Lucene search
K

8517 matches found

CVE
CVE
added 2007/06/20 10:0 p.m.57 views

CVE-2005-4846

CVE-2005-4846 concerns Spey 0.3.3. A vulnerability exists in Spey’s Logger.cc where format string usage in a syslog call can allow a remote attacker to trigger a denial of service and, potentially, arbitrary code execution through crafted format specifiers. Affected product: Spey 0.3.3; vulnerabl...

4.3CVSS8AI score0.01935EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2007/06/13 12:0 a.m.29 views

Apple Safari for Windows commands execution

Shell characters problem on protocol handlers invocation. Format string vulnerability...

4.6AI score
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2007/06/12 12:0 a.m.14 views

Mbedthis AppWeb 2.2.2 - URL Protocol Format String

Mbedthis AppWeb 2.2.2 - URL Protocol Format String source: https://www.securityfocus.com/bid/24454/info Mbedthis AppWeb is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printin...

Exploits0
Exploit DB
Exploit DB
added 2007/06/12 12:0 a.m.57 views

Mbedthis AppWeb 2.2.2 - URL Protocol Format String

source: https://www.securityfocus.com/bid/24454/info Mbedthis AppWeb is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. This issue affects only applications th...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/06/10 12:0 a.m.17 views

W3M浏览器InputAnswer格式串漏洞

W3M是一款开放源代码的文字式网页浏览器。 W3M不正确过滤用户提交给格式打印函数的输入,远程攻击者可以利用漏洞进行格式串攻击,可能以进程权限执行任意指令。 目前没有详细漏洞细节提供。 W3M W3M 0.5.1 W3M W3M 0.3.2 .2 W3M W3M 0.3.2 .1 W3M W3M 0.3.2 W3M W3M 0.3.1 + RedHat Linux 8.0 i386 + RedHat Linux 8.0 W3M W3M 0.3 + RedHat Linux 7.3 i386 + RedHat Linux 7.3 W3M W3M 0.2.5 .1 W3M W3M 0.2.5...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/06/07 12:0 a.m.55 views

GLSA-200706-02 : Evolution: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200706-02 Evolution: User-assisted execution of arbitrary code Ulf Harnhammar from Secunia Research has discovered a format string error in the writehtml function in the file calendar/gui/e-cal-component-memo-preview.c. Impact : A...

6.8CVSS6.1AI score0.03364EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/06/07 12:0 a.m.23 views

GLSA-200706-03 : ELinks: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200706-03 ELinks: User-assisted execution of arbitrary code Arnaud Giersch discovered that the 'addfilenametostring' function in file intl/gettext/loadmsgcat.c uses an untrusted relative path, allowing for a format string attack...

4.4CVSS6.1AI score0.00841EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2007/06/06 12:0 a.m.31 views

Evolution: User-assisted execution of arbitrary code

Background Evolution is the mail client of the GNOME desktop environment. Description Ulf Harnhammar from Secunia Research has discovered a format string error in the writehtml function in the file calendar/gui/e-cal-component-memo-preview.c. Impact A remote attacker could entice a user to open a...

6.8CVSS7AI score0.03364EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/06/06 12:0 a.m.20 views

ELinks: User-assisted execution of arbitrary code

Background ELinks is a text-mode web browser. Description Arnaud Giersch discovered that the "addfilenametostring" function in file intl/gettext/loadmsgcat.c uses an untrusted relative path, allowing for a format string attack with a malicious .po file. Impact A local attacker could entice a user...

4.4CVSS6.8AI score0.00841EPSS
Exploits1
FreeBSD
FreeBSD
added 2007/06/05 12:0 a.m.23 views

vlc -- format string vulnerability and integer overflow

isecpartners reports: VLC is vulnerable to a format string attack in the parsing of Vorbis comments in Ogg Vorbis and Ogg Theora files, CDDA data or SAP/SDP service discovery messages. Additionally, there are two errors in the handling of wav files, one a denial of service due to an uninitialized...

6.6AI score
Exploits0References1
NVD
NVD
added 2007/06/04 5:30 p.m.16 views

CVE-2007-3009

Format string vulnerability in the MprLogToFile::logEvent function in Mbedthis AppWeb 2.0.5-4, when the build supports logging but the configuration disables logging, allows remote attackers to cause a denial of service daemon crash via format string specifiers in the HTTP scheme, as demonstrated...

4.3CVSS6.6AI score0.02231EPSS
Exploits0References5
Prion
Prion
added 2007/06/04 5:30 p.m.13 views

Format string

Format string vulnerability in the MprLogToFile::logEvent function in Mbedthis AppWeb 2.0.5-4, when the build supports logging but the configuration disables logging, allows remote attackers to cause a denial of service daemon crash via format string specifiers in the HTTP scheme, as demonstrated...

4.3CVSS7.1AI score0.02231EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/06/04 5:0 p.m.21 views

CVE-2007-3009

Format string vulnerability in the MprLogToFile::logEvent function in Mbedthis AppWeb 2.0.5-4, when the build supports logging but the configuration disables logging, allows remote attackers to cause a denial of service daemon crash via format string specifiers in the HTTP scheme, as demonstrated...

6.6AI score0.02231EPSS
Exploits0References5
CVE
CVE
added 2007/06/04 5:0 p.m.45 views

CVE-2007-3009

The CVE-2007-3009 case concerns Mbedthis AppWeb 2.0.5-4, where a Format string vulnerability in MprLogToFile::logEvent can be triggered when logging is supported but disabled in configuration. The issue allows remote attackers to crash the daemon (DoS) by crafting HTTP scheme format specifiers, d...

4.3CVSS6.6AI score0.02231EPSS
Exploits0References5Affected Software1
exploitpack
exploitpack
added 2007/05/29 12:0 a.m.24 views

Apple Mac OSX 10.4.9 - VPND Local Format String

Apple Mac OSX 10.4.9 - VPND Local Format String source: https://www.securityfocus.com/bid/24208/info Apple Mac OS X's VPN service daemon is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/05/29 12:0 a.m.37 views

Mac OS X vpnd format string security vulnerability

Formats string vulnerability on -i command line argument parsing...

7.2CVSS3.1AI score0.0093EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
added 2007/05/29 12:0 a.m.76 views

Mac OS X vpnd local format string

======= Summary ======= Name: Mac OS X vpnd local format string Release Date: 29 May 2007 Reference: NGS00496 Discover: Chris Anley [email protected] Vendor: Apple Vendor Reference: 26417237 CVE-ID: CVE-2007-0753 Systems Affected: OS X Server 10.4.9 and prior Risk: High Status: Published...

7.2CVSS7.5AI score0.0093EPSS
Exploits5
Exploit DB
Exploit DB
added 2007/05/29 12:0 a.m.28 views

Apple Mac OSX 10.4.9 - VPND Local Format String

source: https://www.securityfocus.com/bid/24208/info Apple Mac OS X's VPN service daemon is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. Attackers may exploit this issue...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/05/25 12:0 a.m.24 views

RHEL 5 : evolution (RHSA-2007:0158)

Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A format...

6.8CVSS5.7AI score0.03364EPSS
Exploits0References3
Prion
Prion
added 2007/05/24 10:30 p.m.17 views

Format string

Format string vulnerability in the VPN daemon vpnd in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter...

7.2CVSS7.3AI score0.0093EPSS
Exploits5References11Affected Software2
Rows per page
Query Builder