o reilly software vulnerabilities
vulnerabilities.aspcode.net
Searching o reilly software vulnerabilities
dumpreg in Red Hat Linux 5.1 opens /dev/mem wit
/dev/mem
|
service
|
dumpreg
|
access
|
denial
|
allows
|
O_RDWR
|
local
|
users
|
cause
|
opens
|
which
|
Linux
|
Red
|
Hat
|
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.
gcc 2.7.2 allows local users to overwrite arbit
gcc
|
gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files.
Buffer overflow in sar for OpenServer 5.0.5 all
OpenServer
|
overflow
|
Buffer
|
sar
|
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
Multiple signedness errors (mixed signed and un
signedness
|
Multiple
|
errors
|
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
Cross-site scripting vulnerability in fom.cgi o
vulnerability
|
Faq-O-Matic
|
Cross-site
|
scripting
|
fomcgi
|
Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message.
The AIM component of Trillian 0.73 and 0.74 all
component
|
Trillian
|
AIM
|
The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O < C".
Buffer overflow in Alsaplayer 0.99.71, when ins
Alsaplayer
|
overflow
|
Buffer
|
Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter.
The ioperm system call in Linux kernel 2.4.20 a
kernel
|
system
|
ioperm
|
Linux
|
call
|
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
Stack-based buffer overflow in shar in GNU shar
Stack-based
|
sharutils
|
overflow
|
buffer
|
shar
|
GNU
|
Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument.
Unknown vulnerability in Linux kernel 2.4.x, 2.
vulnerability
|
O_DIRECT
|
clients
|
service
|
Unknown
|
allows
|
denial
|
kernel
|
cause
|
Linux
|
via
|
26x
|
NFS
|
25x
|
24x
|
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
Buffer overflow in netpmon on AIX 5.1, 5.2, and
arbitrary
|
argument
|
overflow
|
execute
|
netpmon
|
Buffer
|
allows
|
local
|
users
|
long
|
code
|
AIX
|
via
|
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
npptnt2.sys in nProtect Gameguard provides unre
unrestricted
|
privileges
|
npptnt2sys
|
Gameguard
|
nProtect
|
provides
|
process
|
allows
|
local
|
users
|
calls
|
which
|
gain
|
I/O
|
any
|
npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any process that calls it, which allows local users to gain privileges.
Integer signedness error in the parse_machfile
parse_machfile
|
signedness
|
function
|
Integer
|
loader
|
mach-o
|
error
|
Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.
SQL injection vulnerability in okiraku.php in O
vulnerability
|
okirakuphp
|
attackers
|
arbitrary
|
injection
|
parameter
|
commands
|
O-Kiraku
|
execute
|
earlier
|
day_id
|
allows
|
remote
|
Nikki
|
SQL
|
via
|
SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the day_id parameter.
TellMe 1.2 and earlier, when the Server (o_Serv
earlier
|
Server
|
TellMe
|
TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) options are enabled, allows remote attackers to obtain sensitive information via an invalid q_Host parameter, which reveals the full pathname of the application in an fsockopen error message.
Abidia (1) O-Anywhere and (2) Abidia Wireless t
Abidia
|
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing.
Cross-site scripting (XSS) vulnerability in ind
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites 3.0 allows remote attackers to inject arbitrary web script or HTML via the o parameter.
index.php in Nwom topsites 3.0 allows remote at
potentially
|
information
|
attackers
|
sensitive
|
topsites
|
indexphp
|
remote
|
allows
|
obtain
|
Nwom
|
via
|
index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information via a ' (quote) character in the o parameter, which forces a SQL error.
SQL injection vulnerability in index.php in Sup
vulnerability
|
SuperCali
|
injection
|
Calendar
|
indexphp
|
Event
|
SQL
|
PHP
|
SQL injection vulnerability in index.php in SuperCali PHP Event Calendar 0.4.0 allows remote attackers to execute arbitrary SQL commands via the o parameter.
Software vulnerabilities results 1 to 20 of 61
Page:
1
2
3
4
►