PT-2006-2918 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.10.x up to 0.10.14 Description: The issue is related to multiple buffer overflows that can be triggered remotely, potentially allowing attackers to cause a denial of service crash and possibly execute arbitrary code. This ...

security flaw

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption...

[SECURITY] [DSA 795-2] Updated i386 proftpd packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 795-2 [email protected] http://www.debian.org/security/ Michael Stone September 2, 2005 http://www.debian.org/security/faq -...

security flaw

The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of t...

GLSA-200507-12 : Bugzilla: Unauthorized access and information disclosure

The remote host is affected by the vulnerability described in GLSA-200507-12 Bugzilla: Unauthorized access and information disclosure Bugzilla allows any user to modify the flags of any bug CAN-2005-2173. Bugzilla inserts bugs into the database before marking them as private, in connection with...

CVE-2005-1997

show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host parameter...

security flaw

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers ...

security flaw

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers ...

GLSA-200504-16 : CVS: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-16 CVS: Multiple vulnerabilities Alen Zukich has discovered several serious security issues in CVS, including at least one buffer overflow CAN-2005-0753, memory leaks and a NULL pointer dereferencing error. Furthermore when...

Oracle Trigger Abuse (#NISR2122004I)

NGSSoftware Insight Security Research Advisory Name: Oracle 10g/9i Trigger Abuse Systems Affected: Oracle 10g/9i on all operating systems Severity: High risk Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...

RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability

RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability AUTHOR: Fortinet, inc Hongzhen Zhoufelixzhou at hotmail dot com DATE: 14/12/2004 PRODUCTS: RICOH Aficio 450/455 PCL 5e PrinterSAVIN 9945 DPE/2045 DPE Other RICOH Aficio products or Toshiba printer products?may be vulnerable DETAILS: RICOH...

mpg123 -- buffer overflow in URL handling

Carlos Barros reports that mpg123 contains two buffer overflows. These vulnerabilities can potentially lead to execution of arbitrary code. The first buffer overflow can occur when mpg123 parses a URL with a user-name/password field that is more than 256 characters long. This problem can be...

Oracle 9i - Multiple Vulnerabilities

Oracle 9i - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/10871/info Reportedly, multiple unspecified Oracle products contain multiple unspecified vulnerabilities. The reported vulnerabilities include SQL-injection issues, buffer-overflow issues, and others. There have also...

XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit

Exploit for linux platform in category remote exploits ======================================================= XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit ======================================================= / X-Chatv1.8.0 - v2.0.8: socks-5 remote buffer overflow exploit. by:...

StarSiege Tribes Server - Denial of Service (2)

StarSiege Tribes Server - Denial of Service 2 source: https://www.securityfocus.com/bid/8184/info StarSiege Tribes Game Server has been reported prone to a remotely triggered denial of service vulnerability. The issue presents itself when the affected server receives and processes a malformed UDP...

HP HP-UX 10.20 IBM AIX 4.1.5 - connect() Denial of Service

HP HP-UX 10.20 IBM AIX 4.1.5 - connect Denial of Service source: https://www.securityfocus.com/bid/352/info Certain versions of AIX and HP/UX contained a bug in the way the OS handled the connect system call. The connect call is used to initiate a connection on a socket. Because of the flaw in th...