682 matches found
Remedy for: Remot File Include In phpexplorator_2_0
Best Remedy: Configure a web server authentification for using file phpexplorator.php. Good Remedy: Use phpexplorator.class.php and personalise it like your want see http://sourceforge.net/forum/forum.php?threadid=1664845&forumid=637317 Another remedy: Permute line 4902 with line 4903 like this:...
security flaw
Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line...
security flaw
Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line...
CVE-2006-7038
Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service crash via 1 "long command lines at port 32000" and 2 certain name service queries that are not properly handled by the SMTP service...
Design/Logic Flaw
Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service memory exhaustion and interrupted mail recovery via malformed e-mail header information, possibly related to 1 long subject lines or 2 large numbers of recipients in To or CC headers...
[KAPDA]::Security analysis of cutenews 1.4.5
Product: cutenews 1.4.5 Vendor: http://cutephp.com The Results through security analysis of cutenews 1.4.5 provided by KAPDA.ir -------------------------------------------------- Test plan: Manual penetration testing: YES Using automated tools: NO Code Auditing: YES Statistical Results from...
CVE-2006-5902
viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...
CVE-2006-5902
viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...
Buffer overflow
Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via 1 the raydiumlog function in log.c or 2 the raydiumconsolelineadd function in console.c, possibly from a long player name...
DEBIAN-CVE-2006-1905
Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file...
USN-265-1: cairo/Evolution library vulnerability
When rendering glyphs, the cairo graphics rendering library did not check the maximum length of character strings. A request to display an excessively long string with cairo caused a program crash due to an X library error. Mike Davis discovered that this could be turned into a Denial of Service...
Buffer overflow
Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via 1 a long command line argument and 2 a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the...
[Full-disclosure] Symantec Antivirus Library Remote Heap Overflows
Date December 20, 2005 Vulnerability The Symantec Antivirus Library provides file format support for virus analysis. During decompression of RAR files Symantec is vulnerable to multiple heap overflows allowing attackers complete control of the systems being protected. These vulnerabilities can be...
Panda Remote Heap Overflow
Date November 29, 2005 Vulnerability The Panda Antivirus Library provides file format support for virus analysis. During decompression of ZOO files Panda is vulnerable to a heap overflow allowing attackers complete control of the systems being protected. This vulnerability can be exploited remote...
DEBIAN-CVE-2005-3354
Stack-based buffer overflow in the ldifgetline function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines...
CVS malformed entry lines flaw
The remote CVS server, according to its version number, might allow an attacker to execute arbitrary commands on the remote system because of a flaw relating to malformed Entry lines which lead to a missing NULL terminator. Among the issues deemed likely to be exploitable were: - a double-free...
DEBIAN-CVE-2005-2661
Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line...
CVE-2004-1475
Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via 1 long VideoCD vcd:// MRLs or 2 long subtitle lines...
PT-2005-1282 · Ngircd · Ngircd
Name of the Vulnerable Software and Affected Versions: ngIRCd versions prior to 0.8.2 Description: The issue is caused by an integer underflow in the Lists MakeMask function, which can lead to a denial of service application crash and potentially allow the execution of arbitrary code. This occurs...
Eternal Lines Web Server DoS
Concurrent connections number is limited and timeout is not implemented...