8497 matches found
mkbold-mkitalic -- format string vulnerability
The version 0.061 and prior have a format string vulnerability which can be triggered by using a carefully-crafted BDF font file...
CVE-2004-1682
The CVE-2004-1682 entry concerns the QNX 6.1 FTP client, where a format string vulnerability in the QUOTE command can allow remote authenticated users to obtain group bin privileges. The root cause is improper handling of format specifiers in QUOTE, enabling privilege escalation. The provided doc...
CVE-2004-1628
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code...
CVE-2004-1576
Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and earlier allows remote attackers to cause a denial of service application crash via format string specifiers in a chat message...
CVE-2004-1628
Removed by vendor...
CVE-2004-1576
CVE-2004-1576 affects Judge Dredd: Dredd vs. Death 1.01 and earlier. The vulnerability is a format string flaw in chat messages, leading to a denial of service (application crash). The provided documents do not specify exploit code, affected versions beyond 1.01 and earlier, or a remediation(patc...
CVE-2004-1628
CVE-2004-1628 affects the rssh project (before 2.2.2). The vulnerability is a format string issue in log.c that can allow remote authenticated users to execute arbitrary code. Exploitation details are not provided in the connected documents beyond the CVE description, but multiple sources (Gentoo...
CVE-2004-1682
Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command...
Bidwatcher eBay watching and bidding tool format string bug
Format string bug on server reply processing...
[ GLSA 200502-26 ] GProFTPD: gprostats format string vulnerability
Gentoo Linux Security Advisory GLSA 200502-26 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
[SECURITY] [DSA 687-1] New bidwatcher packages fix format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 687-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2005 http://www.debian.org/security/faq -...
gProFTPD ProFTPD FTP server monitoring tool format tring bug
Format string bug during server log file parsing...
CVE-2004-1500
CVE-2004-1500 : A format string vulnerability in the Lithtech engine (used in multiple games) allows remote authenticated users to cause a denial of service (application crash) by supplying format string specifiers in either a nickname or a message. Affected impact is limited to availability (par...
CVE-2005-0484
The CVE-2005-0484 issue is a format-string vulnerability in the gprostats component of GProFTPD, where a crafted filename during an FTP transfer can insert format specifiers into the ProFTPD transfer log and potentially allow remote code execution. Affected systems are GProFTPD with gprostats pri...
CVE-2004-1522
Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service application crash via a nickname that contains format strings...
CVE-2004-1523
CVE-2004-1523 describes a format-string vulnerability in the game console of Hired Team: Trial 2.0 and earlier and 2.200. The flaw allows remote attackers to trigger a denial of service (application crash) by supplying format string specifiers in a message. Affected software is the Hired Team gam...
CVE-2005-0484
Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log...
CVE-2004-1523
Format string vulnerability in the game console in Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service application crash via format string specifiers in a message...
CVE-2004-1522
CVE-2004-1522 corresponds to a format-string vulnerability in Army Men RTS 1.0. The flaw allows remote attackers to trigger a denial of service (application crash) by sending a nickname containing format strings. The NVD entry indicates an untreated impact: availability is partially affected; oth...
CVE-2004-1500
Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service application crash via format string specifiers in 1 a nickname or 2 a message...