Searching multi page software vulnerabilities

Vulnerability in screen before 3.9.10, related

Vulnerability | before | screen |

Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.


Directory traversal vulnerability in Multi Rout

vulnerability | Directory | traversal | Traffic | Grapher | Router | Multi |

Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi.


Buffer overflow in Eudora 5.1.1 and 5.0-J for W

overflow | Eudora | Buffer |

Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.


mod_dav in Apache before 2.0.42 does not proper

mod_dav | before | Apache |

mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.


Multi-Tech ProxyServer products MTPSR1-100, MTP

administrative | MTPSR1-202ST | ProxyServer | MTPSR2-201 | MTPSR3-200 | privileges | Multi-Tech | MTPSR1-120 | MTPSR1-100 | attackers | password | products | Telnet | remote | allows | which | HTTP | gain | null | ship | via |

Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP.


The mysqld_multi script in MySQL allows local u

mysqld_multi | overwrite | arbitrary | symlink | attack | script | allows | files | local | MySQL | users | via |

The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.


Multiple directory traversal vulnerabilities in

vulnerabilities | traversal | directory | Multiple | Borland | Server | Web |

Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL.


Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, w

Cisco | 121T | IOS |

Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.


Race condition in libsafe 2.0.16 and earlier, w

condition | libsafe | Race |

Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed.


Multi-Computer Control System (MCCS) 1.0 allows

Multi-Computer | Control | System |

Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet.


Exec in Linux kernel 2.6 does not properly clea

multi-threaded | posix-timers | environments | specified | resource | multiple | properly | results | service | number | denial | kernel | single | local | using | quota | cause | users | which | clear | Linux | allow | large | could | does | Exec | than | leak | user | more | not |

Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user.


Linux kernel before after 2.6.12 and before 2.6

before | kernel | after | Linux |

Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker.


Buffer overflow in multiple Multi-Tech Systems

Multi-Tech | Initiation | MultiVOIP | attackers | arbitrary | firmware | Protocol | multiple | overflow | execute | devices | Systems | Session | INVITE | allows | before | Buffer | remote | field | code | long | via | x08 |

Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol (SIP) packet.


Unspecified vulnerability in the multi-language

multi-language | vulnerability | environment | Unspecified | library |

Unspecified vulnerability in the multi-language environment library (libmle) in Solaris 7 and 8, as shipped with the Japanese locale, allows local users to gain privileges via unknown attack vectors.


Cisco IOS XR, when configured for Multi Protoco

configured | Switching | Protocol | Label | Cisco | Multi | IOS |

Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475.


Mercury Messenger, possibly 1.7.1.1 and other v

Messenger | possibly | Mercury |

Mercury Messenger, possibly 1.7.1.1 and other versions, when running on a multi-user Mac OS X platform, stores chat logs with world-readable permissions within the /Users directory, which allows local users to read the chat logs from other users.


index.php in w00t Gallery 1.4.0 allows remote a

indexphp | Gallery | w00t |

index.php in w00t Gallery 1.4.0 allows remote authenticated users with privileges for one installation to gain access to other installations on the same web server, aka "multi-gallery admin session spanning." NOTE: some of these details are obtained from third party information.


Directory traversal vulnerability in clamd in C

vulnerability | AntiVirus | Directory | traversal | ClamAV | before | clamd | Clam |

Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message.


Buffer overflow in the On-Access Scanner in McA

user-assisted | containing | Enterprise | multi-byte | attackers | arbitrary | On-Access | VirusScan | overflow | filename | Scanner | execute | remote | before | McAfee | Buffer | allows | Patch | long | code | 80i | via |

Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters.


Cross-site scripting (XSS) vulnerability in wp-

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the weblog_id parameter (Username field).


Software vulnerabilities results 1 to 20 of 695     
Page: 12345...35