4316 matches found
Input validation
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions...
mplayer -- heap overflow in the ASF demuxer
The Mplayer team reports: A potential buffer overflow was found in the ASF demuxer. Arbitrary remote code execution is possible under the user ID running the player when streaming an ASF file from a malicious server or local code execution under the user ID running the player if a malicious ASF...
Ubuntu 4.10 / 5.04 / 5.10 : curl vulnerability (USN-228-1)
Stefan Esser discovered several buffer overflows in the handling of URLs. By attempting to load an URL with a specially crafted invalid hostname, a local attacker could exploit this to execute arbitrary code with the privileges of the application that uses the cURL library. It is not possible to...
DEBIAN-CVE-2006-0083
Format string vulnerability in the logging code of SMS Server Tools smstools 1.14.8 and earlier allows local users to execute arbitrary code via unspecified attack vectors...
CVE-2005-4791
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 liferea or 2 banshee...
CVE-2005-4790
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 beagle, 2 tomboy, or 3 blam. NOTE: in August 2007, the tomboy vector...
CVE-2005-4681
Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerabilit...
DEBIAN-CVE-2005-4791
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 liferea or 2 banshee...
PT-2005-5346 · Mirc · Mirc
Name of the Vulnerable Software and Affected Versions: mIRC versions 5.91 through 6.16 Description: A buffer overflow issue allows local users to potentially execute arbitrary code by entering a long string after reaching the DCC Get Folder Dialog. The vendor has disputed this issue, suggesting i...
DEBIAN-CVE-2005-3535
Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors...
CVE-2005-3535
Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors...
Multiple Network-related Vulnerabilities in Electric Sheep
Polytechnic University ISIS Security Advisory PUISIS10212005 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://isis.poly.edu/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -...
CVE-2005-4271
The CVE-2005-4271 entry describes a buffer overflow in the malloc debug system on IBM AIX 5.3 that allows local users to execute arbitrary code. Affected component: AIX 5.3 malloc debug subsystem. Root cause: buffer overflow in the malloc debug mechanism (as per NVD description). Impact: local pr...
CVE-2005-3903
Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S scheme argument that specifies a large file, a different vulnerability than CVE-2001-1063...
CVE-2004-2571
Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...
CVE-2004-2552
Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privileg...
CVE-2004-2552
Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privileg...
iTunes For Windows < 6.0 Local Code Execution
Binary data 3296.prm...
CVE-2005-2120
CVE-2005-2120 is a stack-based buffer overflow in the Windows Plug and Play (PnP) service (UMPNPMGR.DLL) on Windows 2000 SP4 and Windows XP SP1/SP2. The overflow occurs when processing a registry key name containing a large number of backslashes, triggered in wsprintfW, allowing remote or local a...
security flaw
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread...