Max CVSS 10.0 Min CVSS 1.2 Total Count1132
IDCVSSSummaryLast (major) updatePublished
CVE-2018-10886 None
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None.
16-07-2018 - 15:29 16-07-2018 - 15:29
CVE-2018-0385 5.0
A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-0384 5.0
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exist
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-0383 5.0
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exis
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-0370 5.0
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-6969 4.4
VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order
13-07-2018 - 09:29 13-07-2018 - 09:29
CVE-2017-1000422 6.8
Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution
02-01-2018 - 15:29 02-01-2018 - 15:29
CVE-2006-4197 7.5
Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location heade
19-02-2017 - 00:13 17-08-2006 - 17:04
CVE-2006-2802 5.0
Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.
19-02-2017 - 00:12 03-06-2006 - 06:02
CVE-2005-4158 4.6
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that
19-02-2017 - 00:10 10-12-2005 - 21:03
CVE-2005-3276 2.1
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3275 2.6
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3274 1.2
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection tab
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3273 5.0
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array ou
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3271 2.1
Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specifi
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-2872 5.0
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads t
19-02-2017 - 00:09 09-09-2005 - 15:07
CVE-2005-2801 5.0
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
19-02-2017 - 00:09 06-09-2005 - 13:03
CVE-2005-2548 5.0
vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk o
19-02-2017 - 00:09 12-08-2005 - 00:00
CVE-2005-2459 5.0
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointe
19-02-2017 - 00:09 23-08-2005 - 00:00
CVE-2005-2458 5.0
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
19-02-2017 - 00:09 23-08-2005 - 00:00
CVE-2005-2456 2.1
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OU
19-02-2017 - 00:09 04-08-2005 - 00:00
CVE-2004-2302 2.6
Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.
19-02-2017 - 00:07 31-12-2004 - 00:00
CVE-2003-0131 7.5
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKC
19-02-2017 - 00:04 24-03-2003 - 00:00
CVE-2004-0005 7.5
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo
19-12-2016 - 21:59 03-03-2004 - 00:00
CVE-2005-2491 7.5
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, whic
15-12-2016 - 21:59 23-08-2005 - 00:00
CVE-2007-0010 2.1
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
07-12-2016 - 22:00 24-01-2007 - 14:28
CVE-2006-6103 6.6
Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during
07-12-2016 - 22:00 31-12-2006 - 00:00
CVE-2006-6102 10.0
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption durin
07-12-2016 - 22:00 31-12-2006 - 00:00
CVE-2006-6101 6.6
Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption dur
07-12-2016 - 22:00 31-12-2006 - 00:00
CVE-2006-5925 7.5
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.
07-12-2016 - 22:00 15-11-2006 - 14:07
CVE-2006-3376 7.5
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field i
07-12-2016 - 22:00 06-07-2006 - 16:05
CVE-2006-0512 2.1
PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3)
07-12-2016 - 22:00 02-02-2006 - 06:02
CVE-2005-2558 4.6
Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name
07-12-2016 - 22:00 16-08-2005 - 00:00
CVE-2005-2495 5.1
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
07-12-2016 - 22:00 15-09-2005 - 16:03
CVE-2004-0990 10.0
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-
07-12-2016 - 21:59 01-03-2005 - 00:00
CVE-2004-0986 7.5
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
07-12-2016 - 21:59 01-03-2005 - 00:00
CVE-2004-0968 2.1
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0957 6.8
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0941 10.0
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0888 10.0
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabili
07-12-2016 - 21:59 27-01-2005 - 00:00
CVE-2004-0452 2.6
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symli
07-12-2016 - 21:59 21-12-2004 - 00:00
CVE-2004-0409 7.5
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
07-12-2016 - 21:59 01-06-2004 - 00:00
CVE-2004-0159 7.5
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" comma
07-12-2016 - 21:59 15-03-2004 - 00:00
CVE-2003-0899 7.5
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequ
07-12-2016 - 21:59 03-11-2003 - 00:00
CVE-2003-0596 3.6
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.
07-12-2016 - 21:59 27-08-2003 - 00:00
CVE-2003-0499 3.6
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.
07-12-2016 - 21:59 07-08-2003 - 00:00
CVE-2002-1562 5.0
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header.
07-12-2016 - 21:59 12-05-2003 - 00:00
CVE-2002-1344 5.0
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
07-12-2016 - 21:59 18-12-2002 - 00:00
CVE-2002-0871 2.1
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
07-12-2016 - 21:59 05-09-2002 - 00:00
CVE-2002-0847 7.5
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
07-12-2016 - 21:59 12-08-2002 - 00:00
CVE-2002-0660 7.5
Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-20
07-12-2016 - 21:59 12-08-2002 - 00:00
CVE-2001-1400 2.1
Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1399 2.1
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86."
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1398 7.5
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1397 2.1
The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1396 3.6
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1395 3.6
Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1394 2.1
Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1393 2.1
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang).
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1392 2.1
The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1391 2.1
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1390 6.2
Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-0414 10.0
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
07-12-2016 - 21:59 18-06-2001 - 00:00
CVE-2007-0494 4.3
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that
06-12-2016 - 21:59 25-01-2007 - 15:28
CVE-2007-0493 7.8
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that c
06-12-2016 - 21:59 25-01-2007 - 15:28
CVE-2004-1120 10.0
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
06-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
06-12-2016 - 21:59 17-01-2003 - 00:00
CVE-2004-0109 4.6
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
28-11-2016 - 14:06 01-06-2004 - 00:00
CVE-2005-2700 10.0
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass inten
21-11-2016 - 21:59 06-09-2005 - 19:03
CVE-2006-6106 7.5
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service
17-10-2016 - 23:42 19-12-2006 - 14:28
CVE-2006-5051 9.3
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
17-10-2016 - 23:41 27-09-2006 - 19:07
CVE-2006-4924 7.8
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
17-10-2016 - 23:41 26-09-2006 - 21:07
CVE-2006-4339 4.3
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key
17-10-2016 - 23:40 05-09-2006 - 13:04
CVE-2006-2940 7.8
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates tha
17-10-2016 - 23:40 28-09-2006 - 14:07
CVE-2006-1528 4.9
Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.
17-10-2016 - 23:39 18-05-2006 - 15:06
CVE-2006-1343 2.1
net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGIN
17-10-2016 - 23:39 21-03-2006 - 13:02
CVE-2006-1052 2.1
The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.
17-10-2016 - 23:39 05-05-2006 - 08:46
CVE-2006-0670 5.0
Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
17-10-2016 - 23:39 13-02-2006 - 17:02
CVE-2005-4439 7.8
Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a URL with a long (1) cmd or (2) mode parameter.
17-10-2016 - 23:38 20-12-2005 - 20:03
CVE-2005-4134 5.0
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not
17-10-2016 - 23:38 09-12-2005 - 10:03
CVE-2005-3895 5.8
Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, whi
17-10-2016 - 23:37 29-11-2005 - 16:03
CVE-2005-3894 4.3
Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) hex-encoded values in the
17-10-2016 - 23:37 29-11-2005 - 16:03
CVE-2005-3893 7.5
Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) user parameter in the L
17-10-2016 - 23:37 29-11-2005 - 16:03
CVE-2005-3420 7.5
usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.
17-10-2016 - 23:35 01-11-2005 - 16:02
CVE-2005-3419 7.5
SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized.
17-10-2016 - 23:35 01-11-2005 - 16:02
CVE-2005-3418 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) lis
17-10-2016 - 23:35 01-11-2005 - 16:02
CVE-2005-3417 7.5
phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP_* variables.
17-10-2016 - 23:35 01-11-2005 - 16:02
CVE-2005-3416 7.5
phpBB 2.0.17 and earlier, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $_SESSION and $HTTP_SESSION_VARS variables to strings
17-10-2016 - 23:35 01-11-2005 - 16:02
CVE-2005-3415 7.5
phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[]
17-10-2016 - 23:35 01-11-2005 - 16:02
CVE-2005-3393 7.5
Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.
17-10-2016 - 23:35 01-11-2005 - 07:47
CVE-2005-3310 3.5
Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be execut
17-10-2016 - 23:34 25-10-2005 - 21:02
CVE-2005-3300 5.0
The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct request
17-10-2016 - 23:34 23-10-2005 - 17:02
CVE-2005-3090 4.3
Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the summary of the bug, which is not quoted when view_all_bug_page.php is used
17-10-2016 - 23:32 28-09-2005 - 18:03
CVE-2005-3088 2.1
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords.
17-10-2016 - 23:32 27-10-2005 - 06:02
CVE-2005-2871 7.5
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with al
17-10-2016 - 23:31 09-09-2005 - 14:03
CVE-2005-2820 4.3
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "[if]" and "[endif]".
17-10-2016 - 23:30 07-09-2005 - 15:07
CVE-2005-2772 7.5
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain ar
17-10-2016 - 23:30 02-09-2005 - 19:03
CVE-2005-2769 4.3
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which
17-10-2016 - 23:30 02-09-2005 - 19:03
CVE-2005-2724 4.3
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the deve
17-10-2016 - 23:29 30-08-2005 - 07:45
CVE-2005-2629 5.1
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, whic
17-10-2016 - 23:29 18-11-2005 - 18:03
CVE-2005-2557 4.3
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE
17-10-2016 - 23:28 28-09-2005 - 17:03
CVE-2005-2556 7.5
core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remote attackers to connect to internal databases by modifying the g_db_type variable and monitoring the speed of responses, as identified by bug#0005956.
17-10-2016 - 23:28 24-08-2005 - 00:00
CVE-2005-2550 7.5
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user se
17-10-2016 - 23:28 12-08-2005 - 00:00
CVE-2005-2549 7.5
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task li
17-10-2016 - 23:28 12-08-2005 - 00:00
CVE-2005-2498 5.0
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certai
17-10-2016 - 23:27 15-08-2005 - 00:00
CVE-2005-2475 1.2
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
17-10-2016 - 23:27 05-08-2005 - 00:00
CVE-2005-2450 7.5
Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.
17-10-2016 - 23:27 03-08-2005 - 00:00
CVE-2005-2448 5.0
Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.
17-10-2016 - 23:27 03-08-2005 - 00:00
CVE-2005-2370 5.0
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
17-10-2016 - 23:26 26-07-2005 - 00:00
CVE-2005-2369 7.5
Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.
17-10-2016 - 23:26 26-07-2005 - 00:00
CVE-2005-2277 10.0
Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.
17-10-2016 - 23:25 15-07-2005 - 00:00
CVE-2005-2106 5.0
Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting.
17-10-2016 - 23:24 05-07-2005 - 00:00
CVE-2005-2088 4.3
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfe
17-10-2016 - 23:24 05-07-2005 - 00:00
CVE-2005-1921 7.5
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) Mail
17-10-2016 - 23:23 05-07-2005 - 00:00
CVE-2005-1768 3.7
Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread
17-10-2016 - 23:22 11-07-2005 - 00:00
CVE-2005-1759 1.2
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751.
17-10-2016 - 23:22 28-06-2005 - 00:00
CVE-2005-1751 3.7
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759.
17-10-2016 - 23:22 25-05-2005 - 00:00
CVE-2005-1636 4.6
mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
17-10-2016 - 23:21 17-05-2005 - 00:00
CVE-2005-0953 3.7
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
17-10-2016 - 23:15 02-05-2005 - 00:00
CVE-2005-0870 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[tem
17-10-2016 - 23:15 02-05-2005 - 00:00
CVE-2005-0710 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is pr
17-10-2016 - 23:13 02-05-2005 - 00:00
CVE-2005-0709 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
17-10-2016 - 23:13 02-05-2005 - 00:00
CVE-2005-0397 7.5
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filen
17-10-2016 - 23:11 02-05-2005 - 00:00
CVE-2004-2043 5.0
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated u
17-10-2016 - 23:05 01-05-2004 - 00:00
CVE-2004-1617 5.0
Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name i
17-10-2016 - 22:57 18-10-2004 - 00:00
CVE-2004-1382 2.1
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
17-10-2016 - 22:53 31-12-2004 - 00:00
CVE-2004-1170 10.0
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1165 7.5
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated u
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1095 10.0
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1010 10.0
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
17-10-2016 - 22:50 01-03-2005 - 00:00
CVE-2004-0996 2.1
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:50 10-01-2005 - 00:00
CVE-2004-0976 2.1
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
17-10-2016 - 22:50 09-02-2005 - 00:00
CVE-2004-0886 5.0
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0803 7.5
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
17-10-2016 - 22:49 23-12-2004 - 00:00
CVE-2004-0783 7.5
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifie
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0782 7.5
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0718 7.5
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other
17-10-2016 - 22:48 27-07-2004 - 00:00
CVE-2004-0700 7.5
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages f
17-10-2016 - 22:48 27-07-2004 - 00:00
CVE-2004-0692 5.0
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0691 7.5
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0649 10.0
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:47 06-08-2004 - 00:00
CVE-2004-0639 6.8
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php,
17-10-2016 - 22:47 06-08-2004 - 00:00
CVE-2004-0623 10.0
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.
17-10-2016 - 22:46 06-12-2004 - 00:00
CVE-2004-0599 5.0
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (applic
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0595 6.8
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explore
17-10-2016 - 22:46 27-07-2004 - 00:00
CVE-2004-0594 5.1
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of
17-10-2016 - 22:46 27-07-2004 - 00:00
CVE-2004-0591 6.8
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/deliver
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0583 5.0
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0582 5.0
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0523 10.0
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0521 10.0
SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0520 6.8
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0519 6.8
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0492 10.0
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0488 7.5
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subje
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0434 10.0
k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0426 5.0
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0421 5.0
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0418 10.0
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical prog
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0417 5.0
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consu
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0416 10.0
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0414 10.0
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0411 7.5
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to th
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0405 5.0
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
17-10-2016 - 22:45 01-06-2004 - 00:00
CVE-2004-0398 7.5
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0396 7.5
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
17-10-2016 - 22:44 14-06-2004 - 00:00
CVE-2004-0393 10.0
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.
17-10-2016 - 22:44 06-12-2004 - 00:00
CVE-2004-0388 2.1
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:44 01-06-2004 - 00:00
CVE-2004-0381 2.1
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
17-10-2016 - 22:44 04-05-2004 - 00:00
CVE-2004-0372 2.1
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
17-10-2016 - 22:44 15-04-2004 - 00:00
CVE-2004-0235 6.4
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/
17-10-2016 - 22:42 18-08-2004 - 00:00
CVE-2004-0234 10.0
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA
17-10-2016 - 22:42 18-08-2004 - 00:00
CVE-2004-0189 7.5
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the acce
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0188 7.2
Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password.
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0186 7.2
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0184 5.0
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversio
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0183 5.0
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Tes
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0180 2.6
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0179 5.1
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0177 5.0
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain por
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0176 5.0
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0158 4.6
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.
17-10-2016 - 22:41 29-03-2004 - 00:00
CVE-2004-0156 5.0
Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0153 7.5
Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by triggering certain error messages.
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2004-0152 7.5
Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing at
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2004-0148 7.2
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2004-0110 7.5
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
17-10-2016 - 22:40 15-03-2004 - 00:00
CVE-2004-0106 7.2
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0105 7.5
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0104 7.5
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0084 10.0
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a d
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0083 10.0
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CV
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0081 5.0
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2004-0077 7.2
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0074 4.6
Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949.
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0057 5.0
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0055 5.0
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0008 7.5
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2004-0007 7.5
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2004-0006 7.5
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yah
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2003-1029 5.0
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value w
17-10-2016 - 22:39 17-02-2004 - 00:00
CVE-2003-1023 7.5
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
17-10-2016 - 22:39 20-01-2004 - 00:00
CVE-2003-0989 7.5
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
17-10-2016 - 22:38 17-02-2004 - 00:00
CVE-2003-0985 7.2
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing
17-10-2016 - 22:38 20-01-2004 - 00:00
CVE-2003-0972 10.0
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0971 5.0
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0963 7.5
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
17-10-2016 - 22:38 05-01-2004 - 00:00
CVE-2003-0962 7.5
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0961 7.2
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0886 10.0
Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.
17-10-2016 - 22:38 01-12-2003 - 00:00
CVE-2003-0865 7.5
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.
17-10-2016 - 22:38 17-11-2003 - 00:00
CVE-2003-0850 7.5
The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."
17-10-2016 - 22:38 17-11-2003 - 00:00
CVE-2003-0848 4.6
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
17-10-2016 - 22:37 17-11-2003 - 00:00
CVE-2003-0805 7.5
Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.
17-10-2016 - 22:37 06-10-2003 - 00:00
CVE-2003-0795 5.0
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command
17-10-2016 - 22:37 15-12-2003 - 00:00
CVE-2003-0783 7.2
Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges.
17-10-2016 - 22:37 06-10-2003 - 00:00
CVE-2003-0780 9.0
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
17-10-2016 - 22:37 22-09-2003 - 00:00
CVE-2003-0743 7.5
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL c
17-10-2016 - 22:37 20-10-2003 - 00:00
CVE-2003-0730 7.5
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
17-10-2016 - 22:36 20-10-2003 - 00:00
CVE-2003-0695 7.5
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a differe
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0694 10.0
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0693 10.0
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CV
17-10-2016 - 22:36 22-09-2003 - 00:00
CVE-2003-0692 7.5
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0690 10.0
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0685 7.5
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0682 7.5
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0681 7.5
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0656 2.1
eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0652 4.6
Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0645 4.6
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0630 7.2
Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument.
17-10-2016 - 22:36 20-10-2003 - 00:00
CVE-2003-0625 6.4
Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0620 4.6
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0619 5.0
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0617 4.6
mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0615 4.3
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0614 4.3
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0581 7.5
X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ra
17-10-2016 - 22:35 18-08-2003 - 00:00
CVE-2003-0536 3.6
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng par
17-10-2016 - 22:35 18-08-2003 - 00:00
CVE-2003-0504 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0501 2.1
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0476 2.1
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0466 10.0
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to tr
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0459 5.0
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0455 4.6
The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0453 10.0
traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain "nprobes" and "max_ttl" arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer o
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0442 4.3
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
17-10-2016 - 22:33 24-07-2003 - 00:00
CVE-2003-0435 7.5
Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code.
17-10-2016 - 22:33 24-07-2003 - 00:00
CVE-2003-0385 7.2
Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option.
17-10-2016 - 22:33 02-07-2003 - 00:00
CVE-2003-0382 4.6
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable.
17-10-2016 - 22:33 02-07-2003 - 00:00
CVE-2003-0324 7.5
Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, o
17-10-2016 - 22:32 09-06-2003 - 00:00
CVE-2003-0323 7.5
Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_
17-10-2016 - 22:32 09-06-2003 - 00:00
CVE-2003-0321 7.5
Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nicknames, or channel names, which are not properly ha
17-10-2016 - 22:32 09-06-2003 - 00:00
CVE-2003-0299 7.5
The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or intege
17-10-2016 - 22:32 16-06-2003 - 00:00
CVE-2003-0282 2.6
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
17-10-2016 - 22:31 16-06-2003 - 00:00
CVE-2003-0252 10.0
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain ne
17-10-2016 - 22:31 18-08-2003 - 00:00
CVE-2003-0246 3.6
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
17-10-2016 - 22:31 16-06-2003 - 00:00
CVE-2003-0244 5.0
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.
17-10-2016 - 22:31 27-05-2003 - 00:00
CVE-2003-0213 7.5
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0212 7.5
handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large numbe
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0209 10.0
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0206 5.0
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0205 7.5
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0204 7.5
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0203 7.5
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.
17-10-2016 - 22:30 11-04-2003 - 00:00
CVE-2003-0201 10.0
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0196 10.0
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0195 5.0
CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
17-10-2016 - 22:30 16-06-2003 - 00:00
CVE-2003-0162 7.5
Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0161 10.0
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a s
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0150 9.0
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by mod
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0147 5.0
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the us
17-10-2016 - 22:30 31-03-2003 - 00:00
CVE-2003-0144 7.2
Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or
17-10-2016 - 22:30 31-03-2003 - 00:00
CVE-2003-0140 7.5
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitra
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0139 7.5
Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-p
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0138 7.5
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
17-10-2016 - 22:29 24-03-2003 - 00:00
CVE-2003-0127 7.2
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0108 5.0
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
17-10-2016 - 22:29 07-03-2003 - 00:00
CVE-2003-0102 4.6
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
17-10-2016 - 22:29 18-03-2003 - 00:00
CVE-2003-0101 10.0
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0086 1.2
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0085 10.0
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0079 2.1
The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0078 5.0
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cry
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0073 5.0
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
17-10-2016 - 22:29 19-02-2003 - 00:00
CVE-2003-0071 2.1
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0068 7.5
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malic
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0063 7.5
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin
17-10-2016 - 22:28 03-03-2003 - 00:00
CVE-2003-0057 7.5
Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by conn
17-10-2016 - 22:28 19-02-2003 - 00:00
CVE-2003-0056 7.2
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
17-10-2016 - 22:28 19-02-2003 - 00:00
CVE-2003-0039 5.0
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is n
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0038 4.3
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0033 10.0
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.
17-10-2016 - 22:28 07-03-2003 - 00:00
CVE-2003-0032 5.0
Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0031 7.5
Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0028 7.5
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via
17-10-2016 - 22:28 25-03-2003 - 00:00
CVE-2003-0025 7.5
Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using ma
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0015 7.5
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Check
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0013 7.5
The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remo
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0012 2.1
The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data.
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2002-2260 4.3
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page.
17-10-2016 - 22:27 31-12-2002 - 00:00
CVE-2002-1575 5.0
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email
17-10-2016 - 22:27 03-03-2004 - 00:00
CVE-2002-1565 7.5
Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.
17-10-2016 - 22:27 16-06-2003 - 00:00
CVE-2002-1405 5.0
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace chara
17-10-2016 - 22:26 19-02-2003 - 00:00
CVE-2002-1403 7.2
dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1394 7.5
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1393 7.5
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1387 4.6
The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument.
17-10-2016 - 22:26 02-01-2003 - 00:00
CVE-2002-1386 4.6
Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.
17-10-2016 - 22:26 02-01-2003 - 00:00
CVE-2002-1384 7.2
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
17-10-2016 - 22:26 02-01-2003 - 00:00
CVE-2002-1383 10.0
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1376 7.5
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and po
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1375 7.5
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1374 7.5
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the fi
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1373 5.0
Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1372 5.0
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descripto
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1371 7.5
filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1369 10.0
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1368 7.5
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negativ
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1367 10.0
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate fo
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1366 6.2
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1365 7.5
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local ad
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1364 7.2
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1350 7.5
The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1348 5.0
w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.
17-10-2016 - 22:26 19-02-2003 - 00:00
CVE-2002-1341 6.8
Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters.
17-10-2016 - 22:26 18-12-2002 - 00:00
CVE-2002-1337 10.0
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
17-10-2016 - 22:26 07-03-2003 - 00:00
CVE-2002-1323 4.6
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1318 10.0
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1306 7.5
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1282 7.5
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1281 7.5
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1271 7.5
The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.
17-10-2016 - 22:25 12-11-2002 - 00:00
CVE-2002-1247 7.2
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1245 7.2
Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.
17-10-2016 - 22:25 12-11-2002 - 00:00
CVE-2002-1233 2.6
A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack
17-10-2016 - 22:25 04-11-2002 - 00:00
CVE-2002-1232 5.0
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
17-10-2016 - 22:25 04-11-2002 - 00:00
CVE-2002-1221 5.0
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1220 5.0
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1219 7.5
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1200 7.5
Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to ca
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-1196 7.5
editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-1175 5.0
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1174 7.5
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers,
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1158 7.2
Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user.
17-10-2016 - 22:24 18-12-2002 - 00:00
CVE-2002-1148 5.0
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1119 4.6
os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1114 7.5
config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1113 7.5
summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1112 5.0
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1111 5.0
print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1110 10.0
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_updat
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1051 4.6
Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-0989 7.5
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0986 5.0
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0985 7.5
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and poss
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0970 7.5
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0843 7.5
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0840 6.8
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web pag
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0839 7.2
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0838 4.6
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScri
17-10-2016 - 22:22 10-10-2002 - 00:00
CVE-2002-0836 7.5
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
17-10-2016 - 22:22 28-10-2002 - 00:00
CVE-2002-0818 7.5
wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value.
17-10-2016 - 22:22 12-08-2002 - 00:00
CVE-2002-0817 7.2
Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument.
17-10-2016 - 22:22 12-08-2002 - 00:00
CVE-2002-0662 2.1
scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.
17-10-2016 - 22:21 04-10-2002 - 00:00
CVE-2002-0653 4.6
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long e
17-10-2016 - 22:21 11-07-2002 - 00:00
CVE-2002-0640 10.0
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authenticat
17-10-2016 - 22:20 03-07-2002 - 00:00
CVE-2002-0639 10.0
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
17-10-2016 - 22:20 03-07-2002 - 00:00
CVE-2002-0429 3.6
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2002-0404 5.0
Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0403 5.0
DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0402 7.5
Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0401 7.5
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0391 10.0
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2002-0380 7.5
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
17-10-2016 - 22:19 18-06-2002 - 00:00
CVE-2002-0334 2.1
xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file.
17-10-2016 - 22:19 25-06-2002 - 00:00
CVE-2002-0300 5.0
gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ a
17-10-2016 - 22:18 31-05-2002 - 00:00
CVE-2002-0239 7.2
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.
17-10-2016 - 22:17 29-05-2002 - 00:00
CVE-2002-0230 5.0
Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message.
17-10-2016 - 22:17 16-05-2002 - 00:00
CVE-2002-0184 7.2
Heap-based buffer overflow in sudo before 1.6.6 may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
17-10-2016 - 22:16 16-05-2002 - 00:00
CVE-2002-0181 7.5
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
17-10-2016 - 22:16 22-04-2002 - 00:00
CVE-2002-0164 4.6
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0092 5.0
CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability.
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0081 7.5
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2002-0043 7.2
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.
17-10-2016 - 22:15 31-01-2002 - 00:00
CVE-2002-0006 7.5
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in
17-10-2016 - 22:15 25-06-2002 - 00:00
CVE-2002-0004 7.2
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2002-0001 7.5
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2001-1370 10.0
prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5
17-10-2016 - 22:14 21-07-2001 - 00:00
CVE-2001-1274 7.5
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
17-10-2016 - 22:14 23-01-2001 - 00:00
CVE-2001-1230 7.5
Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
17-10-2016 - 22:14 13-03-2001 - 00:00
CVE-2001-0928 7.5
Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data.
17-10-2016 - 22:13 28-11-2001 - 00:00
CVE-2001-0927 7.5
Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message
17-10-2016 - 22:13 27-11-2001 - 00:00
CVE-2001-0894 5.0
Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number
17-10-2016 - 22:12 11-11-2001 - 00:00
CVE-2001-0873 7.2
uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.
17-10-2016 - 22:12 21-12-2001 - 00:00
CVE-2001-0872 7.2
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
17-10-2016 - 22:12 21-12-2001 - 00:00
CVE-2001-0843 5.0
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
17-10-2016 - 22:12 06-12-2001 - 00:00
CVE-2001-0550 7.5
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
17-10-2016 - 22:11 30-11-2001 - 00:00
CVE-2001-0441 7.5
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
17-10-2016 - 22:11 27-06-2001 - 00:00
CVE-2001-0416 2.1
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
17-10-2016 - 22:11 27-06-2001 - 00:00
CVE-2001-0361 4.0
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1
17-10-2016 - 22:10 27-06-2001 - 00:00
CVE-2001-0318 7.5
Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).
17-10-2016 - 22:10 02-06-2001 - 00:00
CVE-2001-0193 7.2
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
17-10-2016 - 22:10 03-05-2001 - 00:00
CVE-2001-0144 10.0
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
17-10-2016 - 22:10 12-03-2001 - 00:00
CVE-2001-0142 1.2
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0141 1.2
mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0138 1.2
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0131 1.2
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0129 10.0
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0125 1.2
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0112 7.2
Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0111 7.2
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-1999-1332 2.1
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
17-10-2016 - 22:03 31-12-1999 - 00:00
CVE-2006-3467 7.5
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
30-08-2016 - 21:59 21-07-2006 - 10:03
CVE-2006-0042 5.0
Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in
25-05-2016 - 13:25 18-02-2006 - 16:02
CVE-2001-0775 7.5
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
19-05-2016 - 23:00 18-10-2001 - 00:00
CVE-2006-4096 5.0
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.
16-03-2015 - 21:59 05-09-2006 - 20:04
CVE-2005-4667 3.7
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses
09-01-2015 - 21:59 31-12-2005 - 00:00
CVE-2007-0008 6.8
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server produc
04-05-2014 - 22:38 26-02-2007 - 15:28
CVE-2007-0009 6.8
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System ser
16-01-2014 - 22:46 26-02-2007 - 15:28
CVE-2005-0448 1.2
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
23-10-2013 - 21:44 02-05-2005 - 00:00
CVE-2006-5467 5.0
The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier
13-09-2013 - 01:21 27-10-2006 - 14:07
CVE-2001-0187 10.0
Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
13-09-2013 - 00:13 26-03-2001 - 00:00
CVE-2006-1725 2.6
Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users in
11-09-2013 - 00:53 14-04-2006 - 06:02
CVE-2006-1723 7.5
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due
08-09-2013 - 00:50 14-04-2006 - 06:02
CVE-2006-4340 4.0
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature
07-09-2013 - 01:04 15-09-2006 - 14:07
CVE-2006-4334 5.0
Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.
05-09-2013 - 01:00 19-09-2006 - 17:07
CVE-2003-0973 5.0
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
04-09-2013 - 00:26 15-12-2003 - 00:00
CVE-2002-0658 6.2
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
04-09-2013 - 00:18 12-08-2002 - 00:00
CVE-2006-0147 7.5
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (
30-08-2013 - 00:52 09-01-2006 - 18:03
CVE-2007-1592 4.9
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6
29-08-2013 - 01:29 22-03-2007 - 15:19
CVE-2006-4335 7.5
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v
29-08-2013 - 01:14 19-09-2006 - 17:07
CVE-2006-3738 10.0
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.
23-08-2013 - 01:21 28-09-2006 - 14:07
CVE-2003-0773 7.5
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
23-08-2013 - 00:29 22-09-2003 - 00:00
CVE-2005-1992 7.5
The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands.
21-08-2013 - 00:42 20-06-2005 - 00:00
CVE-2003-0969 7.5
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
20-08-2013 - 00:27 20-01-2004 - 00:00
CVE-2005-3732 7.8
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packet
16-08-2013 - 01:08 21-11-2005 - 17:03
CVE-2006-4343 4.3
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer derefer
29-07-2013 - 11:07 28-09-2006 - 14:07
CVE-2006-2026 6.5
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield me
18-07-2013 - 09:46 25-04-2006 - 19:02
CVE-2006-1732 4.3
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS)
15-07-2013 - 00:54 14-04-2006 - 06:02
CVE-2006-1728 9.3
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypt
11-07-2013 - 00:53 14-04-2006 - 06:02
CVE-2006-4095 5.0
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
03-07-2013 - 11:13 05-09-2006 - 20:04
CVE-2006-4811 6.8
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
07-02-2013 - 00:00 18-10-2006 - 13:07
CVE-2007-2172 4.7
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, I
05-11-2012 - 22:37 22-04-2007 - 15:19
CVE-2007-2754 6.8
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overf
30-10-2012 - 22:36 17-05-2007 - 18:30
CVE-2002-1275 7.5
Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input."
11-10-2012 - 00:00 12-11-2002 - 00:00
CVE-2005-4878 4.3
Multiple cross-site scripting (XSS) vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts
03-07-2012 - 00:00 18-02-2009 - 15:30
CVE-2005-3325 7.5
Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these pro
03-07-2012 - 00:00 27-10-2005 - 06:02
CVE-2007-6206 2.1
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might
19-03-2012 - 00:00 03-12-2007 - 19:46
CVE-2006-4145 4.9
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.
19-03-2012 - 00:00 21-08-2006 - 15:04
CVE-2006-3745 7.2
Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown at
19-03-2012 - 00:00 23-08-2006 - 15:04
CVE-2006-2936 7.8
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, wh
19-03-2012 - 00:00 10-07-2006 - 15:05
CVE-2005-0756 2.1
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).
19-03-2012 - 00:00 08-06-2005 - 00:00
CVE-2007-0017 6.8
Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCD
27-01-2012 - 00:31 02-01-2007 - 21:28
CVE-2006-4018 7.5
Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.
17-10-2011 - 00:00 08-08-2006 - 16:04
CVE-2006-3462 7.5
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.
17-10-2011 - 00:00 02-08-2006 - 21:04
CVE-2006-3460 7.5
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line
17-10-2011 - 00:00 02-08-2006 - 21:04
CVE-2006-3251 7.5
Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.
17-10-2011 - 00:00 27-06-2006 - 14:05
CVE-2005-2976 7.5
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-200
12-10-2011 - 00:00 18-11-2005 - 01:03
CVE-2007-1536 9.3
Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
11-10-2011 - 00:00 20-03-2007 - 16:19
CVE-2006-0747 5.0
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of val
11-10-2011 - 00:00 23-05-2006 - 06:06
CVE-2007-2525 4.9
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN
03-10-2011 - 00:00 08-05-2007 - 19:19
CVE-2006-1729 4.3
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file
21-09-2011 - 00:00 14-04-2006 - 06:02
CVE-2007-0994 6.8
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI
20-09-2011 - 00:00 05-03-2007 - 19:19
CVE-2006-2783 4.3
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the mi
20-09-2011 - 00:00 02-06-2006 - 15:02
CVE-2006-2775 7.5
Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wro
20-09-2011 - 00:00 02-06-2006 - 14:02
CVE-2007-0045 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Exp
13-09-2011 - 00:00 03-01-2007 - 16:28
CVE-2006-0806 4.3
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspeci
13-09-2011 - 00:00 20-02-2006 - 21:02
CVE-2006-3806 7.5
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSourc
08-09-2011 - 00:00 27-07-2006 - 15:04
CVE-2005-4077 4.6
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prev
08-09-2011 - 00:00 07-12-2005 - 20:03
CVE-2006-3747 7.6
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (applica
06-09-2011 - 00:00 28-07-2006 - 14:02
CVE-2006-3600 5.1
Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date
06-09-2011 - 00:00 18-07-2006 - 11:37
CVE-2006-3459 7.5
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, incl
06-09-2011 - 00:00 02-08-2006 - 21:04
CVE-2006-1937 5.0
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) ge
06-09-2011 - 00:00 25-04-2006 - 08:50
CVE-2007-0775 3.7
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially e
01-09-2011 - 00:00 26-02-2007 - 14:28
CVE-2006-6498 6.8
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to
01-09-2011 - 00:00 19-12-2006 - 20:28
CVE-2006-6497 6.8
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and
01-09-2011 - 00:00 19-12-2006 - 20:28
CVE-2006-5748 5.0
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi
01-09-2011 - 00:00 08-11-2006 - 16:07
CVE-2006-3464 7.5
TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecifi
01-09-2011 - 00:00 02-08-2006 - 21:04
CVE-2006-0047 5.0
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
25-08-2011 - 00:00 07-03-2006 - 06:02
CVE-2006-1057 3.7
Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file.
10-08-2011 - 00:00 24-04-2006 - 21:02
CVE-2005-3863 7.5
Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to t
04-08-2011 - 00:00 29-11-2005 - 06:03
CVE-2005-2930 5.1
Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different
02-08-2011 - 00:00 28-10-2005 - 17:02
CVE-2005-3011 1.2
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
25-07-2011 - 00:00 21-09-2005 - 16:03
CVE-2005-0989 5.0
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
11-07-2011 - 00:00 02-05-2005 - 00:00
CVE-2006-4814 4.6
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.
