Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in...

XPCD 2.0.8 Home Environment Variable Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8370/info A problem in the handling of long strings in environment variables by xpcd may result in a buffer overflow condition. This may allow an attacker to gain unauthorized access to system resources. / xpcd 2.0.8 late...

VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/9638/info It has been reported that ezContents may be prone to a file include vulnerability in multiple modules. The problem reportedly exists because remote users may influence the 'GLOBALSrootdp' and 'GLOBALSlanguagehom...

XFree86 X11R6 3.3.2 XMan ManPath Environment Variable Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/3030/info xman is a component included with the XFree86 Window System. A buffer overflow in the handling of the MANPATH environment variable by xman makes it possible for a local user to execute arbitrary code. By inserti...

Chinput 3.0 Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3896/info Chinput is an input server designed for Chinese characters. It is available on Linux and other Unix based systems. Chinput appears to be installed suid root by default. A vulnerability exists in Chinput. A local...

Armidale Software Yapp Conferencing System 2.2 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/365/info Armidale Software's Yapp Conferencing System is vulnerable to an environment variable related buffer overflow vulnerability in at least the Linux version. The consequence of the vulnerability being exploited is a...

Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14604/info Mantis is prone to multiple input validation vulnerabilities. These issues involve cross-site scripting, HTML injection and variable poisoning, and are due to a failure in the application to properly sanitize...

ImageShack Toolbar 4.8.3.75 - Remote Code Execution Exploit

No description provided by source. !-- Title: ImageShack Toolbar 4.8.3.75 Remote Code Execution Exploit Date: Nov 23, 2010 Author: Rew Email: rew splat leethax.info Link: http://toolbar.imageshack.us/ImageShackToolbar.exe Version: 4.8.3.75 Tested on: WinXP - IE 6 & 7 CVE: NA 0day Note: This objec...

XSOK 1.0 2 LANG Environment Variable Local Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9341/info xsok is prone to a locally exploitable buffer overrun vulnerability due to insufficient bounds check of data supplied through the LANG environment variable. This could be exploited to execute arbitrary code with...

InTouch 0.5.1 Alpha User Variable SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16110/info inTouch is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could resu...

XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...

Liquid War 5.4.5/5.5.6 HOME Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8629/info Liquid War has been reported prone to a buffer overflow condition when handling HOME environment variables of excessive length. The issue presents itself, due to a lack of sufficient boundary checks performed on...

Solaris 2.6/7.0 /locale Subsystem Format String

No description provided by source. / source: http://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

Poster 2.0 Unauthorized Privileged User Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8426/info A vulnerability has been reported for Poster.version:two. The problem occurs due to the application failing to lock the 'setup' variable after initialization. As a result, an attacker may access this variable to...

IBM AIX 5.x Diag Local Privilege Escalation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12041/info diag is reported prone to a local privilege escalation vulnerability. This issue is due to a failure of certain diag applications to properly implement security controls when executing an application specified ...

cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attack...

phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Include Exploit

No description provided by source. !/usr/bin/perl phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit Coded by bd0rk || SOH-Crew Usage: exploit.pl target cmd shell shell variable Greetings: str0ke, TheJT, Kacper, Lu7k, Maik Vulnerable Code: includeonce$phpbbrootpath...

Roxio Toast 7 DejaVu Component PATH Variable Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19596/info Roxio Toast is prone to a local privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. As a result, local users may set their own search path for external applications tha...

BRU 15.1/16.0 BRUEXECLOG Environment Variable Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1321/info A vulnerability exists in BRU, the Backup and Restore Utility, from Enhanced Software Technologies. By setting the value of the BRUEXECLOG environment variable, it is possible to an attack to alter and create...

IRIX 6.5.x dmplay Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1528/info Certain versions of IRIX ship with a version of dmplay which is vulnerable to a buffer overflow attack. The program, dmplay, is used to play movie files under IRIX. The problem at hand is the way the program...