Buffer overflow

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to 1 Import DB01 and 2 Advanced Queuing DB25. NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINKIN...

openSUSE 10 Security Update : koffice (koffice-2323)

This update fixes a security problem in the OLE import handling for PPT files, where attackers with crafted documents could crash kpresenter and potentially execute code. CVE-2006-6120 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Unwanted Access to File System via Import Pages Functionality

security vulnerability found in Confluence 2.5.6 Space administrator can use the "Import Pages from Disk" feature to browse the server file system by pointing the importer at "/" folder or any other folder. Because this folder doesn't contain expected files, an error message is displayed,...

DEBIAN-CVE-2007-4153

Multiple cross-site scripting XSS vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 the Options Database Table in the Admin Panel, accessed through options.php; or 2 the opmlurl parameter to link-import.php. NOTE: this might...

CVE-2007-3678

Stack-based buffer overflow in the MSWord text-import extension Word 6-2000 Filter.xnt in QuarkXPress 7.2 for Windows, when using the Rectangle Text Box tool for importing text, allows user-assisted remote attackers to execute arbitrary code via a long font name...

CVE-2007-3678

Stack-based buffer overflow in the MSWord text-import extension Word 6-2000 Filter.xnt in QuarkXPress 7.2 for Windows, when using the Rectangle Text Box tool for importing text, allows user-assisted remote attackers to execute arbitrary code via a long font name...

Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:144)

A heap overflow flaw was found in the RTF import filter of OpenOffice.org. If a victim were to open a specially crafted RTF file, OpenOffice.org could crash or possibly execute arbitrary code. Updated packages have been patched to prevent the above issues. %NASLMINLEVEL 70300 C Tenable Network...

Code injection

vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission...

CVE-2007-3599

vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission...

Fedora Core 5 : openoffice.org-2.0.2-5.22.2 (2007-606)

A heap overflow flaw was found in the RTF import filer. An attacker could create a carefully crafted RTF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. CVE-2007-0245 All users of OpenOffice.org are advised to upgrade to these...

Use the telnet method export, import, Forum mysql database-vulnerability warning-the black bar safety net

To 1. The method presented here is mainly applicable to VB and other forums. Use the TELNET method can be existing on the server database to export,then import this data to another server,use this method can achieve the Forum in two Server Migration; or the server existing on the forum moved to...

Modifications introduced into the table to create penetration KIS6 download-vulnerability warning-the black bar safety net

Article author: gyzy E. S. T it www.gyzy.org） Information source: evil octal information security team www.eviloctal.com） This article has been published in the hacker line of Defense of the 2 0 0 7 year 2 monthly. The author and the hacker line of Defense on the retention of copyright, reproduce...

CVE-2007-0323

Buffer overflow in the SetLanguage function in Research In Motion RIM TeamOn Import Object ActiveX control TOImport.dll allows remote attackers to execute arbitrary code via unspecified vectors...

Research In Motion TeamOn Import Object ActiveX control buffer overflow

Overview The Research In Motion TeamOn Import Object ActiveX control contains a buffer overflow, which could allow an attacker to execute arbitrary code on a vulnerable system. Description The Research In Motion TeamOn Import Object is an ActiveX control, which is provided by the file TOImport.dl...

DEBIAN-CVE-2007-1732

Cross-site scripting XSS vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

WordPress <= 2.1.2 - Cross Site Scripting

Because of this vulnerability in an mt import in wp-admin/admin.php, the authenticated administrators can inject arbitrary web script or HTML via the "demo" parameter Solution Update the WordPress to the latest available version at least 2.1.3...

CVE-2006-7147

PHP remote file inclusion vulnerability in includes/functionsmoduser.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-7147

CVE-2006-7147 affects the phpBB Import Tools Mod 0.1.4 and earlier. The vulnerability is a PHP remote file inclusion via the phpbb_root_path parameter, allowing remote attackers to execute arbitrary PHP code. The root cause is insufficient sanitization of the phpbb_root_path input, enabling inclu...

DEBIAN-CVE-2007-1253

Eval injection vulnerability in the a kmzImportWithMesh.py Script for Blender 0.1.9h, as used in b Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted 1 KML or 2 KMZ file...

Open Conference Systems = 2.8.2 Remote File Inclusion

Open Conference Systems = 2.8.2 Remote File Inclusion Download Source : http://pkp.sfu.ca/ocs/download/ocs-1.1.3.tar.gz Found By : TrZiNDaN Location : TurkeY -- [email protected] file ; importxml.php bugs ; at -- importxml.php includeonce"$srcdir/patient.inc"; includeonce"$srcdir/acl.inc"; exmp...