CVE-2007-4273

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the 1 OSSEMEMDBG or 2 TRCLOGFILE environment variable in db2licd...

Design/Logic Flaw

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

CVE-2007-3508

Integer overflow in the processenvvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LDHWCAPMASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution...

DEBIAN-CVE-2007-1320

Multiple heap-based buffer overflows in the cirrusinvalidateregion function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty...

VCDGear 3.56 Build 050213 - FILE Local Code Execution

VCDGear 3.56 Build 050213 - FILE Local Code Execution / 0day Discovered by: InTeL Auther: InTeL Attack Vector: SEH overwrite Type: Local Tested on Win2k SP4 English Software: VCDGear v3.56 build 050213 Website: www.vcdgear.com Description: "VCDGear is a program designed to allow a user to extract...

VCDGear 3.56 Build 050213 - 'FILE' Local Code Execution

/ 0day Discovered by: InTeL Auther: InTeL Attack Vector: SEH overwrite Type: Local Tested on Win2k SP4 English Software: VCDGear v3.56 build 050213 Website: www.vcdgear.com Description: "VCDGear is a program designed to allow a user to extract MPEG streams from CD images, convert VCD files to MPE...

CVE-2006-4250

Buffer overflow in man and mandb man-db 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag...

p5-Imager -- possibly exploitable buffer overflow

Imager 0.56 and all earlier versions with BMP support have a security issue when reading compressed 8-bit per pixel BMP files where either a compressed run of data or a literal run of data overflows the scan-line. Such an overflow causes a buffer overflow in a malloc allocated memory buffer,...

PT-2007-2879 · Libftp +1 · Libftp +1

Name of the Vulnerable Software and Affected Versions: LIBFtp version 3.1-1 Description: A buffer overflow issue exists in the set umask function in QFTP, allowing local users to potentially execute arbitrary code via a long -m argument. However, it is noted that QFTP is not setuid, and it is...

PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit

Exploit for linux platform in category local exploits ================================================================== PHP 4.4.5 / 5.2.1 shmop Functions Local Code Execution Exploit ================================================================== ?php...

PHP &lt; 4.4.5/5.2.1 - &#039;shmop&#039; Local Code Execution

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

PHP 4.4.55.2.1 - shmop Local Code Execution

PHP 4.4.55.2.1 - shmop Local Code Execution ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the...

security flaw

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

security flaw

Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

security flaw

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

security flaw

Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data...

CVE-2006-6101

Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data...

CVE-2006-6102

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

CVE-2006-6101

Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data...