CVE-2002-2396

This CVE (CVE-2002-2396) affects Advanced TFTP (atftp) versions 0.5 and 0.6. The vulnerability is a buffer overflow in code that runs when atftp is installed with setuid or setgid, allowing a local user to potentially execute arbitrary code via a long argument to the -g option. Root cause is a bu...

CVE-2007-5730

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of...

CVE-2007-5729

The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used...

CVE-2007-5730

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of...

DEBIAN-CVE-2007-5729

The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used...

DEBIAN-CVE-2007-5730

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of...

CVE-2007-5730

CVE-2007-5730 : Heap-based buffer overflow in QEMU 0.8.2 (used by Xen and possibly other products) allows local users to execute arbitrary code via crafted data in the net socket listen option. The MiracleLinux AXSA advisories list this CVE among issues affecting Xen-related components and, in up...

CVE-2003-1426

Openwebmail in cPanel 5.0 (when run with suid Perl) writes the SCRIPT_FILENAME directory into Perl's @INC, enabling local users to run arbitrary code by pointing SCRIPT_FILENAME to a directory containing a malicious openwebmail-shared.pl. This CVE (CVE-2003-1426) describes a local-privilege-vecto...

CVE-2007-5358

Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow 1 remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or 2 local users to execute arbitrary code via a long...

DEBIAN-CVE-2007-5358

Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow 1 remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or 2 local users to execute arbitrary code via a long...

CVE-2007-5358

Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow 1 remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or 2 local users to execute arbitrary code via a long...

CVE-2004-2729

Technical details about CVE-2004-2729 are not publicly available in the provided documents. Monitor for updates from official advisories for affected versions and impact.

X.org composite extension buffer overflow

Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap...

CVE-2007-4273

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the 1 OSSEMEMDBG or 2 TRCLOGFILE environment variable in db2licd...

Design/Logic Flaw

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

CVE-2007-3508

Integer overflow in the processenvvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LDHWCAPMASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution...

DEBIAN-CVE-2007-1320

Multiple heap-based buffer overflows in the cirrusinvalidateregion function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty...

VCDGear 3.56 Build 050213 - FILE Local Code Execution

VCDGear 3.56 Build 050213 - FILE Local Code Execution / 0day Discovered by: InTeL Auther: InTeL Attack Vector: SEH overwrite Type: Local Tested on Win2k SP4 English Software: VCDGear v3.56 build 050213 Website: www.vcdgear.com Description: "VCDGear is a program designed to allow a user to extract...

VCDGear 3.56 Build 050213 - 'FILE' Local Code Execution

/ 0day Discovered by: InTeL Auther: InTeL Attack Vector: SEH overwrite Type: Local Tested on Win2k SP4 English Software: VCDGear v3.56 build 050213 Website: www.vcdgear.com Description: "VCDGear is a program designed to allow a user to extract MPEG streams from CD images, convert VCD files to MPE...

CVE-2006-4250

Buffer overflow in man and mandb man-db 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag...