Lucene search
K

8517 matches found

NVD
NVD
added 2007/05/24 10:30 p.m.15 views

CVE-2007-0753

Format string vulnerability in the VPN daemon vpnd in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter...

7.2CVSS6.9AI score0.0093EPSS
Exploits5References11
Cvelist
Cvelist
added 2007/05/24 10:0 p.m.30 views

CVE-2007-0753

Format string vulnerability in the VPN daemon vpnd in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter...

7.4AI score0.0093EPSS
Exploits5References11
CVE
CVE
added 2007/05/24 10:0 p.m.59 views

CVE-2007-0753

CVE-2007-0753 affects Apple Mac OS X VPND (VPN daemon) on affected platforms (OS X Server 10.4.9 and earlier; 10.3.9 referenced). The vulnerability is a local format-string flaw in vpnd triggered by the -i parameter, where untrusted input is passed into a format function, and vpnd runs with setui...

7.2CVSS7.4AI score0.0093EPSS
Exploits5References11Affected Software2
F5 Networks
F5 Networks
added 2007/05/16 12:0 a.m.37 views

SOL5534 - Apache mod_proxy message format vulnerability - CAN-2004-0700

Vulnerability description Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled...

7.5CVSS3.4AI score0.05802EPSS
Exploits0
Prion
Prion
added 2007/05/14 9:19 p.m.11 views

Format string

Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution...

7.5CVSS8.1AI score0.03948EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2007/05/14 9:0 p.m.43 views

CVE-2007-2655

CVE-2007-2655 affects NetWin Webmail 3.1s-1 used in SurgeMail prior to version 3.8i2. The vulnerability is described as a potential format string issue that could enable remote code execution. Details are limited in the provided sources; no concrete exploit method, affected module/file, or patch/...

7.5CVSS7.5AI score0.03948EPSS
Exploits0References6Affected Software2
RedHat Linux
RedHat Linux
added 2007/05/03 12:30 p.m.21 views

Moderate: Red Hat Security Advisory: evolution security update

Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A format...

6.8CVSS5.7AI score0.03364EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2007/05/03 12:30 p.m.5 views

evolution format string flaw

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

6.8CVSS6.2AI score0.03364EPSS
Exploits0References4
Prion
Prion
added 2007/04/30 10:19 p.m.18 views

Format string

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls in a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/aimage.cpp, f...

7.5CVSS8.1AI score0.03384EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2007/04/30 10:19 p.m.2 views

CVE-2007-2054

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls in a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/aimage.cpp, f...

7.5CVSS6.2AI score0.03384EPSS
Exploits0References5
NVD
NVD
added 2007/04/30 10:19 p.m.25 views

CVE-2007-2054

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls in a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/aimage.cpp, f...

7.5CVSS7.7AI score0.03384EPSS
Exploits0References4
NVD
NVD
added 2007/04/30 10:19 p.m.19 views

CVE-2007-2352

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...

10CVSS7.8AI score0.05133EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/04/30 10:0 p.m.32 views

CVE-2007-2054

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls in a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/aimage.cpp, f...

7.7AI score0.03384EPSS
Exploits0References4
CVE
CVE
added 2007/04/30 10:0 p.m.54 views

CVE-2007-2054

AFFLIB 2.2.6 and earlier contains multiple format-string vulnerabilities exposing several command-line utilities (lib/s3.cpp, tools/afconvert.cpp, tools/afcopy.cpp, tools/afinfo.cpp, aimage/aimage.cpp, aimage/imager.cpp, tools/afxml.cpp) to remote code execution via parameters used as format stri...

7.5CVSS7.8AI score0.03384EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/04/30 10:0 p.m.19 views

CVE-2007-2352

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...

7.8AI score0.05133EPSS
Exploits0References3
CVE
CVE
added 2007/04/30 10:0 p.m.50 views

CVE-2007-2352

Summary (CVE-2007-2352): AFFLIB before 2.2.6 contains multiple format-string vulnerabilities exploitable via command-line inputs that are used as format strings in warn/err calls. Affected components include lib/s3.cpp, tools/afconvert.cpp, tools/afcopy.cpp, tools/afinfo.cpp, aimage/imager.cpp, a...

10CVSS7.8AI score0.05133EPSS
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2007/04/29 12:0 a.m.28 views

AFFLIB多个格式串处理漏洞

AFFLIB是用于操作高级取证格式(AFF)文件的开源函数库。 AFFLIB的一些命令行工具实现上存在格式串处理漏洞,本地攻击者可能利用此漏洞提升自己的权限。 这些工具以格式串参数向warn和err调用传输一些命令行参数。如果攻击者能够影响这些命令行参数的话,就可能导致执行任意指令。 s3格式串注入 文件:lib/s3.cpp 行数:207 err调用中的一个命令行参数用作了格式串,如果攻击者能够影响名称的话就可以导致格式串注入漏洞。192-207行说明了这个问题: void s3cpconst char fname,string key struct s3headers meta2 =...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2007/04/28 12:0 a.m.25 views

AFFLIB library multiple security vulnerabilities

Shell characters injections, buffer overflows, format string vulnerabilities, race conditions, etc...

10CVSS4.2AI score0.06711EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2007/04/28 12:0 a.m.40 views

AFFLIB(TM): Multiple Format String Injections

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Multiple Format String Injections in AFFLIB Release Date: 2007-04-27 Application...

7.5CVSS0.1AI score0.03384EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2007/04/26 9:19 p.m.31 views

CVE-2007-2318

Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in 1 FTP server responses or 2 data sent by an FTP server. NOTE: some of these details are obtained from third party information...

9.3CVSS6.3AI score0.045EPSS
Exploits0References1
Rows per page
Query Builder