8517 matches found
Format string
The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism...
CVE-2007-5740
The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism...
CVE-2007-5740
The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism...
DEBIAN-CVE-2007-5740
The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism...
CVE-2007-5740
CVE-2007-5740 affects Perdition, a IMAP proxy component; the vulnerability is a format string error in Perdition’s IMAP output handling (IMAPD) that could allow an unauthenticated remote attacker to execute arbitrary code. Impact: remote code execution on the Perdition server via a specially craf...
CVE-2007-5740
The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism...
CVE-2007-5740
The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism...
Perdition IMAP proxy server format string vulnerability
Format string vulnerability with IMAP tag...
Perdition 1.17 - IMAPD __STR_VWRITE Remote Format String
Perdition 1.17 - IMAPD STRVWRITE Remote Format String source: https://www.securityfocus.com/bid/26270/info Perdition IMAP proxy server is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a...
Perdition 1.17 - IMAPD __STR_VWRITE Remote Format String
source: https://www.securityfocus.com/bid/26270/info Perdition IMAP proxy server is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker can exploit this issu...
[Full-disclosure] SEC Consult SA-20071031-0 :: Perdition IMAP Proxy Format String Vulnerability
SEC Consult Security Advisory 20071031-0 ==================================================================================== title: Perdition IMAP proxy strvwrite format string vulnerability program: Perdition Mail Retrieval Proxy vulnerable version: =1.17 homepage: http://www.vergenet.net/ foun...
perdition -- str_vwrite format string vulnerability
SEC-Consult reports: Perdition IMAP is affected by a format string bug in one of its IMAP output-string formatting functions. The bug allows the execution of arbitrary code on the affected server. A successful exploit does not require prior authentication...
GLSA-200710-29 : Sylpheed, Claws Mail: User-assisted remote execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200710-29 Sylpheed, Claws Mail: User-assisted remote execution of arbitrary code Ulf Harnhammar from Secunia Research discovered a format string error in the incputerror function in file src/inc.c. Impact : A remote attacker could...
php money_format format string issue
The moneyformat function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple 1 %i and 2 %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability...
Sylpheed, Claws Mail: User-assisted remote execution of arbitrary code
Background Sylpheed and Claws Mail are two GTK based e-mail clients. Description Ulf Harnhammar from Secunia Research discovered a format string error in the incputerror function in file src/inc.c. Impact A remote attacker could entice a user to connect to a malicious POP server sending specially...
php money_format format string issue
The moneyformat function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple 1 %i and 2 %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability...
CVE-2003-1381
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amxsay command...
CVE-2003-1381
AMX 0.9.2 and earlier, a plugin for Valve Software’s Half-Life Server, is affected by a format string vulnerability in the amx_say command. This allows remote attackers to execute arbitrary commands. Exploitation details, affected versions beyond those stated, and mitigations are not provided in ...
Format string
Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...
CVE-2007-5545
Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...