Lucene search
K

5410 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

Multiple email clients vulnerable to directory traversal due to inappropriate unicode handling

Overview Some email clients contain a vulnerability when handling an attached file with a file name using unicode. This may result in a directory traversal attack or displaying a file name diffrently from the actual file name. Impact Actual impact could differ depending on the email clients thoug...

5CVSS7AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.3 views

Cross-site scripting vulnerability in the Unicode version of msearch

Overview The Unicode version of msearch, a full text search engine for websites, contains a cross-site scripting vulnerability. This problem is caused by a function added to the Unicode version of msearch. Impact A malicious script may be executed on the user's web browser. Solution None...

4.3CVSS6.2AI score0.00948EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/05/20 2:15 p.m.3 views

python repr unicode buffer overflow

Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts...

7.5CVSS6.2AI score0.05063EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2008/05/09 12:0 a.m.26 views

GLSA-200805-03 : Multiple X11 terminals: Local privilege escalation

The remote host is affected by the vulnerability described in GLSA-200805-03 Multiple X11 terminals: Local privilege escalation Bernhard R. Link discovered that RXVT opens a terminal on :0 if the '-display' option is not specified and the DISPLAY environment variable is not set. Further research ...

6.9CVSS5.5AI score0.00363EPSS
Exploits1References3
securityvulns
securityvulns
added 2008/05/08 12:0 a.m.47 views

[ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation

Gentoo Linux Security Advisory GLSA 200805-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

6.9CVSS8.3AI score0.00363EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/05/01 12:0 a.m.22 views

Fedora 7 : perl-5.8.8-29.fc7 (2008-3399)

Tue Apr 29 2008 Marcela Maslanova - 4:5.8.8-29 - CVE-2008-1927 buffer overflow, when unicode character is used. - Thu Jan 31 2008 Tom 'spot' Callaway - 4:5.8.8-28 - create /usr/lib/perl5/vendorperl/5.8.8/auto and own it in base perl resolves bugzilla 214580 - Mon Nov 26 2007 Tom 'spot' Callaway -...

7.5CVSS8.3AI score0.0483EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2008/04/30 12:0 a.m.16 views

Debian Security Advisory DSA 1556-2 (perl)

The remote host is missing an update to perl announced via advisory DSA 1556-2. OpenVAS Vulnerability Test $Id: deb15562.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1556-2 perl Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS7.5AI score0.03153EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/04/30 12:0 a.m.13 views

Debian Security Advisory DSA 1556-1 (perl)

The remote host is missing an update to perl announced via advisory DSA 1556-1. OpenVAS Vulnerability Test $Id: deb15561.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1556-1 perl Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS0.03153EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/04/30 12:0 a.m.11 views

Debian Security Advisory DSA 1556-1 (perl)

The remote host is missing an update to perl announced via advisory DSA 1556-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS7.5AI score0.03153EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2008/04/28 12:0 a.m.31 views

Debian DSA-1556-2 : perl - heap buffer overflow

It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct. When...

5CVSS6.1AI score0.03153EPSS
Exploits1References3
securityvulns
securityvulns
added 2008/04/25 12:0 a.m.77 views

[SECURITY] [DSA 1556-1] New perl packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1556-1 [email protected] http://www.debian.org/security/ Florian Weimer April 24, 2008 http://www.debian.org/security/faq -...

5CVSS0.3AI score0.03153EPSS
Exploits1
seebug.org
seebug.org
added 2008/04/24 12:0 a.m.10 views

DivX Player 6.7 SRT File Subtitle Parsing Buffer Overflow Exploit

No description provided by source. // Exploit.cpp : Defines the entry point for the console application. // include "stdafx.h" / DivX Player =6.7 srt subtitle parsing exploit Coded by [email protected] Tested on Windows XP SP2 + DivX Player 6.7.0...

7.1AI score
Exploits0
OSV
OSV
added 2008/04/24 12:0 a.m.36 views

DSA-1556-2 perl - denial of service

Bulletin has no description...

5CVSS7.4AI score0.03153EPSS
Exploits1
Exploit DB
Exploit DB
added 2008/04/24 12:0 a.m.27 views

DivX Player 6.7 - '.srt' File Subtitle Parsing Buffer Overflow

// Exploit.cpp : Defines the entry point for the console application. // include "stdafx.h" / DivX Player =6.7 srt subtitle parsing exploit Coded by [email protected] Tested on Windows XP SP2 + DivX Player 6.7.0 Credit to securfrog for his PoC Actually this exploit is not relevant to DivX 6.6....

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/04/18 12:0 a.m.25 views

divx66.py.txt

!/usr/bin/python DivX 6.6 SRT SEH overwrite PoC Tested on XP SP2 Coded by Mati Aharoni, aka muts and Chris Hadnagy, aka loganWHD muts..at..offensive-security...dot..com chris..at..offensive-security...dot..com http://www.offensive-security.com/0day/divx66.py.txt Notes: Unicode buffer - real pita...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/04/18 12:0 a.m.14 views

DivX Player 6.6.0 - .srt File Buffer Overflow (SEH)

DivX Player 6.6.0 - .srt File Buffer Overflow SEH !/usr/bin/python DivX 6.6 SRT SEH overwrite PoC Tested on XP SP2 Coded by Mati Aharoni, aka muts and Chris Hadnagy, aka loganWHD muts..at..offensive-security...dot..com chris..at..offensive-security...dot..com...

0.6AI score
Exploits0
0day.today
0day.today
added 2008/04/18 12:0 a.m.29 views

DivX Player 6.6.0 SRT File SEH Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ====================================================== DivX Player 6.6.0 SRT File SEH Buffer Overflow Exploit ====================================================== !/usr/bin/python DivX 6.6 SRT SEH overwrite PoC Tested on XP SP2 Coded by Ma...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2008/04/07 5:0 p.m.30 views

CVE-2008-1142

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that th...

8.4AI score0.00363EPSS
Exploits1References14
Prion
Prion
added 2008/04/06 11:44 p.m.16 views

Stack overflow

Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute arbitrary code via a long download URL, which is not properly handled during Unicode conversion for a balloon notification after a download has failed...

10CVSS8.6AI score0.6749EPSS
Exploits10References7Affected Software1
NVD
NVD
added 2008/04/06 11:44 p.m.20 views

CVE-2008-1602

Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute arbitrary code via a long download URL, which is not properly handled during Unicode conversion for a balloon notification after a download has failed...

10CVSS7.9AI score0.6749EPSS
Exploits10References7
Rows per page
Query Builder