Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to 1 core/modules/my/my.module.php or 2 core/modules/xml/xml.module.php; the COREROOT parameter to 3 config.loader.php, 4...

CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

USN-435-1: Xine vulnerability

Moritz Jodeit discovered that the DirectShow loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges...

Subversion 0.3.71.0.0 - Remote Buffer Overflow

Subversion 0.3.71.0.0 - Remote Buffer Overflow / hoagiesubversion.c Remote exploit against Subversion-Servers. Author: greuff Tested on Subversion 1.0.0 and 0.37 Algorithm: This is a two-stage exploit. The first stage overflows a buffer on the stack and leaves us 60 bytes of machine code to be...