query Builder