8517 matches found
Format string
Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...
CVE-2007-5545
Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...
CVE-2007-5561
Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175...
CVE-2007-5545
CVE-2007-5545 affects TIBCO SmartPGM FX and is a format string vulnerability that could allow remote code execution via format string specifiers in unspecified vectors. The description notes a vague pre-advisory with no actionable information as of 2007-10-16. Connected records provide no version...
CVE-2007-5545
Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...
CVE-2007-5561
Format string vulnerability in the Oracle OPMN daemon’s logging function affects Oracle Enterprise Grid Console server 10.2.0.1. A remote attacker can craft a URI in an HTTP request to port 6003 to trigger the flaw and potentially execute arbitrary code. The description notes this may be related ...
openSUSE 10 Security Update : php5 (php5-2687)
CVE-2007-0906: Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9...
openSUSE 10 Security Update : qt3 (qt3-3899)
Format string bugs in QTextEdit can be exploited via specially crafted HTML tags to potentially execute code CVE-2007-3388. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update qt3-3899. The text...
openSUSE 10 Security Update : gvim (gvim-4092)
This update of Vim addresses a format-string bug in 'helptags'. This bug can be exploited to execute code with the privileges of the user running Vim. CVE-2007-2953 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
openSUSE 10 Security Update : mailman (mailman-2170)
This update of mailman fixes the following security issues : - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Nauman...
openSUSE 10 Security Update : ekiga (ekiga-3023)
This update fixes format string problems in ekiga. CVE-2007-1006 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update ekiga-3023. The text description of this plugin is C SUSE LLC...
openSUSE 10 Security Update : w3m (w3m-2433)
A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. CVE-2006-6772 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update w3m-2433. T...
openSUSE 10 Security Update : log4net (log4net-2211)
This update fixes a format string exploit in the RemoteSyslogAppender of log4net. CVE-2006-0743 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update log4net-2211. The text description of this plugi...
openSUSE 10 Security Update : xine-lib (xine-lib-2487)
This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. CVE-2007-0017 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE 10 Security Update : gdm (gdm-2387)
A format string bug in the program 'gdmchooser' could potentially be exploited to execute code under a different user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gdm-2387. The text...
openSUSE 10 Security Update : evolution (evolution-3960)
Format string problems in the Memo Viewer of evolution could be used to potentially execute code when viewing shared memos. CVE-2007-1002 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE 10 Security Update : dia (dia-1435)
Format string bugs in dia could potentially be exploited to execute arbitrary code CVE-2006-2453, CVE-2006-2480. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dia-1435. The text description ...
openSUSE 10 Security Update : dia (dia-1421)
A format string bug in dia could potentially be exploited to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dia-1421. The text description of this plugin is C SUSE LLC...
openSUSE 10 Security Update : gnomemeeting (gnomemeeting-3162)
This update fixes format string problems in gnomemeeting. CVE-2007-1007 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gnomemeeting-3162. The text description of this plugin is C SUSE LLC...
openSUSE 10 Security Update : sylpheed-claws (sylpheed-claws-4511)
This update fixes a format string bug in the incputerror function. This bug is triggered when error messages from the POP3 server are displayed and can be exploited remotely to execute arbitrary code. CVE-2007-2958 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...