8517 matches found
openSUSE 10 Security Update : dia (dia-1421)
A format string bug in dia could potentially be exploited to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dia-1421. The text description of this plugin is C SUSE LLC...
openSUSE 10 Security Update : qt3 (qt3-3899)
Format string bugs in QTextEdit can be exploited via specially crafted HTML tags to potentially execute code CVE-2007-3388. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update qt3-3899. The text...
CVE-2002-2236
The CVE-2002-2236 entry describes a format-string vulnerability in the awp_log function of apt-www-proxy 0.1, allowing remote attackers to execute arbitrary code. Affected component: apt-www-proxy 0.1; vulnerable code path: awp_log. Root cause: improper handling of format strings leading to code ...
CVE-2002-2236
Format string vulnerability in the awplog function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code...
IBM DB database JDBC service multiple security vulnerabilities
DB2JDS TCP/6789 format string vulnerability and multiple DoS conditions...
Heap overflow
Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control kavwebscan.dll in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer...
CVE-2007-3675
Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control kavwebscan.dll in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer...
CVE-2007-3675
Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control kavwebscan.dll in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer...
CVE-2007-3675
CVE-2007-3675 concerns the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) used by Kaspersky Online Scanner. Public records state that this ActiveX contains a format string vulnerability in multiple string formatting functions, which can trigger a heap-based buffer overflow and allow remo...
Kaspersky Online Scanner kavwebscan.dll控件远程格式串漏洞
BUGTRAQ ID: 26004 CVECAN ID: CVE-2007-3675 Kaspersky Online Scanner是免费的在线病毒扫描服务,允许用户通过Web浏览器扫描恶意代码。 Kaspersky Online Scanner所带的ActiveX控件实现上存在格式串处理漏洞,远程攻击者可能利用此漏洞控制客户端系统。 Kaspersky Online Scanner所安装的以下在线病毒扫描ActiveX控件: ProgID:kavwebscan.CKAVWebScan ClassID:0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75...
iDefense Security Advisory 10.10.07: Kaspersky Web Scanner ActiveX Format String Vulnerability
Kaspersky Web Scanner ActiveX Format String Vulnerability iDefense Security Advisory 10.10.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 10, 2007 I. BACKGROUND Kaspersky Lab Online Virus Scanner is a free online virus scanner service, enabling a user to scan their system for...
Kasrpsrsky Online Scanner ActiveX format string security vulnerability
Multiple format string vulnerabilities...
Kaspersky Online Scanner kavwebscan.CKAVWebScan ActiveX (kavwebscan.dll) Format String Arbitrary Code Execution
The remote host contains the Kaspersky Online Scanner, an online virus scanner for Windows. The version of the Kaspersky Web Scanner ActiveX control installed as part of this software on the remote host contains a format string vulnerability. By tricking a user on the affected host into visiting ...
CVE-2007-5265
Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username or 2 password fields when accessing certain "restricted zones", which are not properly handled by the a...
Format string
Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username, 2 password, and 3 nickname fields in a "0x01" packet...
Format string
Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username or 2 password fields when accessing certain "restricted zones", which are not properly handled by the a...
CVE-2007-5262
Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username, 2 password, and 3 nickname fields in a "0x01" packet...
CVE-2007-5265
Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username or 2 password fields when accessing certain "restricted zones", which are not properly handled by the a...
CVE-2007-5262
Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username, 2 password, and 3 nickname fields in a "0x01" packet...
CVE-2007-5265
CVE-2007-5265 describes multiple format string vulnerabilities in websrv.cpp of Dawn of Time 1.69s beta4 and earlier. The flaws allow remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) password fields when accessing certain “restricted zones”, due t...