Searching error software vulnerabilities

Error messages generated by gdm with the Verbos

VerboseAuth | generated | identify | attacker | messages | setting | system | allows | users | valid | Error | gdm |

Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system.


Signedness error in (1) getsockopt and (2) sets

Signedness | error |

Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service.


The Web Folder component for Internet Explorer

injecting | arbitrary | temporary | referring | attackers | component | location | Internet | Explorer | execute | message | remote | Folder | writes | allows | error | known | which | then | file | code | into | via | Web |

The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.


emumail.cgi in EMU Webmail 5.0 allows remote at

containing | expression | emumailcgi | determine | generates | malformed | resulting | attackers | includes | matching | pathname | message | Webmail | regular | allows | remote | string | script | error | which | full | EMU | via |

emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.


The ap_log_rerror function in Apache 2.0 throug

ap_log_rerror | function | through | Apache |

The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.


Buffer overflow in Windows Kernel allows local

privileges | debugger | messages | overflow | certain | Windows | causing | Kernel | Buffer | passed | allows | error | local | users | gain |

Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.


Integer signedness error in the cpufreq proc ha

signedness | cpufreq | handler | Integer | error | proc |

Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges.


The Portable Network Graphics library (libpng)

Graphics | Portable | library | Network |

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.


The AIM dissector in Ethereal 0.10.3 allows rem

dissector | Ethereal | AIM |

The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pagetitle or (2) error parameters, or (3) certain parameters in the error log.


error.php in Error Manager 2.1 for PHP-Nuke 6.0

information | sensitive | attackers | PHP-Nuke | errorphp | invalid | Manager | obtain | allows | remote | Error | via |

error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attackers to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a PHP error message.


ASPRunner 2.4 allows remote attackers to gain s

information | attackers | sensitive | ASPRunner | allows | remote | gain | via |

ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages.


MercuryBoard 1.1.1 allows remote attackers to g

MercuryBoard |

MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message.


Stack-based buffer overflow in the error direct

Stack-based | directive | attackers | arbitrary | overflow | message | execute | earlier | picasm | buffer | allows | error | long | 112b | code | via |

Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message.


Format string vulnerability in the error-report

error-reporting | vulnerability | extension | feature | string | mysqli | Format | PHP |

Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.


Multiple buffer overflows in BomberClone before

BomberClone | overflows | Multiple | before | buffer |

Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote attackers to execute arbitrary code via long error messages.


Aztek Forum 4.0 allows remote attackers to obta

information | attackers | sensitive | parameter | passwords | injection | usernames | possibly | indexphp | message | reveals | remote | forced | allows | obtain | error | Forum | "*/*" | Aztek | which | MySQL | SQL | via | msg | due |

Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.


Off-by-one error in the OID printing routine in

Off-by-one | printing | Ethereal | routine | error | 010x | OID |

Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.


OpenTTD 0.4.7 and earlier allows local users to

OpenTTD |

OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.


REMLAB Web Mech Designer 2.0.5 allows remote at

Designer | REMLAB | Mech | Web |

REMLAB Web Mech Designer 2.0.5 allows remote attackers to obtain the full path of the script via an incorrect Tonnage parameter to calculate.php that triggers a divide-by-zero error, which leaks the path in an error message.


Software vulnerabilities results 1 to 20 of 1027     
Page: 12345...52