ICONICS Dialog Wrapper Module ActiveX (DlgWrapper.dll) DoModal Function Overflow

Binary data scadaiconicsdlgwrapperactivexoverflow.nbin...

CVE-2006-6488

Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control DlgWrapper.dll before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long 1 FileName or 2 Filter argument...

cPanel 5-10 - SUID Wrapper Privilege Escalation

cPanel 5-10 - SUID Wrapper Privilege Escalation source: https://www.securityfocus.com/bid/20163/info cPanel is prone to a remote privilege-escalation vulnerability. A remote attacker can exploit this issue to gain administrative access to the affected application. This may lead to other attacks...

security flaw

Cross-site scripting XSS vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapperwindow.Function construct...

security flaw

Cross-site scripting XSS vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapperwindow.Function construct...

DEBIAN-CVE-2006-3848

Cross-site scripting XSS vulnerability in CGI wrapper for IP Calculator IPCalc 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI REQUESTURI environment variable, which is used in the actionurl variable...

CVE-2006-3848

The CVE-2006-3848 entry describes a Cross-site Scripting (XSS) vulnerability in the CGI wrapper for IP Calculator (IPCalc) version 0.40. The flaw arises because the attacker can inject arbitrary web script or HTML through the URI (REQUEST_URI environment variable), which is used in the actionurl ...

CVE-2006-3848

Cross-site scripting XSS vulnerability in CGI wrapper for IP Calculator IPCalc 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI REQUESTURI environment variable, which is used in the actionurl variable...

Design/Logic Flaw

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges...

FreeBSD : opera -- command line URL shell command injection (dfc1daa8-61de-11da-b64c-0001020eed82)

An Opera Advisory reports : Opera for UNIX uses a wrapper shell script to start up Opera. This shell script reads the input arguments, like the file names or URLs that Opera is to open. It also performs some environment checks, for example whether Java is available and if so, where it is located...

Fedora Core 5 : beagle-0.2.3-4 (2006-188)

Some of the wrapper scripts including beagle-status looked in the current directory for files with a specific name and ran that instead of the binary in the path. All such cases have been fixed in this release. Note that Tenable Network Security has extracted the preceding description block...

Opera may execute command line embedded in URLs

Opera for UNIX uses a wrapper shell script to start up Opera.This shell script reads the input arguments, like the file namesor URLs that Opera is to open. It also performs some environmentchecks, for example whether Java is available and if so, where itis located.This wrapper script can also run...

Opera may execute command line embedded in URLs – Opera Security Advisories

Opera may execute command line embedded in URLs – Opera Security Advisories OPCOM Team | November 23, 2005 Summary Opera will execute command lines embedded in the URL when anotherprogram uses Opera to open a link. This affects UNIX versions ofOpera Linux/FreeBSD/Solaris. Severity: High Problem...

opera -- command line URL shell command injection

An Opera Advisory reports: Opera for UNIX uses a wrapper shell script to start up Opera. This shell script reads the input arguments, like the file names or URLs that Opera is to open. It also performs some environment checks, for example whether Java is available and if so, where it is located...

Nikto (NASL wrapper)

This VT is deprecated. Copyright C 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under th...

Nmap (NASL wrapper)

This plugin runs nmap to find open ports. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.14259";...

DEBIAN-CVE-2004-1471

Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a wrapper line...

Nikto (NASL wrapper)

This plugin runs Nikto2, an open source GPL web server scanner used to perform comprehensive tests for multiple issues, such as outdated server versions, potentially dangerous files or programs, version specific problems, various configuration items, etc. See the section 'plugins options' to...

phpMyAdmin 2.5.7 - Remote code Injection

/ phpmy-explt.c written by Nasir Simbolon eagle kecapi com Jakarta, Indonesia June, 10 2004 A phpMyAdmin-2.5.7 exploite program. This is a kind of mysql server wrapper acts like a proxy except that it will sends a fake table name, when client query "SHOW TABLES", by replacing the real table name...

Important: Red Hat Security Advisory: stunnel security update

Updated stunnel packages are now available. These updates address problems stemming from improper use of non-reentrant functions in signal handlers. Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection encrypted usin...