23 matches found
CVE-2005-1846
Multiple directory traversal vulnerabilities in YaMT before 0.52 allow attackers to overwrite arbitrary files via the 1 rename or 2 sort options...
EUVD-2005-1848
Malware in sbrugna...
EUVD-2004-1299
Malware in sbrugna...
EUVD-2005-1849
Malware in sbrugna...
CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...
SUSE CVE-2005-1846
Multiple directory traversal vulnerabilities in YaMT before 0.52 allow attackers to overwrite arbitrary files via the 1 rename or 2 sort options...
SUSE CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...
FreeBSD Ports: yamt
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: yamt
The remote host is missing an update to the system as announced in the referenced advisory. VID d4a7054a-6d96-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: yamt
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: yamt
The remote host is missing an update to the system as announced in the referenced advisory. VID 99b5cfa5-d3d2-11d9-8ffb-00061bc2ad93 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD : yamt -- buffer overflow and directory traversal issues (99b5cfa5-d3d2-11d9-8ffb-00061bc2ad93)
Stanislav Brabec discovered errors in yamt's path name handling that lead to buffer overflows and directory traversal issues. When processing a file with a maliciously crafted ID3 tag, yamt might overwrite arbitrary files or possibly execute arbitrary code. The SuSE package ChangeLog contains : -...
FreeBSD : yamt -- arbitrary command execution vulnerability (d4a7054a-6d96-11d9-a9e7-0001020eed82)
Manigandan Radhakrishnan discovered a security vulnerability in YAMT which can lead to execution of arbitrary commands with the privileges of the user running YAMT when sorting based on MP3 tags. The problem exist in the id3tagsort routine which does not properly sanitize the artist tag from the...
CVE-2005-1847
YaMT before 0.5_2 is affected by multiple buffer overflows in the rename and sort options, enabling arbitrary code execution. The CVE is supported by multiple sources (NVD, Red Hat, SUSE, FreeBSD VuXML) confirming the same root cause and impact. Affected component: YaMT, vulnerable versions prior...
CVE-2005-1846
Multiple directory traversal vulnerabilities in YaMT before 0.52 allow attackers to overwrite arbitrary files via the 1 rename or 2 sort options...
CVE-2005-1846
CVE-2005-1846 affects YaMT prior to 0.5_2. Affected component/file handling allows directory traversal via the rename and sort options, enabling an attacker to overwrite arbitrary files. Some sources also note potential arbitrary code execution in affected contexts. Remediation: upgrade YaMT to v...
CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...
CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...
CVE-2005-1846
Multiple directory traversal vulnerabilities in YaMT before 0.52 allow attackers to overwrite arbitrary files via the 1 rename or 2 sort options...
CVE-2004-1302
The id3tagsort function in id3tag.c for YAMT 0.5 allows remote attackers to execute arbitrary commands via an MP3 file with double quotes in the Artist tag...