9470 matches found
CVE-2004-0428
Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact...
[waraxe-2004-SA#024 - XSS and full path disclosure in Network Query Tool 1.6]
================================================================================ waraxe-2004-SA024 ================================================================================ XSS and full path disclosure in Network Query Tool 1.6...
[SCSA-028] Nuked-Klan Multiple Vulnerabilities
================================================= Security Corporation Security Advisory SCSA-028 Nuked-Klan Multiple Vulnerabilities ================================================= PROGRAM: Nuked-KlaN HOMEPAGE: http://www.nuked-klan.org VULNERABLE VERSIONS: b1.4, b1.5, SP2 RISK: MEDIUM/HIGH...
CVE-2003-1033
The 1 instdbmsrv and 2 instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious...
CVE-2004-0158
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to 1 editor.c, 2 theme.c, 3 manager.c, 4 config.c, 5 game.c, 6 levels.c, or 7 main.c...
CVE-2004-0158
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to 1 editor.c, 2 theme.c, 3 manager.c, 4 config.c, 5 game.c, 6 levels.c, or 7 main.c...
CVE-2004-1853
Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote attackers to cause a denial of service via a long ServerInfo variable...
CVE-2004-0158
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to 1 editor.c, 2 theme.c, 3 manager.c, 4 config.c, 5 game.c, 6 levels.c, or 7 main.c...
CVE-2004-0158
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to 1 editor.c, 2 theme.c, 3 manager.c, 4 config.c, 5 game.c, 6 levels.c, or 7 main.c...
DEBIAN-CVE-2004-0103
crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow...
CVE-2004-0103
crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow...
Dell OpenManage buffer overflow
Heap overflow on oversized Application variable in POST request...
RobotFTP Server 1.0/2.0 - Remote Denial of Service
source: https://www.securityfocus.com/bid/9732/info It has been reported that Opt-X may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem reportedly exists because remo...
lbreakout2 vulnerability in environment variable handling
Ulf Härnhammar discovered an exploitable vulnerability in lbreakout2's environmental variable handling. In several instances, the contents of the HOME environmental variable are copied to a stack or global buffer without range checking. A local attacker may use this vulnerability to acquire...
LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities
LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities / source: https://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of...
LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities
/ source: https://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected application. A malicious user may...
CVE-2004-0074
Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via 1 a long LANG environment variable, or 2 a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949...
CVE-2004-0103
crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow...
VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion
VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion source: https://www.securityfocus.com/bid/9638/info It has been reported that ezContents may be prone to a file include vulnerability in multiple modules. The problem reportedly exists because remote users may influence the...
CVE-2004-2093
Buffer overflow in the opensocketout function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long RSYNCPROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional...