293 matches found
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a...
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities
Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a victim's browser, allowing the attacker to steal cookie-based credentials a...
Apple Mac OSX 10.3.7 - mRouter Local Privilege Escalation
Apple Mac OSX 10.3.7 - mRouter Local Privilege Escalation / fm-iSink.c overflow in mRouter, suid binary used by iSync, on OSX include include define VULNPROG "/System/Library/SyncServices/SymbianConduit.bundle/Contents/Resources/ mRouter" define MAXBUFSIZE 4096 char shellcode = // Shellcode by...
[Powie's PSCRIPT Forum] Multiple SQL-Injection Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple SQL-Injection Vulnerabilities in Powie's PSCRIPT Forum Summary Product Powie's PSCRIPT Forum Version = 1.26 OS affected All with PHP and mySQL Remote Exploit Yes Risk Lvl Medium High Vendor Thomas 'Powie' Erhardt http://www.pscript.de/ Inform...
Multiple XSS Vulnerabilities in Wordpress 1.2
Vendor : Wordpress URL : http://wordpress.org/ Version : Wordpress 1.2 Risk : XSS Description: WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability. ... Go to http://wordpress.org/ for detailed information. Cross Site...
CVE-2002-1064
CVE-2002-1064 affects Jana Server 2.x (up to 2.2.1) and 1.4.6 and earlier. The vulnerability arises because the server generates different responses for valid versus invalid usernames, enabling remote attackers to enumerate valid user accounts. The available documents state the existence and impa...
CVE-2002-1066
The CVE-2002-1066 entry concerns Jana Server (POP3) versions 1.4.6 and earlier. The issue is a buffer overflow caused by a large message index value in the RETR or DELE commands, which exceeds array limits and enables remote denial of service and possible arbitrary code execution. Affected compon...
CVE-2002-1063
CVE-2002-1063 affects Jana Server 2.x (up to 2.2.1) and 1.4.6 and earlier. The vulnerability allows remote attackers to cause a denial of service by issuing a large number of FTP PASV requests, leading to resource exhaustion and exhaustion of available FTP ports. The available connected documents...
CVE-2002-1062
The CVE-2002-1062 issue is a signedness error in Thomas Hauck Jana Server versions 2.x (up to 2.2.1) and 1.4.6 and earlier. It allows remote attackers to execute arbitrary code by sending overly long values for (1) Username, (2) Password, or (3) Hostname. The available documents identify the affe...
CVE-2002-1061
The CVE-2002-1061 entry concerns multiple buffer overflows in Jana Server (JanaServer) 2.x up to 2.2.1 and 1.4.6 and earlier. The root cause is improper handling of excessively long values in protocol responses/requests, notably: (1) long HTTP major version in an HTTP GET, (2) long major version ...
x11amp.txt
Vulnerability: Any user can overwrite any file in the system. title=x11amp ver .70 authors=Mikael Alm, Thomas Nilsson, Olle Hallnas system=any that run this version [email protected] Grampa Elite Overview: To start out with I am pretty sure that I am not the one that has found this...
CVE-1999-0392
Buffer overflow in Thomas Boutell's cgic library version up to 1.05...
CVE-1999-0392
CVE-1999-0392 corresponds to a buffer overflow in Thomas Boutell’s cgic library, affecting versions up to 1.05. The incident is corroborated by multiple connected records (Red Hat CVE entry and PT-1999-1078) that identify the vulnerable component as cgic and specify the affected range up to 1.05....