20-06-2011 - 00:00 19-12-2006 - 21:28
CVE-2006-2784 5.1
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascrip
20-06-2011 - 00:00 02-06-2006 - 15:02
CVE-2005-2975 7.8
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
20-06-2011 - 00:00 18-11-2005 - 01:03
CVE-2005-2966 5.1
The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.
16-06-2011 - 00:00 05-10-2005 - 17:02
CVE-2006-0146 7.5
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty,
14-06-2011 - 00:00 09-01-2006 - 18:03
CVE-2006-3463 7.8
The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value,
10-06-2011 - 00:00 02-08-2006 - 21:04
CVE-2007-4311 6.8
The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number ge
25-05-2011 - 00:00 13-08-2007 - 17:17
CVE-2006-0884 9.3
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript U
25-05-2011 - 00:00 24-02-2006 - 17:02
CVE-2005-3570 4.3
Unspecified cross-site scripting (XSS) vulnerability in Horde before 2.2.9 allows remote attackers to inject arbitrary web script or HTML via "not properly escaped error messages".
19-05-2011 - 00:00 16-11-2005 - 02:42
CVE-2005-2177 5.0
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an
19-05-2011 - 00:00 11-07-2005 - 00:00
CVE-2006-1173 5.0
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Se
13-05-2011 - 00:00 07-06-2006 - 19:06
CVE-2006-2276 4.9
bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.
31-03-2011 - 00:00 09-05-2006 - 22:14
CVE-2006-2224 5.0
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
31-03-2011 - 00:00 05-05-2006 - 15:02
CVE-2006-2223 5.0
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST p
31-03-2011 - 00:00 05-05-2006 - 15:02
CVE-2003-0858 2.1
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
31-03-2011 - 00:00 15-12-2003 - 00:00
CVE-2006-4434 5.0
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the sev
10-03-2011 - 00:00 28-08-2006 - 20:04
CVE-2005-3961 5.0
export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter.
10-03-2011 - 00:00 01-12-2005 - 01:03
CVE-2006-4542 6.8
Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute program
09-03-2011 - 00:00 05-09-2006 - 19:04
CVE-2008-0007 7.2
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
07-03-2011 - 22:03 07-02-2008 - 21:00
CVE-2007-6694 7.8
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which t
07-03-2011 - 22:03 29-01-2008 - 15:00
CVE-2007-6151 7.2
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.
07-03-2011 - 22:02 14-12-2007 - 20:46
CVE-2007-6063 6.9
Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.
07-03-2011 - 22:01 20-11-2007 - 19:46
CVE-2007-4308 1.9
The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.
07-03-2011 - 21:58 13-08-2007 - 17:17
CVE-2007-1547 7.8
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
07-03-2011 - 21:52 20-03-2007 - 18:19
CVE-2007-1546 5.0
Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum para
07-03-2011 - 21:52 20-03-2007 - 18:19
CVE-2007-1545 5.0
The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID.
07-03-2011 - 21:52 20-03-2007 - 18:19
CVE-2007-1544 5.0
Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples
07-03-2011 - 21:52 20-03-2007 - 18:19
CVE-2007-1543 10.0
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.
07-03-2011 - 21:52 20-03-2007 - 18:19
CVE-2007-1353 2.1
The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function
07-03-2011 - 21:51 24-04-2007 - 12:19
CVE-2007-1343 7.5
includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, wh
07-03-2011 - 21:51 08-03-2007 - 17:19
CVE-2007-1282 9.3
Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long lin
07-03-2011 - 21:51 05-03-2007 - 21:19
CVE-2007-1263 5.0
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a mes
07-03-2011 - 21:51 06-03-2007 - 15:19
CVE-2007-1218 6.8
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally re
07-03-2011 - 21:51 02-03-2007 - 16:18
CVE-2007-0996 5.8
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated us
07-03-2011 - 21:51 26-02-2007 - 21:28
CVE-2007-0995 4.3
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
07-03-2011 - 21:51 26-02-2007 - 14:28
CVE-2007-0778 5.4
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i
07-03-2011 - 21:50 26-02-2007 - 15:28
CVE-2007-0654 9.3
Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow.
07-03-2011 - 21:50 21-03-2007 - 18:19
CVE-2007-0653 9.3
Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption.
07-03-2011 - 21:50 21-03-2007 - 18:19
CVE-2007-0240 4.3
Cross-site scripting (XSS) vulnerability in Zope 2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a HTTP GET request.
07-03-2011 - 21:49 22-03-2007 - 14:19
CVE-2006-7140 5.8
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed
07-03-2011 - 21:47 07-03-2007 - 15:19
CVE-2006-6669 6.8
Cross-site scripting (XSS) vulnerability in export_handler.php in WebCalendar 1.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter.
07-03-2011 - 21:46 20-12-2006 - 18:28
CVE-2006-6574 5.0
Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field.
07-03-2011 - 21:46 15-12-2006 - 14:28
CVE-2006-6505 6.8
Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME no
07-03-2011 - 21:46 19-12-2006 - 20:28
CVE-2006-6503 6.8
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript:
07-03-2011 - 21:46 19-12-2006 - 20:28
CVE-2006-6502 7.1
Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown
07-03-2011 - 21:46 19-12-2006 - 20:28
CVE-2006-6501 6.8
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
07-03-2011 - 21:46 19-12-2006 - 20:28
CVE-2006-6499 4.3
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers
07-03-2011 - 21:46 19-12-2006 - 20:28
CVE-2006-6097 4.0
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function
07-03-2011 - 21:45 24-11-2006 - 13:07
CVE-2006-6077 5.0
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matc
07-03-2011 - 21:45 24-11-2006 - 12:07
CVE-2006-6054 4.0
The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.
07-03-2011 - 21:44 21-11-2006 - 20:07
CVE-2006-6053 4.9
The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.
07-03-2011 - 21:44 21-11-2006 - 20:07
CVE-2006-5989 5.0
Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array.
07-03-2011 - 21:44 20-11-2006 - 16:07
CVE-2006-5464 5.0
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors.
07-03-2011 - 21:43 08-11-2006 - 16:07
CVE-2006-5463 7.5
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object whi
07-03-2011 - 21:43 08-11-2006 - 17:07
CVE-2006-5462 6.4
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature
07-03-2011 - 21:43 08-11-2006 - 16:07
CVE-2006-5444 7.5
Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value
07-03-2011 - 21:43 23-10-2006 - 13:07
CVE-2006-5201 4.0
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (
07-03-2011 - 21:42 10-10-2006 - 00:06
CVE-2006-4810 4.6
Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file.
07-03-2011 - 21:42 08-11-2006 - 16:07
CVE-2006-4805 5.0
epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a ze
07-03-2011 - 21:42 27-10-2006 - 19:07
CVE-2006-4624 2.6
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.
07-03-2011 - 21:41 07-09-2006 - 15:04
CVE-2006-4574 5.0
Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length valu
07-03-2011 - 21:41 27-10-2006 - 20:07
CVE-2006-4571 10.0
Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified ve
07-03-2011 - 21:41 15-09-2006 - 15:07
CVE-2006-4568 4.3
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other atta
07-03-2011 - 21:41 15-09-2006 - 15:07
CVE-2006-4566 5.0
Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character
07-03-2011 - 21:41 15-09-2006 - 14:07
CVE-2006-4565 9.3
Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression
07-03-2011 - 21:41 15-09-2006 - 14:07
CVE-2006-4447 7.2
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those ca
07-03-2011 - 21:40 29-08-2006 - 21:04
CVE-2006-4338 5.0
unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
07-03-2011 - 21:40 19-09-2006 - 17:07
CVE-2006-4337 7.5
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
07-03-2011 - 21:40 19-09-2006 - 17:07
CVE-2006-4336 7.5
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
07-03-2011 - 21:40 19-09-2006 - 17:07
CVE-2006-4226 3.6
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have pe
07-03-2011 - 21:40 18-08-2006 - 16:04
CVE-2006-4093 4.9
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."
07-03-2011 - 21:40 21-08-2006 - 17:04
CVE-2006-3913 7.5
Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value i
07-03-2011 - 21:39 27-07-2006 - 20:04
CVE-2006-3811 7.5
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory cor
07-03-2011 - 21:39 27-07-2006 - 16:04
CVE-2006-3810 6.8
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
07-03-2011 - 21:39 27-07-2006 - 16:04
CVE-2006-3809 7.5
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a p
07-03-2011 - 21:39 27-07-2006 - 16:04
CVE-2006-3808 7.5
Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.
07-03-2011 - 21:39 27-07-2006 - 16:04
CVE-2006-3807 7.5
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and callin
07-03-2011 - 21:39 27-07-2006 - 15:04
CVE-2006-3805 7.5
The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object
07-03-2011 - 21:39 27-07-2006 - 16:04
CVE-2006-3746 5.0
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
07-03-2011 - 21:39 28-07-2006 - 17:04
CVE-2006-3740 7.2
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and
07-03-2011 - 21:39 12-09-2006 - 21:07
CVE-2006-3739 7.2
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-
07-03-2011 - 21:39 12-09-2006 - 21:07
CVE-2006-3636 6.8
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
07-03-2011 - 21:39 05-09-2006 - 20:04
CVE-2006-3619 2.6
Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences.
07-03-2011 - 21:39 25-07-2006 - 15:17
CVE-2006-3465 7.5
Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.
07-03-2011 - 21:38 02-08-2006 - 21:04
CVE-2006-3461 7.5
Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors.
07-03-2011 - 21:38 02-08-2006 - 21:04
CVE-2006-3379 5.0
Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through 0.6.5 and 0.8.0 through 0.8.5 allows remote attackers to cause a denial of service (CPU consumption) by performing a diff between large, crafted pages that trigger the worst case.
07-03-2011 - 21:38 06-07-2006 - 16:05
CVE-2006-3320 2.6
Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the command parameter.
07-03-2011 - 21:38 29-06-2006 - 21:05
CVE-2006-2935 4.6
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device
07-03-2011 - 21:37 05-07-2006 - 14:05
CVE-2006-2787 9.3
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
07-03-2011 - 21:37 02-06-2006 - 16:02
CVE-2006-2786 2.6
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites
07-03-2011 - 21:37 02-06-2006 - 16:02
CVE-2006-2785 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute
07-03-2011 - 21:37 02-06-2006 - 15:02
CVE-2006-2782 4.3
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.
07-03-2011 - 21:37 02-06-2006 - 15:02
CVE-2006-2781 6.4
Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 charact
07-03-2011 - 21:37 02-06-2006 - 15:02
CVE-2006-2780 9.3
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.
07-03-2011 - 21:37 02-06-2006 - 15:02
CVE-2006-2778 5.0
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer over
07-03-2011 - 21:37 02-06-2006 - 14:02
CVE-2006-2777 7.5
Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifica
07-03-2011 - 21:37 02-06-2006 - 14:02
CVE-2006-2776 7.5
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.
07-03-2011 - 21:37 02-06-2006 - 14:02
CVE-2006-2753 7.5
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properl
07-03-2011 - 21:36 01-06-2006 - 13:02
CVE-2006-2661 5.0
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
07-03-2011 - 21:36 30-05-2006 - 15:02
CVE-2006-2489 7.5
Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (Content-Length) HTTP header. NOTE: this is a diffe
07-03-2011 - 21:36 19-05-2006 - 19:02
CVE-2006-2458 4.0
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT p
07-03-2011 - 21:36 18-05-2006 - 19:02
CVE-2006-2444 7.8
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees o
07-03-2011 - 21:36 25-05-2006 - 06:02
CVE-2006-2237 5.1
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
07-03-2011 - 21:35 08-05-2006 - 19:02
CVE-2006-2162 5.0
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header.
07-03-2011 - 21:35 03-05-2006 - 17:02
CVE-2006-2025 6.5
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.
07-03-2011 - 21:34 25-04-2006 - 19:02
CVE-2006-2024 4.0
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (
07-03-2011 - 21:34 25-04-2006 - 19:02
CVE-2006-2016 2.6
Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1989 5.1
Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.
07-03-2011 - 21:34 01-05-2006 - 15:06
CVE-2006-1940 5.0
Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP dissector.
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1939 5.0
Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6)
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1938 5.0
Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector.
