CVE-2005-1441

The vulnerability is a format string issue in Lotus Domino Server NRPC (Notes protocol) that allows remote denial of service. Affected products: Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4. Root cause: incorrect handling of format strings in NRPC processing. Impact: remote DoS as descr...

CVE-2005-1401

Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers to execute arbitrary code via game messages or other text...

CVE-2005-1441

Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol NRPC...

CVE-2005-1401

Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers to execute arbitrary code via game messages or other text...

Mtp-target online game format string bug

Format string bug suring message displying...

Clients format string and server crash in Mtp-Target 1.2.2

Luigi Auriemma Application: Mtp-Target http://www.mtp-target.org Versions: = 1.2.2 Platforms: Windows and Linux Bugs: A clients format string B server crash Exploitation: remote, versus both server and clients Date: 01 May 2005 Author: Luigi Auriemma e-mail: [email protected] web:...

CVE-2005-0397

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...

CVE-2005-1127

Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...

CVE-2005-1100

Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...

CVE-2005-0958

Format string vulnerability in the logdo function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command...

CVE-2005-0012

Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...

CVE-2005-0158

Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses...

CVE-2005-0250

Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument...

CVE-2005-0276

Multiple format string vulnerabilities in the FTP service in 3Com 3CDaemon 2.0 revision 10 allow remote attackers to cause a denial of service application crash via format string specifiers in 1 the username, 2 cd, 3 delete, 4 rename, 5 rmdir, 6 literal, 7 stat, or 8 CWD commands...

CVE-2005-1394

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to 1 wservice or 2 lockmgr...

CVE-2005-0012

Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...

DEBIAN-CVE-2005-0397

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...

CVE-2005-0012

Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...

CVE-2005-0158

Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses...

CVE-2005-0240

Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message...