Lucene search
K

5412 matches found

securityvulns
securityvulns
added 2006/06/02 12:0 a.m.43 views

[SA20376] Firefox Multiple Vulnerabilities

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

1.5AI score
Exploits0
Mozilla
Mozilla
added 2006/06/01 12:0 a.m.30 views

Web site XSS using BOM on UTF-8 pages — Mozilla

Masatoshi Kimura reports that the Unicode Byte-order-Mark BOM is stripped from UTF-8 pages during the conversion to Unicode before the parser sees the web page. As a result the parser will see and process script tags that web input sanitizers may miss because they appear as "scrBOMipt" or similar...

4.3CVSS1AI score0.0167EPSS
Exploits0References2Affected Software3
myhack58
myhack58
added 2006/05/31 12:0 a.m.21 views

ASP database plug horse small conference-vulnerability warning-the black bar safety net

lake2 ( http://lake2.0x54.org ) With the development of technology, ASP database plug horse also is not what fresh stuff, believe you played this. Oh, and that you have not met insert the asp code is spaces apart case? i.e. insertion of each of the characters between the There are spaces for? Now...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2006/05/30 4:11 p.m.90 views

MS05-017 Microsoft Message Queueing Service Path Overflow

This module exploits a stack buffer overflow in the RPC interface to the Microsoft Message Queueing service. The offset to the return address changes based on the length of the system hostname, so this must be provided via the 'HNAME' option. Much thanks to snort.org and Jean-Baptiste Marchand's...

10CVSS7.3AI score0.76803EPSS
Exploits10
myhack58
myhack58
added 2006/05/14 12:0 a.m.16 views

ASP database plug horse small conference-vulnerability warning-the black bar safety net

With the development of technology, ASP database plug horse also is not what fresh stuff, believe you played this. Oh, and that you have not met insert the asp code is spaces apart case? i.e. insertion of each of the characters between the There are spaces for? Now, let us to solve this problem...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.44 views

FreeBSD : bogofilter -- heap corruption through malformed input (92140bc9-7bde-11da-8ec4-0002b3b60e4c)

Matthias Andree reports : When using Unicode databases default in more recent bogofilter installations, upon encountering invalid input sequences, bogofilter or bogolexer could overrun a malloc'd buffer, corrupting the heap, while converting character sets. Bogofilter would usually be processing...

7.5CVSS5.4AI score0.05512EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.13 views

FreeBSD : rxvt-unicode -- restore permissions on tty devices (c2fdb3bc-7d72-11da-b96e-000fb586ba73)

A rxvt-unicode changelog reports : SECURITY FIX: on systems using openpty, permissions were not correctly updated on the tty device and were left as world-readable and world-writable likely in original rxvt, too, and were not restored properly. Affected are only systems where non-unix ptys were...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.30 views

FreeBSD : firefox & mozilla -- multiple vulnerabilities (8f5dd74b-2c61-11da-a263-0001020eed82)

A Mozilla Foundation Security Advisory reports of multiple issues : Heap overrun in XBM image processing jackerror reports that an improperly terminated XBM image ending with space characters instead of the expected end tag can lead to a heap buffer overrun. This appears to be exploitable to...

7.5CVSS6.6AI score0.0686EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/05/09 12:0 a.m.18 views

JVN#84775942 Multiple email clients vulnerable to directory traversal due to inappropriate unicode handling

Impact Actual impact could differ depending on the email clients though, an attacker coulld possibly forge a file name or a email client could handle a file inappropriately which may result in a file being overwritten or an arbitray file being created and saved in an arbitrary directory. Solution...

7.2AI score
Exploits0
NVD
NVD
added 2006/05/04 12:38 p.m.13 views

CVE-2006-2170

Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer...

6.4CVSS7.9AI score0.053EPSS
Exploits1References9
Prion
Prion
added 2006/05/04 12:38 p.m.14 views

Buffer overflow

Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer...

6.4CVSS8.3AI score0.053EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2006/05/04 10:0 a.m.17 views

CVE-2006-2170

Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer...

7.9AI score0.053EPSS
Exploits1References9
CVE
CVE
added 2006/05/04 10:0 a.m.42 views

CVE-2006-2170

CVE-2006-2170 affects ArgoSoft FTP Server 1.4.3.6. A buffer overflow is triggered by Unicode in the RNTO command, allowing remote attackers to execute arbitrary code. Exploitation was demonstrated by the Infigo FTPStress Fuzzer. The CVSS base score is 6.4 (Medium) with network access, low attack ...

6.4CVSS7.9AI score0.053EPSS
Exploits1References9Affected Software1
Prion
Prion
added 2006/04/26 12:6 a.m.23 views

Buffer overflow

Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when...

6.5CVSS8.1AI score0.0386EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2006/04/26 12:6 a.m.25 views

CVE-2006-2027

Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when...

6.5CVSS7.7AI score0.0386EPSS
Exploits0References4
CVE
CVE
added 2006/04/26 12:0 a.m.57 views

CVE-2006-2027

CVE-2006-2027 describes a buffer overflow in Unicode processing within the logging functionality of Pablo Software Solutions Quick 'n Easy FTP Server (Professional and Lite, probably v3.0). The flaw could allow remote authenticated users to execute arbitrary code by sending a command with a long ...

6.5CVSS7.8AI score0.0386EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/04/26 12:0 a.m.28 views

CVE-2006-2027

Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when...

7.7AI score0.0386EPSS
Exploits0References4
securityvulns
securityvulns
added 2006/04/25 12:0 a.m.42 views

Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow

IHS Iran Homeland Security Public advisory by : c0d3r "Kaveh Razavi" [email protected] Title : Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow information : Quick 'n Easy FTP Server is a simple and handy FTP server which is developed by Pablo van der Meer . there is a unicode...

Exploits0
NVD
NVD
added 2006/04/12 12:2 a.m.27 views

CVE-2006-0014

Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book WAB file containing "certain Unicode strings" and modified length values...

5.1CVSS7.6AI score0.23875EPSS
Exploits0References17
Prion
Prion
added 2006/04/12 12:2 a.m.18 views

Buffer overflow

Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book WAB file containing "certain Unicode strings" and modified length values...

5.1CVSS8AI score0.23875EPSS
Exploits0References17Affected Software1
Rows per page
Query Builder