Lucene search
K

3643 matches found

Prion
Prion
added 2009/05/26 4:30 p.m.26 views

Design/Logic Flaw

mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...

4.3CVSS6.6AI score0.09979EPSS
Exploits7References16Affected Software3
UbuntuCve
UbuntuCve
added 2009/05/26 4:30 p.m.17 views

CVE-2009-1789

mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...

4.3CVSS5.9AI score0.08488EPSS
Exploits1References1
Cvelist
Cvelist
added 2009/05/26 4:0 p.m.27 views

CVE-2009-1789

mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...

6.2AI score0.08488EPSS
Exploits1References16
RedHat Linux
RedHat Linux
added 2009/05/22 12:21 p.m.5 views

freetype integer overflow

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative npoints value, which leads to an integer overflow and heap-based buffer overflow...

6.8CVSS6.6AI score0.05833EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/05/22 12:6 p.m.3 views

freetype integer overflow

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative npoints value, which leads to an integer overflow and heap-based buffer overflow...

6.8CVSS6.6AI score0.05833EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/04/28 12:0 a.m.22 views

Mandrake Security Advisory MDVSA-2009:093 (mpg123)

The remote host is missing an update to mpg123 announced via advisory MDVSA-2009:093. OpenVAS Vulnerability Test $Id: mdksa2009093.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:093 mpg123 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

10CVSS1.8AI score0.05437EPSS
Exploits0
OSV
OSV
added 2009/04/16 3:12 p.m.2 views

DEBIAN-CVE-2009-1301

Integer signedness error in the storeid3text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service out-of-bounds memory access and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtain...

10CVSS7.6AI score0.05437EPSS
Exploits0References1
OSV
OSV
added 2009/03/31 6:24 p.m.2 views

DEBIAN-CVE-2009-0840

Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header...

10CVSS6.8AI score0.05283EPSS
Exploits2References1
OSV
OSV
added 2009/03/03 4:30 p.m.1 views

DEBIAN-CVE-2008-6393

PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer...

10CVSS8.3AI score0.18201EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.22 views

Fedora Update for squid FEDORA-2007-4170

Check for the Version of squid OpenVAS Vulnerability Test Fedora Update for squid FEDORA-2007-4170 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

5CVSS6.5AI score0.26858EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2009/01/20 3:45 p.m.4 views

dovecot: incorrect handling of negative rights in the ACL plugin

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.1AI score0.02328EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2008/11/26 12:0 a.m.22 views

WinComLPD Total Multiple Vulnerabilities

This host is installed with WinComLPD Total and is prone to buffer overflow and authentication bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbwincomlpdtotalmultvuln.nasl 5370 2017-02-20 15:24:26Z cfi $ WinComLPD Total Multiple Vulnerabilities Authors: Chandan S Copyright: Copyright c...

10CVSS0.2AI score0.59668EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2008/10/17 12:0 a.m.43 views

Dovecot ACL Plugin Security Bypass Vulnerabilities

This host has Dovecot ACL Plugin installed and is prone to multiple security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbdovecotmultsecbypassvuln.nasl 5158 2017-02-01 14:53:04Z mime $ Dovecot ACL Plugin Security Bypass Vulnerabilities Authors: Chandan S Copyright: Copyright c 2008...

6.4CVSS0.3AI score0.02328EPSS
Exploits0References2
OSV
OSV
added 2008/10/15 8:8 p.m.3 views

DEBIAN-CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS6.9AI score0.02328EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2008/10/15 8:8 p.m.3 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS5.5AI score0.02328EPSS
Exploits0References18
ATTACKERKB
ATTACKERKB
added 2008/10/15 12:0 a.m.3 views

CVE-2008-4558

Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...

6.8CVSS6.1AI score0.08495EPSS
Exploits1References9
Prion
Prion
added 2008/10/15 12:0 a.m.16 views

Code injection

Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...

6.8CVSS7.8AI score0.08495EPSS
Exploits1References8Affected Software1
Positive Technologies
Positive Technologies
added 2008/10/15 12:0 a.m.2 views

PT-2008-5795 · Dovecot +1 · Dovecot +1

Name of the Vulnerable Software and Affected Versions: Dovecot versions prior to 1.1.4 Description: The issue allows attackers to bypass intended access restrictions due to the ACL plugin treating negative access rights as if they are positive access rights. Recommendations: For versions prior to...

7.5CVSS7.4AI score0.02328EPSS
Exploits0References24
OSV
OSV
added 2008/10/15 12:0 a.m.2 views

DEBIAN-CVE-2008-4558

Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...

6.8CVSS8.2AI score0.08495EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2008/10/05 12:0 a.m.46 views

dovecot -- ACL plugin bypass vulnerabilities

Timo Sirainen reports in dovecot 1.1.4 release notes: ACL plugin fixes: Negative rights were actually treated as positive rights. 'k' right didn't prevent creating parent/child/child mailbox. ACL groups weren't working...

5CVSS6.5AI score0.01679EPSS
Exploits0
Rows per page
Query Builder