CVE-2008-3220

Cross-site request forgery CSRF vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."...

CVE-2008-3220

Cross-site request forgery CSRF vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."...

CVE-2008-3220

CVE-2008-3220 is a CSRF vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 that allows remote attackers to trigger administrative actions via vectors involving deletion of translated strings. The issue arises from inadequate CSRF protection in administrative flows. Exploitation details are...

python repr unicode buffer overflow

Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts...

GLSA-200806-06 : Evolution: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200806-06 Evolution: User-assisted execution of arbitrary code Alin Rad Pop Secunia Research reported two vulnerabilities in Evolution: A boundary error exists when parsing overly long timezone strings contained within iCalendar...

Stack overflow

Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings...

CVE-2008-1104

Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings...

CVE-2008-1658

Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...

CVE-2008-1384

Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the phpsprintfappendstring function in formattedprint.c and probably other...

FreeBSD : mplayer -- multiple vulnerabilities (de4d4110-ebce-11dc-ae14-0016179b2dd5)

The Mplayer team reports : A buffer overflow was found in the code used to extract album titles from CDDB server answers. When parsing answers from the CDDB server, the album title is copied into a fixed-size buffer with insufficient size checks, which may cause a buffer overflow. A malicious...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : evolution vulnerability (USN-583-1)

Ulf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails. A remote attacker could exploit this by sending a specially crafted email, resulting in arbitrary code execution. Note that Tenable Network Security has extracted the preceding...

USN-583-1: Evolution vulnerability

Ulf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails. A remote attacker could exploit this by sending a specially crafted email, resulting in arbitrary code execution...

Crysis <= 1.1.1.5879 Remote Format String Denial of Service PoC

No description provided by source. The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP...

crysis-format.txt

The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP+8 30503270 52 PUSH EDX 30503271 FF...

Crysis 1.1.1.5879 - Remote Format String Denial of Service (PoC)

The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP+8 30503270 52 PUSH EDX 30503271 FF...

Crysis 1.1.1.5879 - Remote Format String Denial of Service (PoC)

Crysis 1.1.1.5879 - Remote Format String Denial of Service PoC The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : pcre3 vulnerability (USN-581-1)

It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences. In certain situations, an attacker could exploit applications linked against PCRE by tricking a user or automated system in processing a malicious regular expression leading to a denial of service or...

USN-581-1: PCRE vulnerability

It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences. In certain situations, an attacker could exploit applications linked against PCRE by tricking a user or automated system in processing a malicious regular expression leading to a denial of service or...

FreeBSD : xfce -- multiple vulnerabilities (024edd06-c933-11dc-810c-0016179b2dd5)

Gentoo reports : A remote attacker could entice a user to install a specially crafted 'rc' file to execute arbitrary code via long strings in the 'Name' and 'Comment' fields or via unspecified vectors involving the second vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

VB Marketing - 'tseekdir.cgi' Local File Inclusion

source: https://www.securityfocus.com/bid/27475/info VB Marketing is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to include local script code in the context of t...