VLC 0.8.6b format string vulnerability & integer overflow

iSEC Partners Security Advisory - 2007-001-vlc http://www.isecpartners.com ---------------------------------------------- VLC 0.8.6b format string vulnerability & integer overflow Vendor: VideoLan Vendor URL: http://www.videolan.org Systems Affected: Confirmed on Windows XP, FreeBSD 6.2, MacOS X...

Debian DSA-1250-1 : cacti - missing input sanitising

It was discovered that cacti, a frontend to rrdtool, performs insufficient validation of data passed to the 'cmd' script, which allows SQL injection and the execution of arbitrary shell commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...