CVE-2002-1601

The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page...

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String

// source: https://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string vulnerability in the locale subsystem could lead to a user gaining elevated...

CVE-2001-1041

oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace .trc file that is created in an alternate home directory identified by the ORACLEHOME environment variable...

CVE-2001-0943

dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the 1 chown or 2 chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs...

CVE-2001-0941

Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLEHOME environment variable...

CVE-2001-1050

CCCSoftware CCC PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...

CVE-2001-1025

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable e.g., by including mainfile.php, such as article.php...

Переполнение буфера в ddd (buffer overflow)

Переполнение буфера при разборе переменной окружения HOME...

Chinput 3.0 - Environment Variable Buffer Overflow

Chinput 3.0 - Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3896/info Chinput is an input server designed for Chinese characters. It is available on Linux and other Unix based systems. Chinput appears to be installed suid root by default. A vulnerability exists...

Chinput 3.0 - Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3896/info Chinput is an input server designed for Chinese characters. It is available on Linux and other Unix based systems. Chinput appears to be installed suid root by default. A vulnerability exists in Chinput. A local user with an extremely long HO...

Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation

source: https://www.securityfocus.com/bid/3871/info Sudo is a freely available, open source permissions management software package available for the Linux and Unix operating systems. It is maintained by Todd C. Miller. Under some circumstances, sudo does not properly sanitize the environment it...

IMLib2 - Home Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3868/info Imlib2 is a freely available, open source graphics library available for the Linux and Unix operating systems. It is maintained by Michael Jennings. Imlib2 is installed on many operating systems and linked with graphical programs such as Eter...

CVE-2003-0061

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable...

CVE-2001-0872

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LDPRELOAD, which allows local users to gain root privileges...

CVE-2001-0855

Buffer overflow in dbloader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable...

CVE-2001-0848

join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon ; in a form variable...

FreeBSD-SA-01:63.openssh

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:63 Security Advisory FreeBSD, Inc. Topic: OpenSSH UseLogin directive permits privilege escalation REVISED Category: core/ports Module: openssh Announced: 2001-12-02...

ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability

Oracle Home Environment Variable Validation Vulnerability For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: The dbsnmp executable can be manipulated to run programs from the wrong...

ASI Oracle Security Alert: Oracle Home Environment Variable Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Home Environment Variable Buffer Overflow For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: By setting a long ORACLEHOME value more...

CVE-2001-0855

Buffer overflow in dbloader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable...