8501 matches found
CVE-2005-0397
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...
CVE-2005-0665
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename...
DEBIAN-CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...
CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...
CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...
CVE-2005-0012
Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...
CVE-2005-0729
Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message...
CVE-2005-0804
Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service application crash via format string specifiers in the mailto field...
CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...
CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...
CVE-2005-1394
CVE-2005-1394 describes a format-string vulnerability in ESRI ArcInfo Workstation 9.0 where local users can escalate privileges via format string specifiers in the ARCHOME environment variable, affecting components such as wservice and lockmgr . The connected PT-2005-2391 entry confirms product/v...
CVE-2005-1121
Format string vulnerability in the myxlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwdmysql and passwdpgsql modules, may allow attackers to execute arbitrary code via a URL...
CVE-2005-0770
Format string vulnerability in DataRescue Interactive Disassembler and Debugger IDA Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service CPU consumption or application crash and possibly execute arbitrary code via format string specifiers in a dynamic link library DLL...
DEBIAN-CVE-2005-0012
Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...
DEBIAN-CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...
Mtp-Target 1.2.2 Client - Remote Format String
Mtp-Target 1.2.2 Client - Remote Format String source: https://www.securityfocus.com/bid/13460/info A remote format string vulnerability affects Mtp-Target Client. This issue is due to a failure of the application to securely call a formatted printing function. An attacker may leverage this issue...
KLA10405 ACE vulnerability in Xpand Rally
A format string vulnerability was found in Xpand Rally. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially defined message. Original advisories - Related products Xpand-Rally CVE list CVE-2005-0729 high Solutio...
[SECURITY] [DSA 719-1] New prozilla packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 719-1 [email protected] http://www.debian.org/security/ Martin Schulze April 28th, 2005 http://www.debian.org/security/faq -...
Solaris 10.x - ESRI Arcgis Format String Privilege Escalation
Solaris 10.x - ESRI Arcgis Format String Privilege Escalation / ESRI 9.x Arcgis local root format string exploit Copyright Kevin Finisterre and John H. Bug found by Kevin Finisterre Exploit by John H. We overwrite the thrjmptable Tested on solaris 10 / include include include include include...
ProZilla download manager buffer overflows
Multiple buffer overflows and format string bugs...