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1936 5.0
Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector.
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1935 5.0
Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector.
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1934 5.0
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1933 5.0
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or infinite loops) viarafted packets to the (1) UMA and (2) BER dissectors.
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1932 10.0
Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.
07-03-2011 - 21:34 25-04-2006 - 08:50
CVE-2006-1827 6.4
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigne
07-03-2011 - 21:34 18-04-2006 - 16:02
CVE-2006-1790 10.0
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.
07-03-2011 - 21:34 14-04-2006 - 15:02
CVE-2006-1742 5.0
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remot
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1741 4.3
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new p
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1740 2.6
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1738 5.0
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (
07-03-2011 - 21:33 14-04-2006 - 14:02
CVE-2006-1737 9.3
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via
07-03-2011 - 21:33 14-04-2006 - 14:02
CVE-2006-1736 2.6
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image li
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1735 9.3
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javas
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1734 6.8
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal func
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1733 6.8
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1731 4.3
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are calle
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1727 7.6
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to t
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1726 9.3
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox'
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1724 7.5
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via atta
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1629 9.0
OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.
07-03-2011 - 21:33 06-04-2006 - 18:04
CVE-2006-1531 7.5
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1530 7.5
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1529 7.5
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1518 6.5
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
07-03-2011 - 21:33 05-05-2006 - 08:46
CVE-2006-1517 5.0
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error m
07-03-2011 - 21:33 05-05-2006 - 08:46
CVE-2006-1516 5.0
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
07-03-2011 - 21:33 05-05-2006 - 08:46
CVE-2006-1354 7.5
Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.
07-03-2011 - 21:32 21-03-2006 - 21:02
CVE-2006-1045 2.6
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive info
07-03-2011 - 21:31 07-03-2006 - 06:02
CVE-2006-0903 4.6
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query f
07-03-2011 - 21:31 27-02-2006 - 18:02
CVE-2006-0748 9.3
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that
07-03-2011 - 21:30 14-04-2006 - 06:02
CVE-2006-0709 7.5
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
07-03-2011 - 21:30 15-02-2006 - 06:06
CVE-2006-0645 7.5
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by inva
07-03-2011 - 21:30 10-02-2006 - 13:06
CVE-2006-0460 7.5
Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote attackers to execute arbitrary code via long error messages.
07-03-2011 - 21:30 16-02-2006 - 20:02
CVE-2006-0459 7.5
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contain
07-03-2011 - 21:30 29-03-2006 - 18:02
CVE-2006-0410 5.0
SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.
07-03-2011 - 21:30 24-01-2006 - 21:03
CVE-2006-0402 7.5
SQL injection vulnerability in Zoph before 0.5pre1 allows remote attackers to execute arbitrary SQL commands.
07-03-2011 - 21:29 24-01-2006 - 21:03
CVE-2006-0351 5.0
Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors.
07-03-2011 - 21:29 20-01-2006 - 20:03
CVE-2006-0348 5.0
Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtai
07-03-2011 - 21:29 20-01-2006 - 20:03
CVE-2006-0347 5.0
Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL.
07-03-2011 - 21:29 20-01-2006 - 20:03
CVE-2006-0296 5.0
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf fil
07-03-2011 - 21:29 02-02-2006 - 15:06
CVE-2006-0293 7.5
The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that opera
07-03-2011 - 21:29 02-02-2006 - 15:06
CVE-2006-0292 7.5
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garb
07-03-2011 - 21:29 02-02-2006 - 15:06
CVE-2006-0162 7.5
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
07-03-2011 - 21:29 10-01-2006 - 14:03
CVE-2006-0051 5.1
Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the http_
07-03-2011 - 21:29 05-04-2006 - 06:04
CVE-2006-0049 5.0
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report
07-03-2011 - 21:29 13-03-2006 - 16:06
CVE-2006-0046 7.8
squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service (CPU consumption) via a URL with a large number of trailing / (forward slashes), which might produce inefficient regular expressions.
07-03-2011 - 21:29 13-02-2006 - 06:06
CVE-2006-0044 7.5
Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remote attackers to execute arbitrary commands via unspecified vectors involving template files and the "handling of submitted form fields".
07-03-2011 - 21:29 17-01-2006 - 20:51
CVE-2005-4644 4.3
Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.
07-03-2011 - 21:28 31-12-2005 - 00:00
CVE-2005-4601 7.5
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
07-03-2011 - 21:28 31-12-2005 - 00:00
CVE-2005-4524 5.0
Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak.
07-03-2011 - 21:28 27-12-2005 - 20:03
CVE-2005-4523 5.0
Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information.
07-03-2011 - 21:28 27-12-2005 - 20:03
CVE-2005-4522 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the view_filters_page.php filters script in Mantis 1.0.0rc3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) view_type and (2) target_field parameters.
07-03-2011 - 21:28 27-12-2005 - 20:03
CVE-2005-4521 5.0
CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via (1) the return parameter in login_cookie_test.php and (2) ref parameter in login_select_proj_pa
07-03-2011 - 21:28 27-12-2005 - 20:03
CVE-2005-4520 5.0
Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which is the source of this description, it is unclear wh
07-03-2011 - 21:28 27-12-2005 - 20:03
CVE-2005-4519 7.5
Multiple SQL injection vulnerabilities in the manage user page (manage_user_page.php) in Mantis 1.0.0rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prefix and (2) sort parameters to the manage user page (manage_u
07-03-2011 - 21:28 27-12-2005 - 20:03
CVE-2005-4518 7.5
Mantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying the max_file_size parameter to (1) bug_file_add.php, (2) bug_report.php, (3) bug_report_advanced_page.php, and (4) proj_doc_add_page.php.
07-03-2011 - 21:28 27-12-2005 - 20:03
CVE-2005-4470 7.5
Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negativ
07-03-2011 - 21:28 21-12-2005 - 19:03
CVE-2005-4238 4.3
Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter.
07-03-2011 - 21:27 14-12-2005 - 06:03
CVE-2005-4189 3.5
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deletin
07-03-2011 - 21:27 13-12-2005 - 06:03
CVE-2005-4178 6.5
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operati
07-03-2011 - 21:27 12-12-2005 - 16:03
CVE-2005-4065 7.5
SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
07-03-2011 - 21:27 07-12-2005 - 06:03
CVE-2005-3982 5.0
CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.
07-03-2011 - 21:27 04-12-2005 - 06:03
CVE-2005-3975 4.0
Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF or JPEG file extension, which causes the HTML to be execu
07-03-2011 - 21:27 03-12-2005 - 14:03
CVE-2005-3974 6.4
Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.
07-03-2011 - 21:27 03-12-2005 - 14:03
CVE-2005-3973 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 allow remote attackers to inject arbitrary web script or HTML via various HTML tags and values, such as the (1) legend tag and the value paramet
07-03-2011 - 21:27 03-12-2005 - 14:03
CVE-2005-3949 7.5
Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_handler.php, (3) template parameter to edit_templat
07-03-2011 - 21:27 01-12-2005 - 01:03
CVE-2005-3912 7.5
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary
07-03-2011 - 21:27 30-11-2005 - 06:03
CVE-2005-3737 5.1
Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.
07-03-2011 - 21:27 21-11-2005 - 19:03
CVE-2005-3651 7.5
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
07-03-2011 - 21:26 10-12-2005 - 06:03
CVE-2005-3559 5.0
Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter.
07-03-2011 - 21:26 16-11-2005 - 02:42
CVE-2005-3318 5.1
Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930.
07-03-2011 - 21:26 27-10-2005 - 06:02
CVE-2005-3301 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
07-03-2011 - 21:26 24-10-2005 - 06:02
CVE-2005-3256 5.0
The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message.
07-03-2011 - 21:26 18-10-2005 - 17:02
CVE-2005-3186 7.5
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer o
07-03-2011 - 21:25 18-11-2005 - 01:03
CVE-2005-2969 5.0
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allow
07-03-2011 - 21:25 18-10-2005 - 17:02
CVE-2005-2968 7.5
Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.
07-03-2011 - 21:25 20-09-2005 - 18:03
CVE-2005-2728 5.0
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
07-03-2011 - 21:24 30-08-2005 - 07:45
CVE-2005-2707 5.0
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2706 6.4
Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2705 7.5
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2704 5.0
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2703 5.0
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smugglin
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2702 7.5
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2701 7.5
Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2553 2.1
The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace pr
07-03-2011 - 21:24 12-08-2005 - 00:00
CVE-2005-2337 7.5
Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).
07-03-2011 - 21:24 07-10-2005 - 19:02
CVE-2005-2335 5.0
Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifie
07-03-2011 - 21:24 27-07-2005 - 00:00
CVE-2005-2272 2.6
Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2270 7.5
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2269 7.5
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2268 2.6
Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "D
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2267 7.5
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may le
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2266 5.0
Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensit
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2265 5.0
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2264 7.5
Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2263 5.0
The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which ca
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2262 5.1
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a java
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2261 7.5
Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.
07-03-2011 - 21:23 13-07-2005 - 00:00
CVE-2005-2260 7.5
The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dan
07-03-2011 - 21:23 13-07-2005 - 00:00
CVE-2005-2149 10.0
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
07-03-2011 - 21:23 06-07-2005 - 00:00
CVE-2005-2148 7.5
Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the att
07-03-2011 - 21:23 06-07-2005 - 00:00
CVE-2005-2097 2.1
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when
07-03-2011 - 21:23 16-08-2005 - 00:00
CVE-2005-1993 3.7
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
07-03-2011 - 21:23 20-06-2005 - 00:00
CVE-2005-1937 2.6
A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that wa
07-03-2011 - 21:23 14-06-2005 - 00:00
CVE-2005-1767 2.1
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
07-03-2011 - 21:22 05-08-2005 - 00:00
CVE-2005-1762 2.1
The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.
07-03-2011 - 21:22 02-08-2005 - 00:00
CVE-2005-1761 2.1
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
07-03-2011 - 21:22 05-08-2005 - 00:00
CVE-2005-1730 9.3
Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this
07-03-2011 - 21:22 31-12-2005 - 00:00
CVE-2005-1532 7.5
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a va
07-03-2011 - 21:22 12-05-2005 - 00:00
CVE-2005-1268 5.0
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one
07-03-2011 - 21:21 05-08-2005 - 00:00
CVE-2005-1260 5.0
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
07-03-2011 - 21:21 19-05-2005 - 00:00
CVE-2005-1160 5.1
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval func
07-03-2011 - 21:21 02-05-2005 - 00:00
CVE-2005-1159 7.5
The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the w
07-03-2011 - 21:21 02-05-2005 - 00:00
CVE-2004-0827 7.5
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3)
07-03-2011 - 21:16 16-09-2004 - 00:00
CVE-2004-0451 10.0
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
07-03-2011 - 21:15 06-12-2004 - 00:00
CVE-2003-0866 5.0
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
07-03-2011 - 21:13 17-11-2003 - 00:00
CVE-2003-0545 10.0
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0544 5.0
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer wh
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0543 5.0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0026 7.5
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long
07-03-2011 - 21:11 17-01-2003 - 00:00
CVE-2002-1581 5.0
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter.
07-03-2011 - 21:10 06-12-2004 - 00:00
CVE-2002-0392 7.5
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
07-03-2011 - 21:08 03-07-2002 - 00:00
CVE-2001-1258 3.6
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
07-03-2011 - 21:07 21-07-2001 - 00:00
CVE-2001-1257 7.5
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email.
