CVE-2008-1808

Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via 1 a crafted table in a Printer Font Binary PFB file or 2 a crafted SHC instruction in a TrueType Font TTF file, which triggers a heap-based buffer overflow...

CVE-2008-1808

CVE-2008-1808 : Multiple off-by-one errors in FreeType2 up to version 2.3.5 (pre-2.3.6) can be triggered by a crafted table in a Printer Font Binary (PFB) file or a crafted SHC instruction in a TrueType Font (TTF) file, leading to a heap-based buffer overflow and potential arbitrary code executio...

CVE-2008-1808

Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via 1 a crafted table in a Printer Font Binary PFB file or 2 a crafted SHC instruction in a TrueType Font TTF file, which triggers a heap-based buffer overflow...

WebChamado 1.1 Arbitrary Add Admin Exploit

No description provided by source. !/usr/bin/perl ============================================ WebChamado 1.1 Arbitrary Add Admin Exploit ============================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

DEBIAN-CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

FreeType 2 -- Multiple Vulnerabilities

Secunia reports: An integer overflow error exists in the processing of PFB font files. This can be exploited to cause a heap-based buffer overflow via a PFB file containing a specially crafted "Private" dictionary table. An error in the processing of PFB font files can be exploited to trigger the...

CVE-2008-2388

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...

Code injection

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...

CVE-2008-2388

CVE-2008-2388 affects opensuse-updater in openSUSE 10.2. The vulnerability is described as multiple off-by-one errors in the updater component, with the impact and attack vectors stated as unspecified. The vendor notes these “can be considered no security problem,” and no concrete exploitation de...

CVE-2008-2388

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...

openSUSE 10 Security Update : opensuse-updater (opensuse-updater-5262)

This update fixes a symlink problem and two off-by-one vulnerabilities. The overflows can be considered no security problem but the symlink flaw could be used by local users to gain unauthorized access to information like passwords. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

libbind off-by-one buffer overflow

Off-by-one error in the inetnetwork function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via crafted input that triggers memory corruption...

python off-by-one locale.strxfrm() (possible memory disclosure)

Off-by-one error in the PyLocalestrxfrm function in Modules/localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due ...

CVE-2003-1557

CVE-2003-1557 affects SpamAssassin spamc (versions 2.40–2.43). An off-by-one buffer overflow in BSMTP mode (-B) allows remote attackers to trigger arbitrary code execution via email headers starting with a leading "." character. Multiple connected sources (Red Hat, Debian, CVE listings, OSV, NVD)...

TopperMod 2.0 - SQL Injection

Author: GiReX mySite: girex.altervista.org CMS: TopperMod v2.0 Site: rtcw.ch/mio/index.php Bug: SQL Injection Type: 1 - Priviledge Escalation from user to mod 2 - Remote user password change File: /account/index.php Var : $localita Need: magicquotesgpc = Off You must be logged in Vuln Code:...

EasyGallery 5.0tr - Multiple Vulnerabilities

--==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ EasyGallery "alert"JosS + Cross Site Scripting: Vuln File: index.php Exploit: http://localhost/PATH/staticpages/easygallery/index.php?help=about&q=XSS Example: %22+onmouseover=alert"JosS"+...

EasyGallery 5.0tr - Multiple Vulnerabilities

EasyGallery 5.0tr - Multiple Vulnerabilities --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ EasyGallery "alert"JosS + Cross Site Scripting: Vuln File: index.php Exploit: http://localhost/PATH/staticpages/easygallery/index.php?help=about&q=XSS...

EasyCalendar 4.0tr - Multiple Vulnerabilities

EasyCalendar 4.0tr - Multiple Vulnerabilities --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ EasyCalendar 'alert"JosS"%3B --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+...

openSUSE 10 Security Update : compat-openssl097g (compat-openssl097g-5054)

This update of openssl fixes a off-by-one buffer overflow in function SSLgetsharedciphers. This vulnerability potentially allows remote code execution; depending on memory layout of the process. CVE-2007-5135 We released updates for openssl already, but an update for the compat 0.9.7g openssl...