Lucene search
K

682 matches found

securityvulns
securityvulns
added 2007/05/22 12:0 a.m.50 views

Remedy for: Remot File Include In phpexplorator_2_0

Best Remedy: Configure a web server authentification for using file phpexplorator.php. Good Remedy: Use phpexplorator.class.php and personalise it like your want see http://sourceforge.net/forum/forum.php?threadid=1664845&forumid=637317 Another remedy: Permute line 4902 with line 4903 like this:...

0.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/03/14 12:24 a.m.4 views

security flaw

Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line...

9.3CVSS6.5AI score0.04691EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/03/02 6:27 p.m.4 views

security flaw

Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line...

9.3CVSS6.5AI score0.04691EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/02/23 1:0 a.m.20 views

CVE-2006-7038

Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service crash via 1 "long command lines at port 32000" and 2 certain name service queries that are not properly handled by the SMTP service...

7AI score0.01875EPSS
Exploits0References5
Prion
Prion
added 2006/12/31 5:0 a.m.19 views

Design/Logic Flaw

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service memory exhaustion and interrupted mail recovery via malformed e-mail header information, possibly related to 1 long subject lines or 2 large numbers of recipients in To or CC headers...

4.3CVSS7AI score0.30805EPSS
Exploits0References13Affected Software2
securityvulns
securityvulns
added 2006/11/22 12:0 a.m.36 views

[KAPDA]::Security analysis of cutenews 1.4.5

Product: cutenews 1.4.5 Vendor: http://cutephp.com The Results through security analysis of cutenews 1.4.5 provided by KAPDA.ir -------------------------------------------------- Test plan: Manual penetration testing: YES Using automated tools: NO Code Auditing: YES Statistical Results from...

6.2AI score
Exploits0
NVD
NVD
added 2006/11/15 3:7 p.m.15 views

CVE-2006-5902

viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/11/15 3:0 p.m.21 views

CVE-2006-5902

viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...

6.7AI score0.01262EPSS
Exploits0References1
Prion
Prion
added 2006/05/16 10:2 a.m.14 views

Buffer overflow

Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via 1 the raydiumlog function in log.c or 2 the raydiumconsolelineadd function in console.c, possibly from a long player name...

7.5CVSS8.5AI score0.06031EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2006/04/20 10:2 a.m.1 views

DEBIAN-CVE-2006-1905

Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file...

7.5CVSS8.1AI score0.14259EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2006/03/23 10:44 p.m.56 views

USN-265-1: cairo/Evolution library vulnerability

When rendering glyphs, the cairo graphics rendering library did not check the maximum length of character strings. A request to display an excessively long string with cairo caused a program crash due to an X library error. Mike Davis discovered that this could be turned into a Denial of Service...

5CVSS5.7AI score0.10765EPSS
Exploits1
Prion
Prion
added 2006/03/09 12:2 a.m.19 views

Buffer overflow

Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via 1 a long command line argument and 2 a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the...

7.2CVSS7.5AI score0.00526EPSS
Exploits1References14Affected Software1
securityvulns
securityvulns
added 2005/12/20 12:0 a.m.27 views

[Full-disclosure] Symantec Antivirus Library Remote Heap Overflows

Date December 20, 2005 Vulnerability The Symantec Antivirus Library provides file format support for virus analysis. During decompression of RAR files Symantec is vulnerable to multiple heap overflows allowing attackers complete control of the systems being protected. These vulnerabilities can be...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2005/12/01 12:0 a.m.36 views

Panda Remote Heap Overflow

Date November 29, 2005 Vulnerability The Panda Antivirus Library provides file format support for virus analysis. During decompression of ZOO files Panda is vulnerable to a heap overflow allowing attackers complete control of the systems being protected. This vulnerability can be exploited remote...

2.8AI score
Exploits0
OSV
OSV
added 2005/11/20 9:3 p.m.0 views

DEBIAN-CVE-2005-3354

Stack-based buffer overflow in the ldifgetline function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines...

5.1CVSS7.6AI score0.03788EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.31 views

CVS malformed entry lines flaw

The remote CVS server, according to its version number, might allow an attacker to execute arbitrary commands on the remote system because of a flaw relating to malformed Entry lines which lead to a missing NULL terminator. Among the issues deemed likely to be exploitable were: - a double-free...

10CVSS0.6AI score0.13206EPSS
Exploits0References1
OSV
OSV
added 2005/10/14 10:2 a.m.1 views

DEBIAN-CVE-2005-2661

Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line...

7.5CVSS7.9AI score0.12112EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/02/13 5:0 a.m.30 views

CVE-2004-1475

Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via 1 long VideoCD vcd:// MRLs or 2 long subtitle lines...

7.4AI score0.08374EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2005/02/06 12:0 a.m.4 views

PT-2005-1282 · Ngircd · Ngircd

Name of the Vulnerable Software and Affected Versions: ngIRCd versions prior to 0.8.2 Description: The issue is caused by an integer underflow in the Lists MakeMask function, which can lead to a denial of service application crash and potentially allow the execution of arbitrary code. This occurs...

9.8CVSS6.9AI score0.18767EPSS
Exploits1References10
securityvulns
securityvulns
added 2005/02/02 12:0 a.m.25 views

Eternal Lines Web Server DoS

Concurrent connections number is limited and timeout is not implemented...

1.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder