Lucene search
K

5412 matches found

securityvulns
securityvulns
added 2006/04/12 12:0 a.m.50 views

ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability

ZDI-06-007: Microsoft Windows Address Book WAB File Format Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-007.html April 11, 2006 -- CVE ID: CVE-2006-0014 -- Affected Vendor: Microsoft -- Affected Products: Windows XP SP2 Windows 2000 SP4 -- TippingPointTM IPS Customer...

5.1CVSS0.4AI score0.23875EPSS
Exploits0
Cvelist
Cvelist
added 2006/04/12 12:0 a.m.27 views

CVE-2006-0014

Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book WAB file containing "certain Unicode strings" and modified length values...

7.6AI score0.23875EPSS
Exploits0References17
Prion
Prion
added 2006/03/07 11:2 a.m.17 views

Buffer overflow

Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string...

10CVSS7.6AI score0.03059EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2006/03/07 11:2 a.m.18 views

CVE-2006-1038

Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string...

10CVSS7AI score0.03059EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/03/07 11:0 a.m.19 views

CVE-2006-1038

Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string...

7AI score0.03059EPSS
Exploits0References6
CVE
CVE
added 2006/03/07 11:0 a.m.65 views

CVE-2006-1038

CVE-2006-1038 concerns a buffer overflow in Van Dyke SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier. The underlying issue occurs when a Unicode string is converted to a narrow string, enabling remote attackers to trigger the overflow. The impact is described as unknown in the sources,...

10CVSS7AI score0.03059EPSS
Exploits0References6Affected Software2
securityvulns
securityvulns
added 2006/01/22 12:0 a.m.48 views

KDE libraries / Konqueror buffer overflow

Buffer overflow on Unicode URL parsing within JavaScript processor...

3.7AI score
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.46 views

Ubuntu 4.10 / 5.04 : mozilla-thunderbird vulnerabilities (USN-200-1)

A buffer overflow was discovered in the XBM image handler. By tricking an user into opening a specially crafted XBM image, an attacker could exploit this to execute arbitrary code with the user's privileges. CAN-2005-2701 Mats Palmgren discovered a buffer overflow in the Unicode string parser...

7.5CVSS6.6AI score0.10718EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.25 views

MDKSA-2005:169 : mozilla-firefox

A number of vulnerabilities have been discovered in Mozilla Firefox that have been corrected in version 1.0.7: A bug in the way Firefox processes XBM images could be used to execute arbitrary code via a specially crafted XBM image file CVE-2005-2701. A bug in the way Firefox handles certain Unico...

8AI score0.21112EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.39 views

Ubuntu 4.10 : samba vulnerability (USN-29-1)

During an audit of the Samba 3.x code base Stefan Esser discovered a Unicode file name buffer overflow within the handling of TRANSACT2QFILEPATHINFO replies. A malicious samba user with write access to a share could exploit this by creating specially crafted path names files with very long names...

10CVSS6.1AI score0.1373EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.28 views

Ubuntu 4.10 / 5.04 : mozilla, mozilla-firefox vulnerabilities (USN-186-1)

Peter Zelezny discovered that URLs which are passed to Firefox or Mozilla on the command line are not correctly protected against interpretation by the shell. If Firefox or Mozilla is configured as the default handler for URLs which is the default in Ubuntu, this could be exploited to execute...

7.5CVSS6.6AI score0.10718EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.46 views

Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2005:174)

Updated Mozilla Thunderbird packages fix various vulnerabilities : The run-mozilla.sh script, with debugging enabled, would allow local users to create or overwrite arbitrary files via a symlink attack on temporary files CVE-2005-2353. A bug in the way Thunderbird processes XBM images could be us...

7.5CVSS6.5AI score0.21112EPSS
Exploits2References13
Cvelist
Cvelist
added 2006/01/09 7:0 p.m.27 views

CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...

8.2AI score0.05512EPSS
Exploits0References9
CVE
CVE
added 2006/01/09 7:0 p.m.56 views

CVE-2005-4591

CVE-2005-4591 describes a heap-based buffer overflow in bogofilter (and bogolexer during charset conversion) when using Unicode databases. The vulnerability arises from invalid input sequences that trigger heap corruption, allowing remote attackers to cause a crash and potentially execute arbitra...

7.5CVSS8.2AI score0.05512EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2006/01/09 7:0 p.m.36 views

CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...

7.5CVSS8AI score0.05512EPSS
Exploits0
NVD
NVD
added 2006/01/09 11:3 a.m.15 views

CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

4.6CVSS6.6AI score0.00391EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2006/01/09 11:3 a.m.32 views

CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

4.6CVSS5.9AI score0.00391EPSS
Exploits0References1
Prion
Prion
added 2006/01/09 11:3 a.m.13 views

Design/Logic Flaw

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

4.6CVSS7.1AI score0.00391EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2006/01/09 11:3 a.m.4 views

DEBIAN-CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

4.6CVSS6.8AI score0.00391EPSS
Exploits0References1
OSV
OSV
added 2006/01/09 11:3 a.m.7 views

CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

6.5AI score
Exploits0References5
Rows per page
Query Builder