344 matches found
CVE-2006-0765
GUI display truncation vulnerability in ICQ Inc. formerly Mirabilis ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...
[SECURITY] [DSA 949-1] New crawl packages fix potential group games execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 949-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2006 http://www.debian.org/security/faq -...
CVE-2005-2686
Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the 1 SITEPath parameter to menudx.php or 2 CONTENTSDir parameter to menusx.php...
Microsoft Word Malformed Document Font Processing Buffer Overflow Vulnerability
Description Microsoft Word is affected by a remote buffer overflow vulnerability. This vulnerability presents itself when a .doc file contains specific malformed input. Upon attempting to read the malformed .doc file, the affected application fails to properly validate data within the file. This...
[SA15827] Adobe Reader / Acrobat Two Vulnerabilities
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
ARPUS/Ce - Local File Overwrite (setuid)
/ Copyright Kevin Finisterre - ripped from my perlex.c DISCLAIMER I am in no way responsible for your stupidity. DISCLAIMER I am in no way liable for any damages caused by compilation and or execution of this code. WARNING DO NOT RUN THIS UNLESS YOU KNOW WHAT YOU ARE DOING WARNING overwriting...
CVE-2004-1391
Untrusted execution path vulnerability in the PPPoE daemon PPPoEd in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program...
CVE-2004-1162
The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via the 1 -rshcmd or 2 -sshcmd flags...
CVE-2004-1161
rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via 1 rdist -P, 2 rsync, or 3 scp -S...
CVE-2004-1329
Untrusted execution path vulnerability in the diag commands 1 lsmcode, 2 diagexec, 3 invscout, and 4 invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program...
CVE-2004-1885
Ipswitch WSFTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe...
CVE-2004-1391
Untrusted execution path vulnerability in the PPPoE daemon PPPoEd in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program...
CVE-2004-1028
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod...
CVE-2004-1161
Removed by vendor...
TC-IDE unfiltered shell characters problem
Shell characters filtering problem on external program execution in multiple utilities...
Debian DSA-097-1 : exim - Uncontrolled program execution
Patrice Fournier discovered a bug in all versions of Exim older than Exim 3.34 and Exim 3.952. The Exim maintainer, Philip Hazel, writes about this issue: 'The problem exists only in the case of a run time configuration which directs or routes an address to a pipe transport without checking the...
Debian DSA-036-1 : Midnight Commander - arbitrary program execution
It has been reported that a local user could tweak Midnight Commander of another user into executing an arbitrary program under the user id of the person running Midnight Commander. This behaviour has been fixed by Andrew V. Samoilov. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian DSA-377-1 : wu-ftpd - insecure program execution
wu-ftpd, an FTP server, implements a feature whereby multiple files can be fetched in the form of a dynamically constructed archive file, such as a tar archive. The names of the files to be included are passed as command line arguments to tar, without protection against them being interpreted as...
QNX PPPoEd 2.4/4.25/6.2 - Multiple Local Buffer Overrun Vulnerabilities
source: https://www.securityfocus.com/bid/11104/info QNX PPPoEd is reported to be prone to multiple local buffer overflow vulnerabilities. The issues presents themselves when PPPoEd handles certain command line arguments that are greater than 256 bytes in length. Because variables that are crucia...
GLSA-200405-18 : Buffer Overflow in Firebird
The remote host is affected by the vulnerability described in GLSA-200405-18 Buffer Overflow in Firebird A buffer overflow exists in three Firebird binaries gdsinetserver, gdslockmgr, and gdsdrop that is exploitable by setting a large value to the INTERBASE environment variable. Impact : An...