CVE-2005-0262

Buffer overflow in iplvaryon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument...

CVE-2004-0982

Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ at sign in a URL...

CVE-2004-1131

Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments...

CVE-2003-1057

Unknown vulnerability in CDE Print Viewer dtprintinfo for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code...

security flaw

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2005-0240

Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message...

DEBIAN-CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2004-0884

The 1 libsasl and 2 libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASLPATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASLPATH to point to malicious programs...

CVE-2005-0121

Multiple buffer overflows in golddig 2.0 and earlier allow local users to execute arbitrary code via 1 a long map name command line argument or 2 a long username as recorded in the USER environment variable...

CVE-2004-1372

Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via 1 a long third argument to the rec2xml function or 2 a long filename argument to the generatedistfile procedure...

security flaw

Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...

CVE-2005-0117

Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS field...

CVE-2005-0117

Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS field...

DEBIAN-CVE-2004-1076

Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file...

CVE-2004-1330

Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username...

CVE-2004-2269

Stack-based buffer overflow in pads.c in Passive Asset Detection System Pads might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability...

CVE-2004-2013

Integer overflow in the SCTPSOCKOPTDEBUGNAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory...

CVE-2004-2571

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...

DEBIAN-CVE-2004-1484

Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...