Design/Logic Flaw

CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF document, related to an uninitialized variable...

CVE-2008-2515

Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown vectors related to an "environment variable handling error."...

CVE-2008-1031

CVE-2008-1031 : The Mac OS X CoreGraphics component (Mac OS X

FreeBSD : spamdyke -- open relay (555ac165-2bee-11dd-bbdc-00e0815b8da8)

Spamdyke Team reports : Fixed smtpfilter to reject the DATA command if no valid recipients have been specified. Otherwise, a specific scenario could result in every spamdyke installation being used as an open relay. If the remote server connects and gives one or more recipients that are rejected...

[SECURITY] Fedora 9 Update: libvorbis-1.2.0-4.fc9

Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis...

[SECURITY] Fedora 7 Update: libvorbis-1.1.2-4.fc7

Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The libvorbis package contains runtime libraries for use in programs that support Ogg Voribs...

BIGACE 2.4 Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= BIGACE 2.4 Multiple Remote File Inclusion Vulnerabilities ========================================================= / \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ |...

bigace-rfi.txt

/ \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /' ---------------------------------------------- GrEeTs...

PHP-Fusion <= 6.01.15 Multiple Vulnerabilities

Name: PHP-Fusion = 6.01.15 Multiple Vulnerabilities Vendor: http://php-fusion.co.uk/ Credits: charles "real" F. charlesfolathotmail.fr http://realn.free.fr/ Date: 08/05/08 01. XSS Vulnerability 40| $pres = dbquery"SELECT photoid FROM ".$dbprefix."photos WHERE | photoorder='".$data'photoorder'-1."...

Firebird: Data disclosure

Background Firebird is a multi-platform, open source relational database. Description Viesturs reported that the default configuration for Gentoo's init script "/etc/conf.d/firebird" sets the "ISCPASSWORD" environment variable when starting Firebird. It will be used when no password is supplied b...

Maian Uploader v4.0 XSS Vulnerabilities

---------------------------------------------------------------- Script : Maian Uploader v4.0 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

Maian Links v3.1 XSS Vulnerabilities

---------------------------------------------------------------- Script : Maian Links v3.1 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

OBlog Sql Injection Vulnerability

漏洞文件tags.asp 变量tagid未经过滤传值，带入sql执行，导致注入产生。 3.13-20060429 access & mssql 4.02-20070112 access & mssql 4.50 Final Build0619 access & mssql 4.60 Final Build0921 access & mssql 4.60 Final Build1107 access & mssql 修补方法:检查用户提交的tagid，只允许是数字。 例如： 将iTagId = TrimRequest.Querystring”tagid”改成iTagId =...

Stack overflow

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1994

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1994

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1994

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

Design/Logic Flaw

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

PHP security----using Register Globals-bug warning-the black bar safety net

Using Register Globals can PHP the most controversial change from PHP " 4.2.0 version of the beginning of the configuration file, registerglobals the default value from on to off. For this option the dependence is so prevalent that many people simply don't know it exists and thought PHP was so...

CVE-2007-5758

Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server DAS in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable...