2171 matches found
CVE-2005-1342
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands...
CVE-2005-0574
Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. dot dot sequences in the URL...
CVE-2005-0927
Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences...
CVE-2005-0764
Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences...
DEBIAN-CVE-2005-0437
Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. dot dot sequences in the loadplugin parameter...
DEBIAN-CVE-2005-0764
Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences...
CVE-2005-0450
Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows remote attackers to read arbitrary files via an HTTP request containing 1 .. dot dot or 2 "%2e%2e" encoded dot dot sequences...
CVE-2005-0764
Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences...
CVE-2005-1308
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...
CVE-2005-1308
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...
CVE-2005-1308
CVE-2005-1308 affects SqWebMail. The vulnerability arises from CRLF sequence handling in the redirect parameter, enabling remote injection of arbitrary HTML/script and likely XSS. Impact described across sources includes attacker-controlled script execution in users’ browsers and potential sessio...
CVE-2004-1488
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code...
CVE-2005-1308
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...
CVE-2005-1308
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...
CVE-2005-0764
Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences...
BOA Web server directory traversal
Directory traversal by using ESC sequences /2E2E/ allows to access any system file...
security flaw
Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service crash or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value...
PT-2005-1333 · Biborb · Biborb
Name of the Vulnerable Software and Affected Versions: BibORB versions 1.3.2 and earlier Description: The issue allows remote attackers to delete arbitrary files via a Delete action and .. dot dot sequences in the database name parameter in index.php. Recommendations: For BibORB versions 1.3.2 an...
HP-UX PHSS_29735 : s700_800 11.11 CDE Base Periodic Patch
s700800 11.11 CDE Base Periodic Patch : The remote HP-UX host is affected by multiple vulnerabilities : - Certain dtterm escape sequences have the potential to be misused. HPSBUX00309 SSRT3507 - A potential buffer overflow exists in a function called by the suid root program dtmailpr. HPSBUX00300...
HP-UX PHSS_30167 : s700_800 11.04 (VVOS) CDE Runtime Patch
s700800 11.04 VVOS CDE Runtime Patch : The remote HP-UX host is affected by multiple vulnerabilities : - CDE libDtHelp has a potential buffer overflow. HPSBUX00297 SSRT3657 - Certain dtterm escape sequences have the potential to be misused. HPSBUX00309 SSRT3507 - There is a buffer overflow in...