CVE-2013-1848

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application...

CVE-2013-1848

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application...

Mandrake Linux Security Advisory : mod_php3 (MDKSA-2000:062)

PHP version 3 which ships with Linux-Mandrake are vulnerable to format string attacks due to logging functions that make improper use of the syslog and vsnprintf functions. This renders PHP3-enabled servers vulnerable to compromise by remote attackers. This attack is only effective on PHP...

CVE-2012-0864

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

DSA-2007-1 cups - arbitrary code execution

Bulletin has no description...

elinks tries to load .po files from a non-absolute path

Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...

Debian Security Advisory DSA 277-1 (apcupsd)

The remote host is missing an update to apcupsd announced via advisory DSA 277-1. OpenVAS Vulnerability Test $Id: deb2771.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 277-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 1213-1 (imagemagick)

The remote host is missing an update to imagemagick announced via advisory DSA 1213-1. Several remote vulnerabilities have been discovered in Imagemagick, a collection of image manipulation programs, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures proje...

Debian: Security Advisory (DSA-1213-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1127)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1127-1 (ethereal)

The remote host is missing an update to ethereal announced via advisory DSA 1127-1. Several remote vulnerabilities have been discovered in the Ethereal network sniffer, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following...

IBM Informix Dynamic Server privilege escalation

Directory traversal on DBLANG environment variable parsing allows to specify attacker-controlled NLS files, leading to possibility of format string attacks for suid applications...

rPSA-2007-0153-1 qt-x11-free

rPath Security Advisory: 2007-0153-1 Published: 2007-08-01 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: qt-x11-free=/conary.rpath.com@rpl:devel//1/3.3.4-5.9-1 References: https://vulners.com/cve/CVE-2007-338...

Security Best Practice: Protect Yourself against FTP Format Strings Attacks

The File Transfer Protocol FTP is used to connect computers over the Internet enabling file transferring between their users. FTP format string attacks are a common threat on vulnerable systems. Format string attacks can be used to crash a program or to execute malicious code. Successful format...

CVE-2007-2027

Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...

CVE-2007-2027

Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...

CVE-2007-2027

CVE-2007-2027 affects Elinks 0.11.1 (ELinks) via the function add_filename_to_string in intl/gettext/loadmsgcat.c, allowing a local attacker to cause Elinks to load an untrusted gettext catalog (.po) from a ../po directory and potentially perform format-string attacks. Multiple connected sources ...

Debian DSA-1213-1 : imagemagick - several vulnerabilities

Several remote vulnerabilities have been discovered in Imagemagick, a collection of image manipulation programs, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-0082 Daniel Kobras discovered that...

DSA-1213 imagemagick

Bulletin has no description...

Debian DSA-1127-1 : ethereal - several vulnerabilities

Several remote vulnerabilities have been discovered in the Ethereal network sniffer, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-3628 Ilja van Sprundel discovered that the FW-1 and MQ dissectors...