5412 matches found
ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability
ZDI-06-007: Microsoft Windows Address Book WAB File Format Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-007.html April 11, 2006 -- CVE ID: CVE-2006-0014 -- Affected Vendor: Microsoft -- Affected Products: Windows XP SP2 Windows 2000 SP4 -- TippingPointTM IPS Customer...
CVE-2006-0014
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book WAB file containing "certain Unicode strings" and modified length values...
Buffer overflow
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string...
CVE-2006-1038
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string...
CVE-2006-1038
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string...
CVE-2006-1038
CVE-2006-1038 concerns a buffer overflow in Van Dyke SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier. The underlying issue occurs when a Unicode string is converted to a narrow string, enabling remote attackers to trigger the overflow. The impact is described as unknown in the sources,...
KDE libraries / Konqueror buffer overflow
Buffer overflow on Unicode URL parsing within JavaScript processor...
Ubuntu 4.10 / 5.04 : mozilla-thunderbird vulnerabilities (USN-200-1)
A buffer overflow was discovered in the XBM image handler. By tricking an user into opening a specially crafted XBM image, an attacker could exploit this to execute arbitrary code with the user's privileges. CAN-2005-2701 Mats Palmgren discovered a buffer overflow in the Unicode string parser...
MDKSA-2005:169 : mozilla-firefox
A number of vulnerabilities have been discovered in Mozilla Firefox that have been corrected in version 1.0.7: A bug in the way Firefox processes XBM images could be used to execute arbitrary code via a specially crafted XBM image file CVE-2005-2701. A bug in the way Firefox handles certain Unico...
Ubuntu 4.10 : samba vulnerability (USN-29-1)
During an audit of the Samba 3.x code base Stefan Esser discovered a Unicode file name buffer overflow within the handling of TRANSACT2QFILEPATHINFO replies. A malicious samba user with write access to a share could exploit this by creating specially crafted path names files with very long names...
Ubuntu 4.10 / 5.04 : mozilla, mozilla-firefox vulnerabilities (USN-186-1)
Peter Zelezny discovered that URLs which are passed to Firefox or Mozilla on the command line are not correctly protected against interpretation by the shell. If Firefox or Mozilla is configured as the default handler for URLs which is the default in Ubuntu, this could be exploited to execute...
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2005:174)
Updated Mozilla Thunderbird packages fix various vulnerabilities : The run-mozilla.sh script, with debugging enabled, would allow local users to create or overwrite arbitrary files via a symlink attack on temporary files CVE-2005-2353. A bug in the way Thunderbird processes XBM images could be us...
CVE-2005-4591
Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...
CVE-2005-4591
CVE-2005-4591 describes a heap-based buffer overflow in bogofilter (and bogolexer during charset conversion) when using Unicode databases. The vulnerability arises from invalid input sequences that trigger heap corruption, allowing remote attackers to cause a crash and potentially execute arbitra...
CVE-2005-4591
Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...
CVE-2006-0126
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...
CVE-2006-0126
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...
Design/Logic Flaw
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...
DEBIAN-CVE-2006-0126
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...
CVE-2006-0126
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...