2903 matches found
Stack overflow
Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to...
CVE-2008-4420
Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to...
CVE-2008-4420
CVE-2008-4420 concerns multiple stack-based buffer overflows in DZIP32.DLL (DynaZip Max) and DZIPS32.DLL (DynaZip Max Secure) that are triggered by a long filename in a ZIP archive during actions such as Fix/Repair, Add, Update, or Freshen. The vulnerables are DynaZip components shipped in variou...
Max CMS2. 0beta (maxcms)SQL injection vulnerability-vulnerability warning-the black bar safety net
Author: flyh4t http://bbs.wolvez.org Keywords: home-max CMS2. 0 This system was internally very popular video-on-demand system, before 1. 5 version vulnerability very much, the 2.0 version in terms of security has improved, but still there are loopholes exist. Look at the code \inc\ajax. asp dim...
Max Blog 1.0.6 SQL Injection
Salvatore "drosophila" Fresta Application: Max.Blog http://www.mzbservices.com Version: Max.Blog = 1.0.6 Bug: SQL Injection Exploitation: Remote Dork: intext:"Powered by Max.Blog" Date: 20 Jan 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila" Fresta e-mail:...
DZ! sodb-2 0 0 8-1 3 EXP published-vulnerability warning-the black bar safety net
!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = ‘www.80vul.com’; // Server domain or IP $path = ‘/discuz/’; // Where the program path $key = 0; // The above variable is edited, make will the value...
DEBIAN-CVE-2008-4867
Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCAMAXFRAMESIZE value...
articlepro-sql.txt
Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Blind Sql Injection Script : Article Publisher Pro : http://www.phparticlescript.com/ Greetz : Allah , All my freind P0c : http://localhost/contactauthor.php?userid=1+and+1=1 true...
kernel snd_seq_oss_synth_make_info leak
The sndseqosssynthmakeinfo function in sound/core/seq/oss/seqosssynth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by maxsynthdev before returning certain data to the caller, which allows local users to obtain...
kernel snd_seq_oss_synth_make_info leak
The sndseqosssynthmakeinfo function in sound/core/seq/oss/seqosssynth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by maxsynthdev before returning certain data to the caller, which allows local users to obtain...
ruby: integer overflows in rb_ary_fill() / Array#fill
Integer overflow in the rbaryfill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service crash or possibly have unspecified other impact via a call to the Arrayfill method with a start aka beg argument greater than ARYMAXSIZE. NOTE: this...
phpAdsNew cross-site scripting vulnerability
Overview phpAdsNew, an open source web advertising management system, contains a cross-site scripting vulnerability. Note that phpAdsNew is now called "Openads." The products listed below use the same module as phpAdsNew thus they are also affected by the vulnerability. - phpPgAds 2.0.9-pr1 and...
gd: GIF handling buffer overflow
Buffer overflow in the LWZReadByte function in ext/gd/libgd/gdgifin.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with inputcodesize greater than MAXLWZBITS, which triggers an overflow when initializing the table array...
CVE-2008-0373
The CVE-2008-0373 entry describes an unrestricted file upload vulnerability in PHP F1 Max’s File Uploader, enabling remote attackers to upload and execute arbitrary PHP files on the affected server. The underlying issue is improper validation/handling of uploaded files, leading to arbitrary code ...
CVE-2008-0225
Heap-based buffer overflow in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmffdumpheader function and related to disregarding the max field. NOTE...
DEBIAN-CVE-2007-6441
The WiMAX dissector in Wireshark formerly Ethereal 0.99.6 allows remote attackers to cause a denial of service crash via unknown vectors related to "unaligned access on some platforms."...
pcre integer overflow
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...
pcre integer overflow
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...
pcre integer overflow
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...
net-snmp remote DoS via udp packet
The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...