8497 matches found
Typespeed 0.4.1 - Local Format String
// source: https://www.securityfocus.com/bid/12569/info typespeed is prone to a local format string vulnerability. Successful could allow privilege escalation. / Proof of Concept local exploit for typespeed tool "enva" content: include include int mainint argc, char argv char addrptr = NULL;...
security flaw
Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...
Important: Red Hat Security Advisory: xemacs security update
Updated XEmacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. XEmacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler...
Important: Red Hat Security Advisory: emacs security update
Updated Emacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team Emacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler...
Emacs, XEmacs: Format string vulnerabilities in movemail
Background GNU Emacs and XEmacs are highly extensible and customizable text editors. movemail is an Emacs utility that can fetch mail on remote mail servers. Description Max Vozeler discovered that the movemail utility contains several format string errors. Impact An attacker could set up a...
GLSA-200501-11 : Dillo: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200501-11 Dillo: Format string vulnerability Gentoo Linux developer Tavis Ormandy found a format string bug in Dillo's handling of messages in aInterfacemsg. Impact : An attacker could craft a malicious web page which, when access...
CVE-2004-1469
The CVE-2004-1469 entry covers a format-string vulnerability in SUS (SUS 2.0.2, and other versions before 2.0.6) where a log() call passing a command line argument to syslog can be exploited by a local user to execute arbitrary code. Affected software is SUS; the underlying issue is a faulty form...
CVE-2004-1484
The CVE-2004-1484 issue affects socat (1.4.0.3 and earlier). It is a format string vulnerability in the _msg function in error.c that can be triggered when socat is used as an HTTP proxy client with the -ly option, enabling remote attackers (or local users) to execute arbitrary code via format st...
CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a wrapper line...
CVE-2004-1484
Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...
CVE-2004-1471
CVE-2004-1471 affects CVS: formats-string vulnerability in wrapper.c remote-code path exploited by wrappers, with CVSROOT commit access allowing DoS (crash) and potential code execution. Affected ranges are CVS 1.12.x up to 1.12.8 and 1.11.x up to 1.11.16. OpenVAS/Nessus entries corroborate multi...
CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a wrapper line...
CVE-2004-1484
Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...
CVE-2004-1398
Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument...
CVE-2004-1398
CVE-2004-1398 describes a format string vulnerability in prelink.c within kextload on Apple OS X, used by TDIXSupport in Roxio Toast Titanium and possibly other products. The underlying issue arises from format string specifiers in the extension argument, enabling local users to execute arbitrary...
Important: Red Hat Security Advisory: xemacs security update
Updated XEmacs packages that fix a string format issue are now available. XEmacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of XEmacs. If a user connects to a malicious POP server, an...
security flaw
Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...
Important: Red Hat Security Advisory: emacs security update
Updated Emacs packages that fix a string format issue are now available. Emacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs. If a user connects to a malicious POP server, an...
security flaw
Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...
CVE-2005-0276
CVE-2005-0276 : The 3Com 3CDaemon 2.0 revision 10 FTP service is affected by multiple format string vulnerabilities in commands (username, cd, delete, rename, rmdir, literal, stat, CWD) that can cause a remote denial of service (application crash). This assessment is based on the NVD description;...