Lucene search
K

2346 matches found

nvd
nvd
added 2005/12/31 5:0 a.m.15 views

CVE-2005-4814

Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory...

7.5CVSS7.5AI score0.01258EPSS
Exploits0References2
ubuntu
ubuntu
added 2005/12/13 12:17 a.m.65 views

USN-222-2: Perl vulnerability

USN-222-1 fixed a vulnerability in the Perl interpreter. It was discovered that the version of USN-222-1 was not sufficient to handle all possible cases of malformed input that could lead to arbitrary code execution, so another update is necessary. Original advisory: Jack Louis of Dyad Security...

4.6CVSS8.6AI score0.01374EPSS
Exploits2
cert
cert
added 2005/12/06 12:0 a.m.33 views

Perl contains an integer sign error in format string processing

Overview The Perl interpreter contains a flaw that may increase the impact of format string vulnerabilities in programs written in Perl. Description Perl is a programming language used in many applications and commonly used for web applications. The Perl interpreter, which interprets and executes...

4.6CVSS8.4AI score0.01374EPSS
Exploits2References2
ubuntu
ubuntu
added 2005/12/02 10:23 p.m.43 views

USN-222-1: Perl vulnerability

Jack Louis of Dyad Security discovered that Perl did not sufficiently check the explicit length argument in format strings. Specially crafted format strings with overly large length arguments led to a crash of the Perl interpreter or even to execution of arbitrary attacker-defined code with the...

4.6CVSS8.4AI score0.01374EPSS
Exploits2
nessus
nessus
added 2005/11/02 12:0 a.m.30 views

Mandrake Linux Security Advisory : ruby (MDKSA-2005:191)

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C...

7.5CVSS5.2AI score0.03256EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/10/21 12:0 a.m.34 views

Symantec Norton AntiVirus and another Symantec security products for Macintosh privilege escalation

Norton Antivirus DiskMountNotify suid utility executes external applications by relative name. LiveUpdate contains suid wrapper for Java interpreter without proper command line check...

3.3AI score
Exploits0References3Affected Software5
nessus
nessus
added 2005/10/19 12:0 a.m.33 views

Debian DSA-864-1 : ruby1.8 - programming error

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions : old stable woody...

7.5CVSS5.3AI score0.03256EPSS
Exploits0References3
osv
osv
added 2005/10/13 12:0 a.m.14 views

DSA-864-1 ruby1.8 - programming error

Bulletin has no description...

7.5CVSS6.3AI score0.03256EPSS
Exploits0
debian
debian
added 2005/10/11 4:55 a.m.33 views

[SECURITY] [DSA 860-1] New Ruby packages fix safety bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 860-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.1AI score0.03256EPSS
Exploits0
osv
osv
added 2005/10/11 12:0 a.m.12 views

DSA-862-1 ruby1.6 - programming error

Bulletin has no description...

7.5CVSS6.3AI score0.03256EPSS
Exploits0
osv
osv
added 2005/10/11 12:0 a.m.17 views

DSA-860-1 ruby - programming error

Bulletin has no description...

7.5CVSS6.3AI score0.03256EPSS
Exploits0
nessus
nessus
added 2005/10/11 12:0 a.m.26 views

Debian DSA-862-1 : ruby1.6 - programming error

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions : old stable woody...

7.5CVSS5.3AI score0.03256EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/08/13 12:0 a.m.31 views

[SA16398] PHP Designer 2005 NULL Character File Display Weakness

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

Exploits0
ubuntucve
ubuntucve
added 2005/05/02 4:0 a.m.32 views

CVE-2005-1159

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers ...

7.5CVSS6.1AI score0.02946EPSS
Exploits0References3
redhat
redhat
added 2005/04/22 8:17 p.m.5 views

security flaw

The openexec function in the execve functionality exec.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter PTINTERP functionality...

2.1CVSS5.7AI score0.0081EPSS
Exploits0References4
ubuntu
ubuntu
added 2005/03/24 5:45 p.m.80 views

USN-99-2: Fixed php4 packages for USN-99-1

USN-99-1 fixed a safe mode bypass which allowed malicious PHP scripts to circumvent path restrictions by creating a specially crafted directory whose length exceeded the capacity of the realpath function CAN-2004-1064. However, this caused severe regressions, some applications like SquirrelMail a...

10CVSS5.3AI score0.03735EPSS
Exploits0
cve
cve
added 2005/02/13 5:0 a.m.45 views

CVE-2004-1442

CVE-2004-1442 describes a cross-site scripting (XSS) vulnerability in the db2www CGI interpreter of IBM Net.Data 7 and 7.2. The issue allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is mishandled in error messages such as DTWP001E. The provided sources i...

4.3CVSS5.8AI score0.04252EPSS
Exploits1References9Affected Software1
cvelist
cvelist
added 2004/12/31 5:0 a.m.22 views

CVE-2004-1234

loadelfbinary in Linux before 2.4.26 allows local users to cause a denial of service system crash via an ELF binary in which the interpreter is NULL...

5.8AI score0.00542EPSS
Exploits1References17
cve
cve
added 2004/12/31 5:0 a.m.75 views

CVE-2004-1234

The CVE-2004-1234 entry refers to a vulnerability in the Linux kernel where load_elf_binary for ELF binaries with a NULL interpreter can trigger a denial of service (system crash) on local attackers. This affects Linux kernels prior to 2.4.26. The SUSE security page and related OpenVAS/DSA entrie...

2.1CVSS5.8AI score0.00542EPSS
Exploits1References17Affected Software1
redhat
redhat
added 2004/12/23 8:47 p.m.3 views

security flaw

loadelfbinary in Linux before 2.4.26 allows local users to cause a denial of service system crash via an ELF binary in which the interpreter is NULL...

2.1CVSS5.8AI score0.00542EPSS
Exploits1References4
Rows per page
Query Builder