8148 matches found
Serendipity < 0.80 RC7 Multiple Vulnerabilities
Binary data 2920.prm...
PT-2005-1945 · Adobe · Svg Viewer
Name of the Vulnerable Software and Affected Versions: Adobe SVG Viewer versions 3.02 and earlier Description: The issue allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page...
Multiple XSS issues in Sun AnswerBook2
PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSIONS TESTED: 1.4.4 on Solaris 8.0 Sparc TITLE: Multiple issues in Sun Answerbook2 Full Disclosure. Summary. A number of issues have been identified in Sun...
answerbook2.txt
PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSIONS TESTED: 1.4.4 on Solaris 8.0 Sparc TITLE: Multiple issues in Sun Answerbook2 Full Disclosure. Summary. A number of issues have been identified in Sun...
Smail 3.2.0.120 Remote Root Heap Overflow Exploit
Exploit for linux platform in category remote exploits ================================================= Smail 3.2.0.120 Remote Root Heap Overflow Exploit ================================================= / 0 smail preparseaddress1 heap bof remote root exploit infamous42md AT hotpop DOT com Shout...
kayakoXSS2.txt
GulfTech Security Research March 22, 2005 Vendor : Kayako Web Solutions URL : http://www.kayako.com/ Version : Kayako eSupport v2.3 Risk : Cross Site Scripting Description: Kayako eSupport is a popular helpdesk, and support software. It is used by many businesses for customer support purposes...
PHP-Fusion 5.0 - BBCode IMG Tag Script Injection
PHP-Fusion 5.0 - BBCode IMG Tag Script Injection source: https://www.securityfocus.com/bid/12751/info PHP-Fusion is reported prone to a script injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input prior to including it in dynamically...
Sylpheed < 1.0.3 Invalid Header Overflow
Binary data 2672.prm...
CVE-2005-0593
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via 1 a web site that does not finish loading, which shows the lock of the previous site, 2 a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake ...
CVE-2004-1390
Multiple buffer overflows in the PPPoE daemon PPPoEd in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the 1 -F, 2 name, 3 en, 4 upscript, 5 downscript, 6 retries, 7 timeout, 8 scriptdetach, 9 noscript, 10 nodetach, 11 remotemac, or 12 localmac flags...
abctab2ps 1.6.3 - 'Write_Heading' '.ABC' Remote Buffer Overflow
source: https://www.securityfocus.com/bid/12026/info abctab2ps is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive process buffers. It is reported that th...
[SA13352] FreeBSD procfs/linprocfs Process Argument Vector Handling Vulnerability
TITLE: FreeBSD procfs/linprocfs Process Argument Vector Handling Vulnerability SECUNIA ADVISORY ID: SA13352 VERIFY ADVISORY: http://secunia.com/advisories/13352/ CRITICAL: Less critical IMPACT: Exposure of system information, Exposure of sensitive information, DoS WHERE: Local system OPERATING...
[Full-Disclosure] Password Disclosure for SMB Shares in KDE's Konqueror
------------------------------------------------------------------------- | Password Disclosure for SMB Shares in KDE's Konqueror | ------------------------------------------------------------------------- Date: Nov. 29, 2004 Author: Daniel Fabian Product: KDE, Konquerer Vendor: KDE e. V...
Microsoft SQL Server 7.0 - Remote Denial of Service (2)
Microsoft SQL Server 7.0 - Remote Denial of Service 2 // source: https://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An...
CVE-2004-0501
Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language VML entity whose src parameter points to the remote site, which could allow remote attackers to know whe...
Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
Exploit for linux platform in category remote exploits ====================================================== Remote CVS = 1.11.15 errorprogname Remote Exploit ====================================================== Remote CVS = 1.11.15 exploit for the errorprogname double free vuln. by Gyan...
CVE-2004-0501
Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language VML entity whose src parameter points to the remote site, which could allow remote attackers to know whe...
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be...
CVE-2004-1244
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large 1 width or 2 height values, aka the "PNG Processing Vulnerability."...
KpyM Telnet Server DoS
The remote host is running KpyM Telnet Server, a Telnet server for Windows. According to its banner, the installed version of KpyM is older than 1.06. Such versions mark a connection as free before all components, such as sockets and threads, are shut down. By flooding the service with connection...