CVE-2011-0901

Multiple stack-based buffer overflows in the tsclaunchremote function src/support.c in Terminal Server Client tsclient 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long 1 username, 2 password, or 3 domain argument. NOTE:...

CVE-2011-0901

The CVE-2011-0901 entry affects Terminal Server Client (tsclient) 0.150 and possibly other versions. The vulnerability is due to multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) that let an attacker supply a crafted .RDP file with long username, password, or...

(0Day) IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Informix Database Server. SQL query execution privileges are required to exploit this vulnerability. The specific flaw exists within the oninit process bound to TCP port 9088 when processing th...

RedHat Update for postgresql RHSA-2011:0197-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Stack overflow

Multiple stack-based buffer overflows in the Cisco WebEx Recording Format WRF and Advanced Recording Format ARF Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted 1 .wrf or 2 .arf file, related to use of a function pointer in a...

CVE-2010-3270

CVE-2010-3270 covers two WebEx vulnerabilities: a stack-based buffer overflow in Cisco WebEx Meeting Center (polling via .atp) and in WebEx Player-related .wrf/.atp handling. Public writeups (CORE-2010-1001) describe that WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 is suscept...

CVE-2010-4712

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing 1 multiple items separated by ; semicolon characters or 2 crafted string data...

Cisco WebEx .atp and .wrf Overflow Vulnerabilities

Core Security Technologies - Corelabs Advisory Cisco WebEx .atp and .wrf Overflow Vulnerabilities 1. Advisory Information Title: Cisco WebEx .atp and .wrf Overflow Vulnerabilities Advisory ID: CORE-2010-1001 Advisory URL:...

CentOS Update for wireshark CESA-2011:0013 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2010-2777

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command...

SuSE 10 Security Update : libxml (ZYPP Patch Number 6482)

This update of libxml does not use pointers after they were freed anymore. CVE-2009-2416 Additionally a stack-based buffer overflow was fixed while parsing the root XML document. CVE-2009-2414 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, In...

SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7303)

This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs. The following security issues were fixed : - A local attacker could use a Oops kernel crash caused by other flaws to write a 0 byte to a attacker controlled address in the kernel. This could lea...

[ MDVSA-2011:015 ] pcsc-lite

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:015 http://www.mandriva.com/security/ Package : pcsc-lite Date : January 20, 2011 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found an...

SuSE 11.1 Security Update : IBM Java 6 (SAT Patch Number 2553)

This update of IBM Java 6 to Service Request 8 to fixes the following security issues : - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unkno...

Mandriva Update for xfig MDVSA-2011:010 (xfig)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-0501

Stack-based buffer overflow in Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long line in a .mamx file...

CVE-2011-0495

Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...

CVE-2011-0488

Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio 6.1 and InduSoft Web Studio 7.0, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long request to TCP port 8...

CVE-2010-4531

CVE-2010-4531 : PCSC-Lite’s ATRDecodeAtr in the ATR Handler (atrhandler.c) suffers a stack-based buffer overflow. The issue affects pcscd in PCSC-Lite 1.5.3 and possibly other 1.5.x/1.6.x versions, allowing a physically proximate attacker to cause a denial of service and potentially execute arbit...

CVE-2009-5018

Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png...