2395 matches found
CVE-2008-5028
Cross-site request forgery CSRF vulnerability in cmd.cgi in 1 Nagios 3.0.5 and 2 op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests...
CVE-2008-5027
The Nagios process in 1 Nagios before 3.0.5 and 2 op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an a custom form or a b browser addon...
CVE-2008-5028
Cross-site request forgery CSRF vulnerability in cmd.cgi in 1 Nagios 3.0.5 and 2 op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests...
Security feature bypass
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method...
YourFreeWorld Programs Rating (details.php id) SQL Injection Vulnerability
No description provided by source. ||| Programs Rating details.php id Remote SQL Injection Vulnerability || Author: Hussin X || Home : WwW.IQ-TY.CoM || email: darkangelg85atYahooDoTcom ||| script :http://www.yourfreeworld.com/script/rating.php ||| DorK : ^ Exploit...
CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
DEBIAN-CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
YourFreeWorld Programs Rating - SQL Injection
||| Programs Rating details.php id Remote SQL Injection Vulnerability || Author: Hussin X || Home : WwW.IQ-TY.CoM || email: darkangelg85atYahooDoTcom ||| script :http://www.yourfreeworld.com/script/rating.php ||| DorK : ^ Exploit...
CVE-2008-4865
CVE-2008-4865 concerns Valgrind prior to version 3.4.0. The vulnerability is an untrusted search path issue: a Trojan horse named ".valgrindrc" in the current working directory can be read by Valgrind, allowing a local user to influence execution (e.g., via a malicious --db-command). The availabl...
CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
Trend Micro OfficeScan CGI programs POST request buffer overflow
Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...
Trend Micro OfficeScan CGI programs POST request buffer overflow
Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...
Trend Micro OfficeScan CGI programs POST request buffer overflow
Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...
[SECURITY] Fedora 8 Update: ed-1.1-1.fc8
Ed is a line-oriented text editor, used to create, display, and modify text files both interactively and via shell scripts. For most purposes, ed has been replaced in normal usage by full-screen editors emacs and vi, for example. Ed was the original UNIX editor, and may be used by some programs. ...
Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)
Unspecified vulnerability in scripting language support in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants itself...
Stack overflow
Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to...
CVE-2008-4699
Insecure method vulnerability in the ActiveX control PAWWeb11.ocx in Peachtree Accounting 2004 allows remote attackers to execute arbitrary programs via the ExecutePreferredApplication method...
CVE-2008-3466
Microsoft Host Integration Server HIS 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS...
CVE-2008-3466
Microsoft Host Integration Server HIS 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS...
CVE-2008-4385
Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in 1 a certain ActiveX control sysreqlab2.cab, sysreqlab.dll,...