07-03-2011 - 21:07 21-07-2001 - 00:00
CVE-2001-0886 4.6
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
07-03-2011 - 21:06 21-12-2001 - 00:00
CVE-2007-0981 7.5
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the h
07-03-2011 - 00:00 15-02-2007 - 20:28
CVE-2006-3392 5.0
Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before byt
07-03-2011 - 00:00 06-07-2006 - 16:05
CVE-2006-2898 7.5
The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2 (IAX2) video frames, which bypasses a length check
07-03-2011 - 00:00 07-06-2006 - 06:02
CVE-2006-2779 9.3
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented
07-03-2011 - 00:00 02-06-2006 - 15:02
CVE-2006-1993 5.1
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which ca
07-03-2011 - 00:00 25-04-2006 - 08:50
CVE-2006-1942 5.1
Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-i
07-03-2011 - 00:00 20-04-2006 - 18:02
CVE-2006-1861 7.5
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_
07-03-2011 - 00:00 23-05-2006 - 06:06
CVE-2006-1739 9.3
The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
07-03-2011 - 00:00 14-04-2006 - 06:02
CVE-2006-1730 9.3
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing prop
07-03-2011 - 00:00 14-04-2006 - 06:02
CVE-2006-1721 2.6
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in
07-03-2011 - 00:00 11-04-2006 - 19:02
CVE-2006-0749 9.3
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via
07-03-2011 - 00:00 14-04-2006 - 06:02
CVE-2006-0467 5.0
Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to cause a denial of service (application crash) via long chat messages.
07-03-2011 - 00:00 30-01-2006 - 21:03
CVE-2005-3656 10.0
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the us
07-03-2011 - 00:00 31-12-2005 - 00:00
CVE-2005-3354 5.1
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
07-03-2011 - 00:00 20-11-2005 - 16:03
CVE-2005-3185 7.5
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary co
07-03-2011 - 00:00 13-10-2005 - 18:02
CVE-2001-1009 10.0
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
16-02-2011 - 00:00 31-08-2001 - 00:00
CVE-2007-1007 10.0
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting
15-09-2010 - 01:45 20-02-2007 - 12:28
CVE-2006-5823 4.0
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.
15-09-2010 - 01:30 09-11-2006 - 06:07
CVE-2006-5753 7.2
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
15-09-2010 - 01:30 30-01-2007 - 14:28
CVE-2006-4570 2.6
Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forward
15-09-2010 - 01:25 15-09-2006 - 15:07
CVE-2006-4380 2.1
MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
15-09-2010 - 01:21 28-08-2006 - 14:04
CVE-2006-4535 4.9
The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for speci
15-09-2010 - 00:00 19-09-2006 - 15:07
CVE-2007-5093 4.0
The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consump
21-08-2010 - 01:11 26-09-2007 - 17:17
CVE-2007-3848 1.9
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death sig
21-08-2010 - 01:08 14-08-2007 - 13:17
CVE-2006-3468 7.8
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error an
21-08-2010 - 00:49 21-07-2006 - 10:03
CVE-2006-2788 7.5
Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.
21-08-2010 - 00:48 02-06-2006 - 17:06
CVE-2006-2446 5.4
Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests
21-08-2010 - 00:47 15-08-2006 - 18:04
CVE-2006-2120 2.1
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
21-08-2010 - 00:46 01-05-2006 - 18:06
CVE-2006-1856 7.5
Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.
21-08-2010 - 00:45 19-05-2006 - 19:02
CVE-2006-1855 2.1
choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.
21-08-2010 - 00:45 18-05-2006 - 15:06
CVE-2005-4798 5.0
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the
21-08-2010 - 00:37 31-12-2005 - 00:00
CVE-2005-4744 6.4
Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the ex
21-08-2010 - 00:36 31-12-2005 - 00:00
CVE-2005-3272 5.0
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
21-08-2010 - 00:33 20-10-2005 - 21:02
CVE-2005-3120 7.5
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
21-08-2010 - 00:33 17-10-2005 - 16:06
CVE-2005-3110 2.6
Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-3108 2.1
mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-3107 2.1
fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-3106 1.2
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just per
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-3105 2.1
The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly maintain cache coherency as required by the architecture, which allows local users to cause a denial of service and possibly corrupt data by modifying
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-1763 7.2
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.
21-08-2010 - 00:29 09-06-2005 - 00:00
CVE-2005-1345 7.5
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
21-08-2010 - 00:28 02-05-2005 - 00:00
CVE-2005-1265 2.1
The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).
21-08-2010 - 00:28 16-06-2005 - 00:00
CVE-2005-0762 7.5
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0760 5.0
The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0759 5.0
ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.
21-08-2010 - 00:26 23-03-2005 - 00:00
CVE-2005-0757 2.1
The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with
21-08-2010 - 00:26 18-05-2005 - 00:00
CVE-2005-0711 2.1
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0638 7.5
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
21-08-2010 - 00:26 02-03-2005 - 00:00
CVE-2005-0605 7.5
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
21-08-2010 - 00:26 02-03-2005 - 00:00
CVE-2005-0102 7.2
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
21-08-2010 - 00:25 24-01-2005 - 00:00
CVE-2004-2660 4.9
Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests.
21-08-2010 - 00:24 31-12-2004 - 00:00
CVE-2004-1142 5.0
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
21-08-2010 - 00:21 15-12-2004 - 00:00
CVE-2004-1026 10.0
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image f
21-08-2010 - 00:21 10-01-2005 - 00:00
CVE-2004-1025 10.0
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
21-08-2010 - 00:21 10-01-2005 - 00:00
CVE-2004-0983 5.0
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
21-08-2010 - 00:21 01-03-2005 - 00:00
CVE-2004-0804 5.0
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452
21-08-2010 - 00:21 03-11-2004 - 00:00
CVE-2004-0788 5.0
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0778 5.0
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0693 5.0
The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692.
21-08-2010 - 00:21 28-09-2004 - 00:00
CVE-2004-0178 2.1
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number
21-08-2010 - 00:19 01-06-2004 - 00:00
CVE-2004-0097 10.0
Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2004-0010 7.2
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2004-0003 4.6
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2003-1013 5.0
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
21-08-2010 - 00:17 05-01-2004 - 00:00
CVE-2003-1012 5.0
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.
21-08-2010 - 00:17 05-01-2004 - 00:00
CVE-2003-0927 7.5
Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0926 5.0
Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0925 7.5
Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0856 4.9
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
21-08-2010 - 00:16 15-12-2003 - 00:00
CVE-2003-0461 2.1
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
21-08-2010 - 00:16 27-08-2003 - 00:00
CVE-2003-0427 7.5
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
21-08-2010 - 00:16 24-07-2003 - 00:00
CVE-2006-1550 7.6
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of poi
21-08-2010 - 00:00 30-03-2006 - 18:02
CVE-2005-3109 2.1
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.
21-08-2010 - 00:00 30-09-2005 - 06:05
CVE-2004-2758 7.5
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite
29-05-2010 - 00:27 31-12-2004 - 00:00
CVE-2006-1655 6.5
Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3. NOTE: this issue might be related to CVE-2004-0991, but it i
02-04-2010 - 03:23 06-04-2006 - 06:04
CVE-2006-0151 7.2
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
02-04-2010 - 02:36 09-01-2006 - 18:03
CVE-2005-4746 7.8
Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t".
02-04-2010 - 02:30 31-12-2005 - 00:00
CVE-2005-4745 7.5
SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
02-04-2010 - 02:30 31-12-2005 - 00:00
CVE-2005-3348 4.3
HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in th
02-04-2010 - 01:58 17-11-2005 - 21:02
CVE-2005-3347 6.8
Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the
02-04-2010 - 01:57 17-11-2005 - 21:02
CVE-2002-0388 7.5
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
21-07-2009 - 17:00 18-06-2002 - 00:00
CVE-2004-0054 7.5
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.22
04-03-2009 - 00:21 17-02-2004 - 00:00
CVE-2007-6611 4.3
Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php.
15-11-2008 - 02:05 03-01-2008 - 17:46
CVE-2003-0308 7.2
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
11-11-2008 - 00:29 15-05-2003 - 00:00
CVE-2003-0018 3.6
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
10-09-2008 - 20:05 19-02-2003 - 00:00
CVE-2002-0166 7.5
Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2005-2971 7.5
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
10-09-2008 - 15:44 20-10-2005 - 06:02
CVE-2005-2659 10.0
Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors.
10-09-2008 - 15:42 16-11-2005 - 02:42
CVE-2005-0385 7.2
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
10-09-2008 - 15:35 02-05-2005 - 00:00
CVE-2005-0157 7.5
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned.
10-09-2008 - 15:35 03-05-2005 - 00:00
CVE-2004-1176 7.5
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
10-09-2008 - 15:29 14-04-2005 - 00:00
CVE-2004-1175 7.5
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
10-09-2008 - 15:29 14-04-2005 - 00:00
CVE-2004-1174 5.0
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
10-09-2008 - 15:29 14-04-2005 - 00:00
CVE-2004-1093 5.0
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
10-09-2008 - 15:28 14-04-2005 - 00:00
CVE-2004-1092 5.0
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
10-09-2008 - 15:28 14-04-2005 - 00:00
CVE-2004-1091 5.0
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
10-09-2008 - 15:28 14-04-2005 - 00:00
CVE-2004-1090 5.0
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
10-09-2008 - 15:28 14-04-2005 - 00:00
CVE-2004-1009 5.0
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
10-09-2008 - 15:28 14-04-2005 - 00:00
CVE-2004-1005 7.5
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
10-09-2008 - 15:28 14-04-2005 - 00:00
CVE-2004-1004 7.5
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
10-09-2008 - 15:28 14-04-2005 - 00:00
CVE-2004-0999 2.6
zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images.
10-09-2008 - 15:28 31-12-2004 - 00:00
CVE-2004-0579 7.2
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
10-09-2008 - 15:26 06-08-2004 - 00:00
CVE-2004-0547 5.0
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash).
10-09-2008 - 15:26 06-08-2004 - 00:00
CVE-2004-0473 2.6
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) t
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0456 7.6
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
10-09-2008 - 15:26 06-12-2004 - 00:00
CVE-2004-0404 1.2
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0402 4.6
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0400 7.5
Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0399 7.5
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0376 5.0
oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command with a large value.
10-09-2008 - 15:26 04-05-2004 - 00:00
CVE-2004-0371 5.0
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
10-09-2008 - 15:25 04-05-2004 - 00:00
CVE-2004-0232 5.0
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0231 2.1
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0226 10.0
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0150 7.5
Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.
10-09-2008 - 15:25 15-04-2004 - 00:00
CVE-2004-0111 5.0
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
10-09-2008 - 15:25 15-04-2004 - 00:00
CVE-2004-0014 7.5
Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings.
10-09-2008 - 15:24 20-01-2004 - 00:00
CVE-2003-0965 6.8
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
10-09-2008 - 15:21 17-02-2004 - 00:00
CVE-2003-0933 4.6
Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable.
10-09-2008 - 15:20 01-12-2003 - 00:00
CVE-2003-0932 4.6
Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable.
10-09-2008 - 15:20 15-12-2003 - 00:00
CVE-2003-0902 7.5
Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands.
10-09-2008 - 15:20 03-02-2004 - 00:00
CVE-2003-0833 7.5
Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0832 5.0
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0830 4.6
Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0785 7.5
ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering.
10-09-2008 - 15:20 06-10-2003 - 00:00
CVE-2003-0778 5.0
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0777 5.0
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0776 7.5
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0775 5.0
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0774 7.5
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed.
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0706 5.0
Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop).
10-09-2008 - 15:20 17-09-2003 - 00:00
CVE-2003-0705 7.5
Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.
10-09-2008 - 15:20 17-09-2003 - 00:00
CVE-2003-0672 7.5
Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0654 7.5
Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0649 7.2
Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0643 2.1
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
10-09-2008 - 15:20 25-07-2003 - 00:00
CVE-2003-0613 4.6
Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0606 4.6
sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0592 7.5
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie o
10-09-2008 - 15:19 15-04-2004 - 00:00
CVE-2003-0552 5.0
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0551 5.0
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0550 5.0
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0538 7.5
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0535 7.2
Buffer overflow in xbl 1.0k and earlier allows local users to gain privileges via a long -display command line option.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0515 7.5
SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0462 1.2
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0450 7.5
Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buff
10-09-2008 - 15:19 07-08-2003 - 00:00
CVE-2003-0440 4.6
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0432 10.0
Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.
10-09-2008 - 15:19 24-07-2003 - 00:00
CVE-2003-0431 10.0
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
10-09-2008 - 15:19 24-07-2003 - 00:00
CVE-2003-0429 7.5
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.
10-09-2008 - 15:18 24-07-2003 - 00:00
CVE-2003-0428 5.0
Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.
