CVE-2005-0397

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...

CVE-2005-0665

The CVE-2005-0665 entry describes a format-string vulnerability in xv (pre-3.10a) that lets remote attackers execute arbitrary code via crafted filenames. Root cause: processing of format specifiers in filenames. Impact: arbitrary code execution on affected xv deployments. Remediation: upgrade to...

CVE-2005-0671

Format string vulnerability in Carsten's 3D Engine Ca3DE, March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command...

GLSA-200503-12 : Hashcash: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200503-12 Hashcash: Format string vulnerability Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the Hashcash utility that an attacker could expose by specifying a malformed reply address. Impact :...

DEBIAN-CVE-2005-0687

Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service memory consumption and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header...

Hashcash: Format string vulnerability

Background Hashcash is a utility for generating Hashcash tokens, a proof-of-work system to reduce the impact of spam. Description Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the Hashcash utility that an attacker could expose by specifying a malformed reply address...

Moderate: Red Hat Security Advisory: mc security update

Updated mc packages that fix multiple security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Midnight Commander mc is a visual shell, much like a file manager. Several format string bugs were found in Midnight...

CVE-2005-0636

Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in the USER command...

CVE-2005-0636

The CVE-2005-0636 entry describes a format string vulnerability in Foxmail Server 2.0, exploitable via remote USER command input over the network. The underlying flaw is in format string handling, allowing denial of service (crash) and potentially arbitrary code execution. Documents do not specif...

RHEL 2.1 : mc (RHSA-2005:217)

Updated mc packages that fix multiple security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Midnight Commander mc is a visual shell, much like a file manager. Several format string bugs were found in Midnight...

USN-90-1: Imagemagick vulnerability

Tavis Ormandy discovered a format string vulnerability in ImageMagick's file name handling. Specially crafted file names could cause a program using ImageMagick to crash, or possibly even cause execution of arbitrary code. Since ImageMagick can be used in custom printing systems, this also might...

CVE-2005-0671

Format string vulnerability in Carsten's 3D Engine Ca3DE, March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command...

foxmail.txt

AUTHOR: Fortinet, inc xouyang PRODUCTS: Foxmail Server. A Mail server for both Windows and linux. AFFECTED VERSION: Foxmail server for windows version 2.0 latest. I've just tested windows server, the linux version may be vulnerable too. Description: Foxmail-the Email client application is the mos...

ca3de - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/12727/info Ca3DE is reported prone to multiple remote vulnerabilities. An attacker can exploit these issues to carry out format string and denial of service attacks. The following specific issues were identified: It is reported that all commands accepted ...

ca3de - Multiple Vulnerabilities

ca3de - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/12727/info Ca3DE is reported prone to multiple remote vulnerabilities. An attacker can exploit these issues to carry out format string and denial of service attacks. The following specific issues were identified: It is...

BidWatcher: Format string vulnerability

Background BidWatcher is a free auction tool for eBay users to keep track of their auctions. Description Ulf Harnhammar discovered a format string vulnerability in "netstuff.cpp". Impact Remote attackers can potentially exploit this vulnerability by sending specially crafted responses via an eBay...

CVE-2004-1006

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702...

IBM AIX auditselect contains format string vulnerability

Overview IBM AIX auditselect command contains a format string vulnerability that may allow a local attacker to execute arbitrary code. Description According to IBM's Command Reference, the syntax and description of the auditselect command are as follows:$ auditselect -e "Expression" | -f File -m...

CVE-2005-0577

Format string vulnerability in DNA MKBold-MKItalic 0.061 and earlier allows remote attackers to execute arbitrary code via crafted BDF font files...

CVE-2005-0577

CVE-2005-0577 affects DNA MKBold-MKItalic up to version 0.06_1. The vulnerability is a format string flaw in the BDF font processing that could allow remote code execution. The OpenVAS and NVD records corroborate the issue; they reference the FreeBSD ports mkbold-mkitalic package as affected. The...