mm recordid software vulnerabilities
vulnerabilities.aspcode.net
Searching mm recordid software vulnerabilities
The do_fork function in Linux 2.4.x before 2.4.
function
|
do_fork
|
before
|
Linux
|
24x
|
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
account.asp in DUware DUclassmate 1.0 through 1
DUclassmate
|
MM_recordId
|
accountasp
|
arbitrary
|
passwords
|
parameter
|
modifying
|
attackers
|
Account"
|
through
|
DUware
|
allows
|
change
|
remote
|
users
|
page
|
"My
|
account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page.
mm/ioremap.c in Linux 2.6 on 64-bit x86 systems
information
|
mm/ioremapc
|
ioremap
|
service
|
perform
|
iounmap
|
certain
|
systems
|
allows
|
64-bit
|
memory
|
lookup
|
causes
|
denial
|
exist
|
cause
|
users
|
Linux
|
local
|
does
|
page
|
leak
|
not
|
x86
|
via
|
map
|
mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.
Integer overflow in the invalidate_inode_pages2
invalidate_inode_pages2_range
|
mm/truncatec
|
function
|
overflow
|
Integer
|
kernel
|
Linux
|
Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.
Unspecified vulnerability in Sun Solaris 9 and
vulnerability
|
Unspecified
|
privileges
|
platform
|
service
|
Solaris
|
denial
|
allows
|
local
|
cause
|
users
|
gain
|
Sun
|
x86
|
Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors, possibly involving functions from the mm driver.
perfmon (perfmon.c) in Linux kernel on IA64 arc
perfmon
|
perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function.
SQL injection vulnerability in functions.php in
vulnerability
|
functionsphp
|
arbitrary
|
attackers
|
injection
|
commands
|
execute
|
remote
|
allows
|
Diary
|
Teca
|
via
|
SQL
|
SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) yy, (2) mm, and (3) dd parameters.
Multiple SQL injection vulnerabilities in ample
vulnerabilities
|
ampleShop
|
attackers
|
arbitrary
|
injection
|
Multiple
|
commands
|
execute
|
earlier
|
remote
|
allow
|
via
|
SQL
|
Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) RecordID parameter in (a) Customeraddresses_RecordAction.cfm and (b) youraccount.cfm; (2) solus parameter in (c) detail.cfm; and (3) cat parameter in (d) category.cfm.
myprofile.asp in Enthrallweb eNews does not pro
authenticated
|
myprofileasp
|
MM_recordId
|
Enthrallweb
|
specifying
|
parameter
|
account's
|
modified
|
username
|
validate
|
properly
|
account
|
another
|
certain
|
updates
|
profile
|
during
|
fields
|
remote
|
allows
|
modify
|
eNews
|
which
|
users
|
does
|
not
|
myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
myprofile.asp in Enthrallweb eClassifieds does
authenticated
|
eClassifieds
|
myprofileasp
|
MM_recordId
|
Enthrallweb
|
specifying
|
parameter
|
account's
|
properly
|
username
|
modified
|
validate
|
account
|
another
|
certain
|
updates
|
profile
|
remote
|
during
|
fields
|
modify
|
allows
|
which
|
users
|
does
|
not
|
myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
Unclassified NewsBoard 1.6.3 stores sensitive i
Unclassified
|
NewsBoard
|
Unclassified NewsBoard 1.6.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain (1) the board log via a direct request for logs/board-YYYY-MM-DD.log, (2) the mail and private message (PM) log via a direct request for logs/email-YY-MM-DD-HH-MM-SS.log, (3) the SQL error message log via a direct request for logs/error-YY-MM.log, and (4) the IP log via a direct request for logs/ip.log.
Integer signedness error in the _zend_mm_alloc_
_zend_mm_alloc_int
|
signedness
|
function
|
Manager
|
Integer
|
Memory
|
error
|
Zend
|
PHP
|
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize.
mm/mmap.c in the hugetlb kernel, when run on Po
expansion
|
entering
|
reserved
|
mm/mmapc
|
hugetlb
|
prevent
|
service
|
PowerPC
|
systems
|
allows
|
memory
|
denial
|
kernel
|
cause
|
which
|
users
|
stack
|
local
|
does
|
into
|
page
|
run
|
not
|
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.
Software vulnerabilities results 1 to 14 of 14
Page:
1