Qt library buffer overflow

Buffer overflow on Unicode strings parsing...

Important: Red Hat Security Advisory: qt security update

Updated qt packages that correct two security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications for t...

Crlf injection

CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to spoof the information in the Image File Header tab via strings with CRLF sequences in the IMAGEEXPORTDIRECTORY array in a PE file, which could complicate forensics investigations...

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

DEBIAN-CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

CVE-2007-3776

Cisco Unified Communications Manager CUCM, formerly CallManager and Unified Presence Server CUPS allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka 1 CSCsj20668 and 2 CSCsj25962...

codeigniter-multi.txt

CodeIgniter is a powerful PHP framework with a very small footprint, built for PHP coders who need a simple and elegant toolkit to create full-featured web applications. http://www.codeigniter.com 1. sanitizeglobals global variables unsetting By setting e.g. "SERVER=anonymous" cookie in the...

fujitsu-primergy-disclose.txt

Advisory: Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure RedTeam Pentesting discovered an information disclosure in the Fujitsu- Siemens BX300 Switch Blade during a penetration test. By accessing URLs of the web interface directly and aborting the authentication dialog, one is...

CVE-2007-3422

The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP before 0.9.9.7 attempts to parse query strings that contain 1 non-printing characters, 2 certain printing characters that do not commonly occur in URLs, or 3 invalid URL encoding sequences, which has unknown impact and remote...

CVE-2007-3360

hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands...

CVE-2007-2722

Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers to cause a denial of service application instability via certain invalid strings in the URL attribute of an ENCLOSURE element, as demonstrated by a "%s" sequence, a "%Y" sequence, a "%%" sequence, and an "n," sequence...

Code injection

Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers to cause a denial of service application instability via certain invalid strings in the URL attribute of an ENCLOSURE element, as demonstrated by a "%s" sequence, a "%Y" sequence, a "%%" sequence, and an "n," sequence...

CVE-2007-2722

Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers to cause a denial of service application instability via certain invalid strings in the URL attribute of an ENCLOSURE element, as demonstrated by a "%s" sequence, a "%Y" sequence, a "%%" sequence, and an "n," sequence...

Heap overflow

Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...

fenice-overflow.txt

/ Fedora Core 6 exec-shield based Fenice OMS server fenice-1.10.tar.gz remote root exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference: http://www.securityfocus.com/bid/17678 vendor:...

CVE-2007-2036

The SNMP implementation in the Cisco Wireless LAN Controller WLC before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384...

elinks format string vulnerability

Relative path is used to search text strings .po file. It makes it possible to spoof the file and to conduct format string attack...

PHP mail() function invalid characters processing

Unfiltered rn and 0 characters allows strings injection and header truncation...

PHP GD扩展释放资源访问代码执行漏洞

PHP是一款广泛使用的WEB开发脚本语言。 PHP GD扩展存在设计错误，远程攻击者可能利用此漏洞获得对释放内存的访问并使用恶意数据覆盖而执行任意代码。 问题存在于GD函数中，在通过资源识别器获得资源数据后，可能用usercode来中断PHP函数，usercode就会会破坏资源，并获取与其内存相同位置来分配PHP字符串相同大小的空间作为释放资源。这个字符串可以用于建立特定构建的资源，以允许利用内部PHP函数，当恶意中断终止函数时，会继续使用替代资源数据。导致任意代码执行。 要获得需要的函数中断，通常需要放置对象到函数的某个参数中，这会在转化一个超长值时触发PHP错误。 PHP PHP...

USN-438-1: Inkscape vulnerability

A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges...