atftp 缓冲区错误漏洞

atftp is a client-side implementation of the TFTP protocol. A security vulnerability exists in atftp, which stems from the fact that options.c in atftp reads to the end of an array, thus exposing server-side /etc/group data to a remote client...

CVE-2007-6550

form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter...