Lucene search
K

8517 matches found

RedHat Linux
RedHat Linux
added 2007/03/14 12:47 a.m.21 views

Critical: Red Hat Security Advisory: ekiga security update

Updated ekiga packages that fix security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Ekiga is a tool to communicate with video and audio over the Internet. Format string flaws were...

10CVSS6.1AI score0.0364EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2007/03/14 12:47 a.m.4 views

Ekiga format string flaw

Multiple format string vulnerabilities in the gmmainwindowflashmessage function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet...

10CVSS6.1AI score0.0364EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/03/12 12:0 a.m.9 views

Fedora Core 6 : ekiga-2.0.5-3.fc6 (2007-322)

Format string flaws were found in the way Ekiga processes certain messages. If a user is running Ekiga, a remote attacker who can connect to Ekiga could trigger this flaw and potentially execute arbitrary code with the privileges of the user. Note that Tenable Network Security has extracted the...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/03/12 12:0 a.m.29 views

Debian DSA-1264-1 : php4 - several vulnerabilities

Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0906 It was discovered that an integer...

10CVSS6.1AI score0.11752EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2007/03/12 12:0 a.m.21 views

Mandrake Linux Security Advisory : ekiga (MDKSA-2007:058)

A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original...

9.3CVSS6AI score0.03442EPSS
Exploits0References1
NVD
NVD
added 2007/03/10 7:19 p.m.24 views

CVE-2007-0999

Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006...

9.3CVSS7.5AI score0.03442EPSS
Exploits0References4
Prion
Prion
added 2007/03/10 7:19 p.m.15 views

Format string

Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006...

9.3CVSS7.7AI score0.0364EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/03/10 7:0 p.m.29 views

CVE-2007-0999

Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006...

7.4AI score0.03442EPSS
Exploits0References4
CVE
CVE
added 2007/03/10 7:0 p.m.63 views

CVE-2007-0999

CVE-2007-0999 is a format-string vulnerability in Ekiga (notably 2.0.3) that could allow a remote attacker to execute arbitrary code with the user’s privileges. The cited Red Hat advisory RHSA-2007-0087 describes this flaw as a format-string issue in Ekiga that, if exploited via a remote connecti...

9.3CVSS7.4AI score0.03442EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2007/03/10 7:0 p.m.21 views

CVE-2007-0999

Removed by vendor...

9.3CVSS6.6AI score0.03442EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/03/09 4:24 a.m.54 views

USN-434-1: Ekiga vulnerability

It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges...

9.3CVSS5.7AI score0.03442EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/03/08 7:4 a.m.75 views

USN-424-2: PHP regression

USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple buffer overflows have been discovered in various PHP modules...

6.4AI score0.11752EPSS
Exploits0References1
OSV
OSV
added 2007/03/07 12:0 a.m.31 views

DSA-1264-1 php4

Bulletin has no description...

10CVSS7.6AI score0.11752EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/03/06 12:0 a.m.21 views

Debian DSA-1262-1 : gnomemeeting - format string

'Mu Security' discovered that a format string vulnerability in the VoIP solution GnomeMeeting allows the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-1262...

10CVSS5.8AI score0.07031EPSS
Exploits0References2
seebug.org
seebug.org
added 2007/03/05 12:0 a.m.33 views

Netrek 2.12.0 pmessage2() Remote Limited Format String Exploit

No description provided by source. Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

7.1AI score
Exploits0
Debian
Debian
added 2007/03/04 5:57 p.m.17 views

[SECURITY] [DSA 1262-1] New gnomemeeting packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1262-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 4th, 2007 http://www.debian.org/security/faq -...

10CVSS6.2AI score0.07031EPSS
Exploits0
NVD
NVD
added 2007/03/03 8:19 p.m.12 views

CVE-2007-1251

Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...

9.3CVSS7.8AI score0.06457EPSS
Exploits1References7
Prion
Prion
added 2007/03/03 8:19 p.m.11 views

Format string

Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...

9.3CVSS8.3AI score0.06457EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2007/03/03 8:0 p.m.17 views

CVE-2007-1251

Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...

7.8AI score0.06457EPSS
Exploits1References7
CVE
CVE
added 2007/03/03 8:0 p.m.40 views

CVE-2007-1251

Netrek Vanilla Server 2.12.0 is affected by a format string vulnerability in ntserv/warning.c (new_warning) when EVENTLOG is enabled. The issue allows remote attackers to crash the server or potentially execute arbitrary code via format string specifiers in message handling. The available sources...

9.3CVSS7.8AI score0.06457EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder