8517 matches found
OllyDbg 1.10 - Local Format String
/ ..:: jamikazu presents ::.. OllyDbg v110 Local Format String Exploit 0day Author: jamikazu Mail: [email protected] web: http://jamikazu.110mb.com/ Bug discovered by Ned from http://felinemenace.org/ Credit: ap0x,milw0rm Greets: All turkish security researchers ... invokes calc.exe if successfu...
Inkscape: Two format string vulnerabilities
Background Inkscape is a vector graphics editor, using Scalable Vector Graphics SVG Format. Description Kees Cook has discovered two vulnerabilities in Inkscape. The application does not properly handle format string specifiers in some dialog boxes. Inkscape is also vulnerable to another format...
elinks format string vulnerability
Relative path is used to search text strings .po file. It makes it possible to spoof the file and to conduct format string attack...
Security Best Practice: Protect Yourself against FTP Format Strings Attacks
The File Transfer Protocol FTP is used to connect computers over the Internet enabling file transferring between their users. FTP format string attacks are a common threat on vulnerable systems. Format string attacks can be used to crash a program or to execute malicious code. Successful format...
CVE-2007-2027
Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...
CVE-2007-2027
Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...
CVE-2007-2027
Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...
CVE-2007-2027
Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...
CVE-2007-2027
CVE-2007-2027 affects Elinks 0.11.1 (ELinks) via the function add_filename_to_string in intl/gettext/loadmsgcat.c, allowing a local attacker to cause Elinks to load an untrusted gettext catalog (.po) from a ../po directory and potentially perform format-string attacks. Multiple connected sources ...
CVE-2007-0957
Stack-based buffer overflow in the krb5klogsyslog function in the kadm5 library, as used by the Kerberos administration daemon kadmind and Key Distribution Center KDC, in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via...
CVE-2007-0957
Stack-based buffer overflow in the krb5klogsyslog function in the kadm5 library, as used by the Kerberos administration daemon kadmind and Key Distribution Center KDC, in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via...
GLSA-200703-25 : Ekiga: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200703-25 Ekiga: Format string vulnerability Mu Security has discovered that Ekiga fails to implement formatted printing correctly. Impact : An attacker could exploit this vulnerability to crash Ekiga and potentially execute...
Mandrake Linux Security Advisory : evolution (MDKSA-2007:070)
A format string error in the 'writehtml' function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers. Updated packages have been patched to...
PHP < 4.4.5 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is older than 4.4.5. Such versions may be affected by several issues, including buffer overflows, format string vulnerabilities, arbitrary code execution, 'safemode' and 'openbasedir' bypasses, and clobbering of super-global...
PHP < 5.2.1 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is older than 5.2.1. Such versions may be affected by several issues, including buffer overflows, format string vulnerabilities, arbitrary code execution, 'safemode' and 'openbasedir' bypasses, and clobbering of super-global...
Inkscape multiple security vulnerabilities
Format string vulnerability in URIs displaying, security problems with Jabber protocol...
Ekiga: Format string vulnerability
Background Ekiga is an open source VoIP and video conferencing application. Description Mu Security has discovered that Ekiga fails to implement formatted printing correctly. Impact An attacker could exploit this vulnerability to crash Ekiga and potentially execute arbitrary code by sending a...
USN-442-1: Evolution vulnerability
Ulf Harnhammar of Secunia Research discovered that Evolution did not correctly handle format strings when displaying shared memos. If a remote attacker tricked a user into viewing a specially crafted shared memo, they could execute arbitrary code with user privileges...
GLSA-200703-21 : PHP: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200703-21 PHP: Multiple vulnerabilities Several vulnerabilities were found in PHP by the Hardened-PHP Project and other researchers. These vulnerabilities include a heap-based buffer overflow in htmlentities and htmlspecialchars i...
Mandrake Linux Security Advisory : inkscape (MDKSA-2007:069)
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs. Updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C Tenable...