Buffer overflow

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by...

CVE-2009-0517

Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tzenv.class. NOTE: some of these details are obtained...

CA Internet Security Suite UmxEventCli.dll控件不安全函数调用漏洞

CA Internet Security Suite是为家庭用户提供的综合网络安全解决方案。 Internet Security Suite所提供的UmxEventCli.CachedAuditDataList.1 ActiveX控件（UmxEventCli.dll）没有安全地调用SaveToFile函数，如果用户受骗访问了恶意网页的话，就可能以当前登录用户的权限覆盖并破坏系统上的任意文件。 Computer Associates Internet Security Suite 2008 Computer Associates -------------------...

Input validation

A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service browser crash via an invalid WksPictureInterface property value, which triggers an improper...

CVE-2008-1898

A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service browser crash via an invalid WksPictureInterface property value, which triggers an improper...

GLSA-200801-17 : Netkit FTP Server: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200801-17 Netkit FTP Server: Denial of Service Venustech AD-LAB discovered that an FTP client connected to a vulnerable server with passive mode and SSL support can trigger an fclose function call on an uninitialized stream in...

Directory traversal

Directory traversal vulnerability in payments/idealprocess.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed ...

Buffer overflow

The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call...

Code injection

inc/exif.inc.php in Original Photo Gallery 0.11.2 and earlier allows remote attackers to execute arbitrary programs via the exifprog parameter, which is specified in an exec function call...

GLSA-200708-17 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-17 Opera: Multiple vulnerabilities An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed...

CVE-2007-4367

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."...

a specially crafted JavaScript can make Opera execute arbitrary code

A virtual function call on an invalid pointer that may referencedata crafted by the attacker can be used to execute arbitrary code...

Code injection

index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to execute arbitrary code via shell metacharacters in an exec function call. NOTE: some sources have referred to this as eval injection in the param parameter, but CVE source inspection suggests that this is erroneous...

chmlib library memory corruption

Value from file is used directly in alloca function call...

CVE-2007-0134

Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in 1 cart.php and 2 page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in 1...

Sql injection

Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in 1 cart.php and 2 page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in 1...

FreeBSD : opera -- multiple vulnerabilities (78ad2525-9d0c-11db-a5f6-000c6ec775d9)

iDefense reports : The vulnerability specifically exists due to Opera improperly processing a JPEG DHT marker. The DHT marker is used to define a Huffman Table which is used for decoding the image data. An invalid number of index bytes in the DHT marker will trigger a heap overflow with partially...

CVE-2006-5185

Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and earlier allows remote attackers to execute arbitrary code via a modified query string, which is supplied to an eval function call within the doparsecode function...

CVE-2006-3693

Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks \ in an argument to the 1 mount-loop mount-loop.c or 2 umount-loop umount-loop.c command, which is not filtered in a system function call...

Format string

Format string vulnerability in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via unspecified vectors that are not properly handled in a syslog function call...