CVE-2003-0932

Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long 1 command line or 2 environment variable...

CVE-2003-0932

Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long 1 command line or 2 environment variable...

CVE-2003-0089

Buffer overflow in HP-UX Software Distributor utilities (HP-UX B.11.00 and B.11.11) allows local users to execute arbitrary code via a long LANG environment variable passed to setuid programs such as swinstall and swmodify. Affected components include the Software Distributor utilities; the root ...

CVE-2003-0948

Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2003-0947

Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable...

CVE-2003-0948

Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2003-0089

Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as 1 swinstall and 2 swmodify...

CVE-2003-0840

Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable...

CVE-2003-0830

Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable...

HP-UX Software Distributor buffer overflow

Buffer overflow on LANG variable parsing...

CVE-2003-0933

CVE-2003-0933 affects Conquest 7.2 and earlier. The vulnerability is a buffer overflow in the environment variable handling that can allow a local user to execute arbitrary code. This is caused by processing a long environment variable, leading to potential code execution with local privileges; t...

CVE-2003-0933

Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable...

TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (2)

TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities 2 // source: https://www.securityfocus.com/bid/8993/info It has been reported that TerminatorX may be prone to multiple vulnerabilities when handling command-line and environment variable data. As a result, an...

TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (1)

// source: https://www.securityfocus.com/bid/8993/info It has been reported that TerminatorX may be prone to multiple vulnerabilities when handling command-line and environment variable data. As a result, an attacker may be capable of exploiting the application in a variety of ways to execute...

TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (1)

TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities 1 // source: https://www.securityfocus.com/bid/8993/info It has been reported that TerminatorX may be prone to multiple vulnerabilities when handling command-line and environment variable data. As a result, an...

TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (2)

// source: https://www.securityfocus.com/bid/8993/info It has been reported that TerminatorX may be prone to multiple vulnerabilities when handling command-line and environment variable data. As a result, an attacker may be capable of exploiting the application in a variety of ways to execute...

CVE-2002-1570

Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array...

kpopup -- local root exploit and local denial of service

Mitre CVE reports: Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable whe...

SUN jdk crossite scripting

jdk undocumented static variable may allow data exchange between sites...

FuzzyMonkey 2.11 - MyClassifieds Email Variable SQL Injection

FuzzyMonkey 2.11 - MyClassifieds Email Variable SQL Injection source: https://www.securityfocus.com/bid/8863/info It has been reported that FuzzyMonkey MyClassifieds may be prone to a SQL injection vulnerability that may allow an attacker to disclose user passwords by supplying malicious SQL code...