10-09-2008 - 15:18 24-07-2003 - 00:00
CVE-2003-0370 7.5
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0367 2.1
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
10-09-2008 - 15:18 02-07-2003 - 00:00
CVE-2003-0364 5.0
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0357 7.5
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0356 10.0
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) R
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0261 4.6
fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges.
10-09-2008 - 15:18 27-05-2003 - 00:00
CVE-2003-0248 10.0
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0247 5.0
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0207 2.1
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0188 7.2
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0173 7.2
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0136 2.1
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0099 7.2
Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0098 10.0
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0093 5.0
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2002-1508 1.2
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.
10-09-2008 - 15:14 19-02-2003 - 00:00
CVE-2002-1395 2.1
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files vi
10-09-2008 - 15:14 17-01-2003 - 00:00
CVE-2002-1390 5.0
The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL.
10-09-2008 - 15:14 17-01-2003 - 00:00
CVE-2002-1389 4.6
Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input.
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1380 2.1
Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.
10-09-2008 - 15:14 23-12-2002 - 00:00
CVE-2002-1379 7.5
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1378 7.5
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter function
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1363 7.5
Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buff
10-09-2008 - 15:14 26-12-2002 - 00:00
CVE-2002-1362 5.0
mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character.
10-09-2008 - 15:14 23-12-2002 - 00:00
CVE-2002-1313 2.1
nullmailer 1.00RC5 and earlier allows local users to cause a denial of service via an email to a local user that does not exist, which generates an error that causes nullmailer to stop sending mail to all users.
10-09-2008 - 15:14 29-11-2002 - 00:00
CVE-2002-1307 6.8
Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name.
10-09-2008 - 15:14 29-11-2002 - 00:00
CVE-2002-1279 7.2
Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow local users to gain privileges via certain entries in the configuration file (-C option).
10-09-2008 - 15:14 29-11-2002 - 00:00
CVE-2002-1193 2.1
tkmail before 4.0beta9-8.1 allows local users to create or overwrite files as users via a symlink attack on temporary files.
10-09-2008 - 15:14 28-10-2002 - 00:00
CVE-2002-1159 6.4
Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak.
10-09-2008 - 15:13 18-12-2002 - 00:00
CVE-2002-0984 7.5
The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC4 code.
10-09-2008 - 15:13 24-09-2002 - 00:00
CVE-2002-0875 2.1
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0874 5.0
Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0873 5.0
Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0872 7.5
l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0834 7.5
Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
10-09-2008 - 15:12 24-09-2002 - 00:00
CVE-2002-0666 5.0
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP)
10-09-2008 - 15:12 04-11-2002 - 00:00
CVE-2002-0659 5.0
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0657 7.5
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0656 7.5
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0655 7.5
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0353 5.0
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
10-09-2008 - 15:11 25-06-2002 - 00:00
CVE-2002-0059 7.5
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary cod
10-09-2008 - 15:11 15-03-2002 - 00:00
CVE-2002-0044 3.6
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
10-09-2008 - 15:11 31-01-2002 - 00:00
CVE-2002-0029 7.5
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the
10-09-2008 - 15:11 29-11-2002 - 00:00
CVE-2001-1331 1.2
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.
10-09-2008 - 15:10 03-05-2001 - 00:00
CVE-2001-1322 3.6
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
10-09-2008 - 15:10 10-07-2001 - 00:00
CVE-2001-1228 7.5
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
10-09-2008 - 15:09 18-11-2001 - 00:00
CVE-2001-1077 4.6
Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument.
10-09-2008 - 15:09 15-06-2001 - 00:00
CVE-2001-1027 10.0
Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title.
10-09-2008 - 15:09 31-08-2001 - 00:00
CVE-2001-0763 7.5
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
10-09-2008 - 15:08 18-10-2001 - 00:00
CVE-2001-0609 10.0
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
10-09-2008 - 15:08 02-08-2001 - 00:00
CVE-2001-0559 7.2
crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.
10-09-2008 - 15:08 14-08-2001 - 00:00
CVE-2001-0556 7.2
The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file.
10-09-2008 - 15:08 22-08-2001 - 00:00
CVE-2001-0522 7.5
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
10-09-2008 - 15:08 14-08-2001 - 00:00
CVE-2001-0458 7.5
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
10-09-2008 - 15:08 27-06-2001 - 00:00
CVE-2001-0316 4.6
Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call.
10-09-2008 - 15:07 03-05-2001 - 00:00
CVE-2001-0012 5.0
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
10-09-2008 - 15:07 12-02-2001 - 00:00
CVE-2001-0010 10.0
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
10-09-2008 - 15:07 12-02-2001 - 00:00
CVE-2003-0914 4.3
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
10-09-2008 - 00:00 15-12-2003 - 00:00
CVE-2007-3375 6.8
Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.
05-09-2008 - 17:25 25-06-2007 - 16:30
CVE-2006-4436 5.0
isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the
05-09-2008 - 17:09 28-08-2006 - 20:04
CVE-2006-4310 4.3
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
05-09-2008 - 17:09 23-08-2006 - 15:04
CVE-2006-3378 7.2
passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or
05-09-2008 - 17:06 06-07-2006 - 16:05
CVE-2006-2542 2.1
xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service (disk consumption).
05-09-2008 - 17:04 23-05-2006 - 06:06
CVE-2006-2230 5.0
Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than
05-09-2008 - 17:04 05-05-2006 - 15:02
CVE-2006-1744 4.6
Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.
05-09-2008 - 17:02 12-04-2006 - 18:02
CVE-2006-1244 7.6
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving error
05-09-2008 - 17:01 15-03-2006 - 14:06
CVE-2006-0600 5.0
elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request.
05-09-2008 - 16:59 13-02-2006 - 06:06
CVE-2006-0599 5.0
The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames.
05-09-2008 - 16:59 13-02-2006 - 06:06
CVE-2006-0598 7.5
Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log file.
05-09-2008 - 16:59 13-02-2006 - 06:06
CVE-2006-0597 7.5
Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service (application crash) and possibly execute code via long "revision attributes".
05-09-2008 - 16:59 13-02-2006 - 06:06
CVE-2006-0083 4.6
Format string vulnerability in the logging code of SMS Server Tools (smstools) 1.14.8 and earlier allows local users to execute arbitrary code via unspecified attack vectors.
05-09-2008 - 16:58 09-01-2006 - 15:03
CVE-2005-4816 7.5
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
05-09-2008 - 16:57 31-12-2005 - 00:00
CVE-2005-4803 3.6
graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issu
05-09-2008 - 16:57 31-12-2005 - 00:00
CVE-2005-4426 4.0
Interpretation conflict in YaBB before 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer
05-09-2008 - 16:56 20-12-2005 - 06:03
CVE-2005-3885 2.1
The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file.
05-09-2008 - 16:55 29-11-2005 - 14:03
CVE-2005-3668 5.0
Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
05-09-2008 - 16:54 18-11-2005 - 16:03
CVE-2005-3667 5.0
Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite
05-09-2008 - 16:54 18-11-2005 - 16:03
CVE-2005-3666 10.0
Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NO
05-09-2008 - 16:54 18-11-2005 - 16:03
CVE-2005-3537 5.0
A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs.
05-09-2008 - 16:54 22-12-2005 - 18:03
CVE-2005-3536 7.5
SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQL commands via the topic type.
05-09-2008 - 16:54 22-12-2005 - 18:03
CVE-2005-3477 4.3
Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose type does not match its extension, which is rendered
05-09-2008 - 16:54 02-11-2005 - 21:02
CVE-2005-3409 5.0
OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.
05-09-2008 - 16:54 01-11-2005 - 19:02
CVE-2005-3302 7.5
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
05-09-2008 - 16:54 24-10-2005 - 06:02
CVE-2005-3091 4.3
Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, as identified by bug#0005751 "thraxisp".
05-09-2008 - 16:53 28-09-2005 - 18:03
CVE-2005-3081 4.6
wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command.
05-09-2008 - 16:53 27-09-2005 - 16:03
CVE-2005-2869 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php.
05-09-2008 - 16:52 08-09-2005 - 19:03
CVE-2005-2660 2.1
apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
05-09-2008 - 16:52 30-09-2005 - 15:10
CVE-2005-2654 7.5
phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set.
05-09-2008 - 16:52 30-08-2005 - 13:03
CVE-2005-2596 4.6
User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries.
05-09-2008 - 16:52 17-08-2005 - 00:00
CVE-2005-2536 7.5
pstotext before 1.8g does not properly use the "-dSAFER" option when calling Ghostscript to extract plain text from PostScript and PDF files, which allows remote attackers to execute arbitrary commands via a malicious PostScript file.
05-09-2008 - 16:52 10-08-2005 - 00:00
CVE-2005-2411 5.1
Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user.
05-09-2008 - 16:51 01-08-2005 - 00:00
CVE-2005-2353 2.1
run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:51 05-08-2005 - 00:00
CVE-2005-2320 7.5
WebCalendar before 1.0.0 does not properly restrict access to assistant_edit.php, which allows remote attackers to gain privileges.
05-09-2008 - 16:51 19-07-2005 - 00:00
CVE-2005-2274 2.6
Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin S
05-09-2008 - 16:51 13-07-2005 - 00:00
CVE-2005-2273 2.6
Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoof
05-09-2008 - 16:51 13-07-2005 - 00:00
CVE-2005-2271 2.6
iCab 2.9.8 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability
05-09-2008 - 16:51 13-07-2005 - 00:00
CVE-2005-2256 5.0
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
05-09-2008 - 16:51 13-07-2005 - 00:00
CVE-2005-2250 7.5
Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.
05-09-2008 - 16:51 13-07-2005 - 00:00
CVE-2005-2147 6.4
Trac before 0.8.4 allows remote attackers to read or upload arbitrary files via a full pathname in the id parameter to the (1) upload or (2) attachment viewer scripts.
05-09-2008 - 16:51 06-07-2005 - 00:00
CVE-2005-2101 5.0
langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files.
05-09-2008 - 16:50 17-08-2005 - 00:00
CVE-2005-2007 6.4
Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the id parameter to the (1) upload or (2) attachment scripts.
05-09-2008 - 16:50 19-06-2005 - 00:00
CVE-2005-1914 2.1
CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file.
05-09-2008 - 16:50 18-07-2005 - 00:00
CVE-2005-1858 2.1
FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.
05-09-2008 - 16:50 03-06-2005 - 00:00
CVE-2005-1765 2.1
syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.
05-09-2008 - 16:50 31-05-2005 - 00:00
CVE-2005-1526 7.5
PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.
05-09-2008 - 16:49 22-06-2005 - 00:00
CVE-2005-1525 7.5
SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.
05-09-2008 - 16:49 22-06-2005 - 00:00
CVE-2005-1524 5.0
PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.
05-09-2008 - 16:49 22-06-2005 - 00:00
CVE-2005-1120 4.3
Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the e-mail (1) body, (2) filename, or (3) MIME type.
05-09-2008 - 16:48 02-05-2005 - 00:00
CVE-2005-0639 7.5
Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.
05-09-2008 - 16:46 02-03-2005 - 00:00
CVE-2005-0523 7.5
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
05-09-2008 - 16:46 02-05-2005 - 00:00
CVE-2005-0390 7.5
Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code.
05-09-2008 - 16:46 02-05-2005 - 00:00
CVE-2005-0388 7.5
Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising."
05-09-2008 - 16:46 02-05-2005 - 00:00
CVE-2005-0387 2.1
remstats 1.0.13 and earlier, when processing uptime data, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:46 02-05-2005 - 00:00
CVE-2005-0099 2.1
The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or overwrite arbitrary files.
05-09-2008 - 16:45 08-03-2005 - 00:00
CVE-2005-0098 4.6
Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before 2.00 allow local users to execute arbitrary code via the command line.
05-09-2008 - 16:45 08-03-2005 - 00:00
CVE-2004-2731 4.4
Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size t
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-2629 7.8
Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-2569 2.1
ipmenu 0.0.3 before Debian GNU/Linux ipmenu_0.0.3-5 allows local users to overwrite arbitrary files via a symlink attack on the ipmenu.log temporary file.
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-1379 7.5
Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first
05-09-2008 - 16:41 16-09-2004 - 00:00
CVE-2004-1343 5.0
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).
05-09-2008 - 16:41 31-12-2004 - 00:00
CVE-2004-1342 7.5
CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.
05-09-2008 - 16:41 27-04-2005 - 00:00
CVE-2004-1106 6.8
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
05-09-2008 - 16:40 10-01-2005 - 00:00
CVE-2004-0993 10.0
Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
05-09-2008 - 16:40 10-01-2005 - 00:00
CVE-2004-0970 2.1
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.
05-09-2008 - 16:39 09-02-2005 - 00:00
CVE-2004-0522 10.0
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
05-09-2008 - 16:38 06-08-2004 - 00:00
CVE-2004-0458 5.0
mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.
05-09-2008 - 16:38 28-09-2004 - 00:00
CVE-2004-0454 7.2
Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.
05-09-2008 - 16:38 06-12-2004 - 00:00
CVE-2004-0450 10.0
Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.
05-09-2008 - 16:38 06-08-2004 - 00:00
CVE-2004-0448 10.0
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages.
05-09-2008 - 16:38 06-12-2004 - 00:00
CVE-2004-0422 2.1
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.
05-09-2008 - 16:38 07-07-2004 - 00:00
CVE-2004-0408 7.5
Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.
05-09-2008 - 16:38 28-09-2004 - 00:00
CVE-2004-0395 7.2
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
05-09-2008 - 16:38 06-12-2004 - 00:00
CVE-2004-0374 6.4
Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string.
05-09-2008 - 16:38 04-05-2004 - 00:00
CVE-2004-0185 10.0
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
05-09-2008 - 16:37 15-03-2004 - 00:00
CVE-2004-0160 7.2
Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.
05-09-2008 - 16:37 29-03-2004 - 00:00
CVE-2004-0157 4.6
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
05-09-2008 - 16:37 01-06-2004 - 00:00
CVE-2004-0151 7.2
Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands.
05-09-2008 - 16:37 15-04-2004 - 00:00
CVE-2004-0149 4.6
Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges.
05-09-2008 - 16:37 04-05-2004 - 00:00
CVE-2004-0108 4.6
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
05-09-2008 - 16:37 15-04-2004 - 00:00
CVE-2004-0103 4.6
crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow.
05-09-2008 - 16:37 03-03-2004 - 00:00
CVE-2004-0094 7.5
Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).
05-09-2008 - 16:37 15-03-2004 - 00:00
CVE-2004-0093 7.5
XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI).
05-09-2008 - 16:37 15-03-2004 - 00:00
CVE-2004-0056 7.5
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of servi
05-09-2008 - 16:37 17-02-2004 - 00:00
CVE-2004-0047 4.6
Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges.
05-09-2008 - 16:37 03-03-2004 - 00:00
CVE-2004-0041 7.5
The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0028 7.5
jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0017 7.5
Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0016 7.5
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0015 7.2
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0013 5.0
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0011 7.5
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
05-09-2008 - 16:37 20-01-2004 - 00:00
CVE-2003-1022 7.5
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
05-09-2008 - 16:35 20-01-2004 - 00:00
CVE-2003-0991 5.0
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
05-09-2008 - 16:35 03-03-2004 - 00:00
CVE-2003-0949 4.6
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.
05-09-2008 - 16:35 03-02-2004 - 00:00
CVE-2003-0924 3.7
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
05-09-2008 - 16:35 17-02-2004 - 00:00
CVE-2003-0901 7.5
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
05-09-2008 - 16:35 03-11-2003 - 00:00
CVE-2003-0782 10.0
Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:35 04-05-2004 - 00:00
CVE-2003-0781 10.0
Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords.
05-09-2008 - 16:35 04-05-2004 - 00:00
CVE-2003-0708 7.5
Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code.
05-09-2008 - 16:35 20-10-2003 - 00:00
CVE-2003-0707 7.5
Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code.
05-09-2008 - 16:35 20-10-2003 - 00:00
CVE-2003-0657 7.5
Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions.
05-09-2008 - 16:34 27-08-2003 - 00:00
CVE-2003-0648 10.0
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
05-09-2008 - 16:34 04-05-2004 - 00:00
CVE-2003-0618 2.1
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
05-09-2008 - 16:34 04-05-2004 - 00:00
CVE-2003-0611 4.6
Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable.
05-09-2008 - 16:34 27-08-2003 - 00:00
CVE-2003-0607 4.6
Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables.
05-09-2008 - 16:34 29-03-2004 - 00:00
CVE-2003-0599 10.0
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.
05-09-2008 - 16:34 27-08-2003 - 00:00
CVE-2003-0537 4.6
The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users.
05-09-2008 - 16:34 18-08-2003 - 00:00
CVE-2003-0500 10.0
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER nam
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0489 7.2
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0454 7.2
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0452 4.6
Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0451 4.6
Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments.
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0445 7.5
Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0444 7.5
Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.
05-09-2008 - 16:34 29-03-2004 - 00:00
CVE-2003-0441 7.2
Multiple buffer overflows in Orville Write (orville-write) 2.53 and earlier allow local users to gain privileges.
05-09-2008 - 16:34 03-03-2004 - 00:00
CVE-2003-0438 1.2
eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0433 7.5
Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0381 2.1
Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0380 7.5
Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename.
05-09-2008 - 16:34 02-07-2003 - 00:00
CVE-2003-0366 5.0
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0362 5.0
Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines.
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0361 7.5
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0360 7.5
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0359 4.6
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0328 7.5
EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0322 5.0
Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash).
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0262 7.2
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.
05-09-2008 - 16:33 27-05-2003 - 00:00
CVE-2003-0202 4.6
The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:33 15-04-2004 - 00:00
CVE-2003-0167 7.5
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafte
05-09-2008 - 16:33 02-04-2003 - 00:00
CVE-2003-0145 5.0
Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.
05-09-2008 - 16:33 31-03-2003 - 00:00
CVE-2003-0081 7.5
Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.
05-09-2008 - 16:33 18-03-2003 - 00:00
CVE-2003-0040 7.5
SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.
05-09-2008 - 16:33 19-02-2003 - 00:00
CVE-2002-1783 5.0
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or
05-09-2008 - 16:31 31-12-2002 - 00:00
CVE-2002-1580 7.5
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
05-09-2008 - 16:30 14-06-2004 - 00:00
CVE-2002-1478 10.0
Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.
05-09-2008 - 16:30 22-04-2003 - 00:00
CVE-2002-1477 7.5
graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.
05-09-2008 - 16:30 22-04-2003 - 00:00
CVE-2002-1425 6.4
Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted.
05-09-2008 - 16:30 11-04-2003 - 00:00
CVE-2002-1424 5.0
Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:30 11-04-2003 - 00:00
CVE-2002-1412 7.5
Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
05-09-2008 - 16:30 11-04-2003 - 00:00
CVE-2002-1388 4.3
Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages.
05-09-2008 - 16:30 02-01-2003 - 00:00
CVE-2002-1335 4.3
Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote attackers to insert arbitrary web script or HTML and access files or cookies.
05-09-2008 - 16:30 11-12-2002 - 00:00
CVE-2002-1276 4.3
An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.
05-09-2008 - 16:30 29-11-2002 - 00:00
CVE-2002-1251 10.0
Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message.
05-09-2008 - 16:30 12-11-2002 - 00:00
CVE-2002-1157 7.5
Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS respons
05-09-2008 - 16:29 04-11-2002 - 00:00
CVE-2002-1132 5.0
SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-1131 7.5
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-1050 7.5
Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-1049 5.0
Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-0983 5.0
IRC client irssi in irssi-text before 0.8.4 allows remote attackers to cause a denial of service (crash) via an IRC channel that has a long topic followed by a certain string, possibly triggering a buffer overflow.
05-09-2008 - 16:29 24-09-2002 - 00:00
CVE-2002-0912 5.0
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-0855 7.5
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
05-09-2008 - 16:29 05-09-2002 - 00:00
CVE-2002-0738 7.5
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC ar
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0728 5.0
Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0688 7.5
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
05-09-2008 - 16:28 23-07-2002 - 00:00
CVE-2002-0497 2.1
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0467 10.0
Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0179 7.5
Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code.
05-09-2008 - 16:27 22-04-2002 - 00:00
CVE-2002-0063 7.5
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
05-09-2008 - 16:27 08-03-2002 - 00:00
CVE-2002-0062 7.2
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
05-09-2008 - 16:27 08-03-2002 - 00:00
CVE-2002-0047 5.0
CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet.
05-09-2008 - 16:27 31-01-2002 - 00:00
CVE-2001-1561 7.2
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
05-09-2008 - 16:26 31-12-2001 - 00:00
CVE-2001-1272 4.6
wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option.
05-09-2008 - 16:26 06-12-2001 - 00:00
CVE-2001-1162 10.0
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
05-09-2008 - 16:25 23-06-2001 - 00:00
CVE-2001-1083 5.0
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
05-09-2008 - 16:25 26-06-2001 - 00:00
CVE-2001-1035 7.5
Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post.
05-09-2008 - 16:25 24-09-2001 - 00:00
CVE-2001-1034 7.2
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.
05-09-2008 - 16:25 23-09-2001 - 00:00
CVE-2001-1022 7.5
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
05-09-2008 - 16:25 26-07-2001 - 00:00
CVE-2001-0977 5.0
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
05-09-2008 - 16:25 16-07-2001 - 00:00
CVE-2001-0961 10.0
Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most.
05-09-2008 - 16:25 18-09-2001 - 00:00
CVE-2001-0925 5.0
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1
05-09-2008 - 16:25 12-03-2001 - 00:00
CVE-2001-0905 6.2
Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.
05-09-2008 - 16:25 18-10-2001 - 00:00
CVE-2001-0887 1.2
xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files.
05-09-2008 - 16:25 15-01-2002 - 00:00
CVE-2001-0784 5.0
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
05-09-2008 - 16:24 18-10-2001 - 00:00
CVE-2001-0735 7.2
Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
05-09-2008 - 16:24 18-10-2001 - 00:00
CVE-2001-0700 7.5
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.
05-09-2008 - 16:24 20-09-2001 - 00:00
CVE-2001-0690 7.5
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
05-09-2008 - 16:24 20-09-2001 - 00:00
CVE-2001-0623 4.6
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.
05-09-2008 - 16:24 02-08-2001 - 00:00
CVE-2001-0569 2.1
Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet.
05-09-2008 - 16:24 22-08-2001 - 00:00
CVE-2001-0568 2.1
Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes.
05-09-2008 - 16:24 22-08-2001 - 00:00
CVE-2001-0554 10.0
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
05-09-2008 - 16:24 14-08-2001 - 00:00
CVE-2001-0406 2.1
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.
05-09-2008 - 16:24 02-07-2001 - 00:00
CVE-2001-0387 7.2
Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument.
05-09-2008 - 16:23 02-07-2001 - 00:00
CVE-2001-0301 10.0
Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings.
05-09-2008 - 16:23 03-05-2001 - 00:00
CVE-2001-0289 4.6
Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to exec
05-09-2008 - 16:23 03-05-2001 - 00:00
CVE-2001-0279 7.2
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
05-09-2008 - 16:23 03-05-2001 - 00:00
CVE-2001-0235 2.1
Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running.
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0233 10.0
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0197 10.0
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0169 2.1
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library fro
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0136 5.0
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
05-09-2008 - 16:23 12-03-2001 - 00:00
CVE-2001-0110 7.2
Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable.
05-09-2008 - 16:23 12-03-2001 - 00:00
CVE-2000-1109 4.6
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the co
05-09-2008 - 16:22 09-01-2001 - 00:00
CVE-1999-1562 4.6
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file.
05-09-2008 - 16:19 05-09-1999 - 00:00
CVE-1999-0997 7.5
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
05-09-2008 - 16:18 20-12-1999 - 00:00
CVE-2004-0455 10.0
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
20-10-2005 - 00:00 06-12-2004 - 00:00
CVE-2003-0358 4.6
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
20-10-2005 - 00:00 09-06-2003 - 00:00
Back to Top Mark selected
Back to Top