7988 matches found
CVE-2007-6125
SQL injection vulnerability in searchform.php in Softbiz Freelancers Script 1 allows remote attackers to execute arbitrary SQL commands via the sbprotype parameter...
jetaudio-local.txt
!/usr/bin/python jetAudio 7.x m3u File 0day Local SEH Overwrite Exploit Bug discovered by Krystian Kloskowski h07 Tested on: jetAudio 7.0.3 Basic / 2k SP4 Polish Shellcode: Windows Execute Command calc Just for fun ; from struct import pack m3u = "EXTM3U\nhttp://%s" shellcode =...
DEBIAN-CVE-2007-4154
SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the pageoptions parameter to 1 options-general.php, 2 options-writing.php, 3 options-reading.php, 4 options-discussion.php, 5 options-privacy.php, 6...
CVE-2007-2006
Multiple SQL injection vulnerabilities in login.php in pL-PHP beta 0.9 allow remote attackers to execute arbitrary SQL commands via the 1 login or 2 pass parameter...
PT-2007-2717 · Li · Li-Guestbook
Name of the Vulnerable Software and Affected Versions: LI-Guestbook versions 1.1 through 1.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the country parameter in the guestbook.php file when magic quotes gpc is disabled. Recommendations: For versions 1.1 an...
CVE-2007-1171
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie...
SupportSoft ActiveX controls contain multiple buffer overflows
Overview The SupportSoft ActiveX controls contain multiple buffer overflow vulnerabilities, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SupportSoft provides multiple ActiveX packages that are used by third party vendors to...
RHEL 3 / 4 : libgsf (RHSA-2007:0011)
Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...
CentOS 3 / 4 : libgsf (CESA-2007:0011)
Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...
DEBIAN-CVE-2007-0262
WordPress 2.0.6, and 2.1Alpha 3 SVN:4662, does not properly verify that the m parameter value has the string data type, which allows remote attackers to obtain sensitive information via an invalid m parameter, as demonstrated by obtaining the path, and obtaining certain SQL information such as th...
PT-2007-1215 · Portix · Portix-Php
Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the username and passwd fields in the login component. Recommendations: For Portix-PHP version 0.4.2, update to a version that fixes...
libgsf security update
CentOS Errata and Security Advisory CESA-2007:0011 Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and...
Moderate: Red Hat Security Advisory: libgsf security update
Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...
security flaw
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...
DEBIAN-CVE-2007-0107
WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets, as demonstrated using UTF-7...
LibGSF远程堆溢出漏洞
GNOME Structured File Library是一款勇于读取和写结构文件格式的工具库 GNOME Structured File Library存在堆溢出问题,远程攻击者可以利用漏洞以链接此库的应用程序进程权限执行任意指令。 问题存在于'oleinitinfo'函数中,此函数当分配内存时只分配'numbat'指定的数目大小,当读取文件内容时,'nummetabat'指定的数目用于循环的边界,由于不正确的对变量进行验证,可导致堆溢出,精心构建恶意文件内容。诱使用户解析,可以链接此库的应用程序进程权限执行任意指令。 libgsf libgsf 1.14.1 libgsf libg...
LibGSF程序库远程堆溢出漏洞
GNOME结构化文件库(LibGSF)是用于读写结构化文件格式的工具库。 多家厂商的操作系统中所捆绑的libgsf库的oleinitinfo函数中存在堆溢出漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 在分配内存时oleinitinfo函数仅获得了numbat中所指定数目的空间,然后在读取文件内容时nummetabat中所指定的数目被用作了循环的边界。由于没有充分地验证变量,因此攻击者可能通过诱骗用户打开特制的OLE文档触发堆溢出,导致执行任意指令。 Jody Goldberg libgsf 1.14.1 Jody Goldberg libgsf 1.14 Jody...
iDefense Security Advisory 11.30.06: Multiple Vendor libgsf Heap Overflow Vulnerability
Multiple Vendor libgsf Heap Overflow Vulnerability iDefense Security Advisory 11.30.06 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 30, 2006 I. BACKGROUND The GNOME Structured File Library is a utility library for reading and writing structured file formats. This library replaces...
CVE-2006-4514
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...
CVE-2006-4514
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...