Searching call software vulnerabilities

pcnfsd (aka rpc.pcnfsd) allows local users to c

pcnfsd |

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.


Vulnerability in a certain system call in SCO U

Vulnerability | UnixWare | certain | system | call | 20x | SCO |

Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.


Format string vulnerability in startprinting()

vulnerability | string | Format |

Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.


Vulnerability in a system call in BSDI 3.0 and

Vulnerability | service | allows | denial | system | cause | users | local | BSDI | call |

Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (reboot) in the kernel via a particular sequence of instructions.


cachefsd in Solaris 2.6, 7, and 8 allows remote

attackers | cachefsd | service | Solaris | denial | allows | remote | cause |

cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.


The Microsoft Java implementation, as used in I

implementation | directory | determine | attackers | Microsoft | Explorer | Internet | process | current | allows | remote | Java | used | via |

The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call.


SGI IRIX before 6.5.21 allows local users to ca

before | IRIX | SGI |

SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.


saned in sane-backends 1.0.7 and earlier does n

sane-backends | saned |

saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.


SQL injection vulnerability in the Call Detail

vulnerability | injection | Detail | Record | Call | SQL |

SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.


Integer overflow in the do_brk function for the

function | overflow | Integer | system | kernel | do_brk | Linux | call | brk |

Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.


The syssgi SGI_IOPROBE system call in IRIX 6.5.

SGI_IOPROBE | system | syssgi | IRIX | call |

The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.


The mapelf32exec function call in IRIX 6.5.20 t

mapelf32exec | function | IRIX | call |

The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."


FreeBSD 5.1 for the Alpha processor allows loca

processor | FreeBSD | service | denial | allows | cause | Alpha | local | users |

FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument.


The mq_open system call in Linux kernel 2.6.9,

mq_open | kernel | system | Linux | call |

The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.


Apple Mac OS X 10.4.5 and allows local users to

Apple | Mac |

Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in index.php in ViHor Design allow remote attackers to inject arbitrary web script or HTML via (1) a remote URL in the page parameter, which is processed by an fopen call, or (2) HTML or script in the page parameter, which is returned to the client in an error message for the failed fopen call.


PHP remote file inclusion vulnerability in incl

includes/configphp | vulnerability | WebCalendar | inclusion | remote | file | PHP |

PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter, which is remotely accessed in an fopen call whose results are used to define a user_inc setting that is used in an include_once call.


Cross-site scripting (XSS) vulnerability in cal

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in call_entry.php in Call Center Software 0,93 allows remote attackers to inject arbitrary web script or HTML via the problem_desc parameter, as demonstrated by the ONLOAD attribute of a BODY element.


Multiple race conditions in certain system call

conditions | Software | Multiple | wrappers | Generic | Toolkit | certain | system | race | call |

Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing.


The Grandstream SIP Phone GXV-3000 with firmwar

Grandstream | GXV-3000 | firmware | Phone | SIP |

The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message.


Software vulnerabilities results 1 to 20 of 276     
Page: 12345...14