Searching overwrites software vulnerabilities

register.cgi in Ikonboard 2.1.7b and earlier al

registercgi | references | overwrites | attackers | Ikonboard | arbitrary | SEND_MAIL | parameter | executed | variable | internal | commands | execute | program | earlier | allows | remote | which | 217b | via |

register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed.


decrypt_msg for the Gaim-Encryption GAIM plugin

Gaim-Encryption | decrypt_msg | plugin | GAIM |

decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte.


WFTPD Pro Server 3.21 Release 1, with the Xerox

Server | WFTPD | Pro |

WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one error.


Buffer overflow in qwik-smtpd allows remote att

qwik-smtpd | overwrites | attackers | adjacent | overflow | localIP | command | allows | Buffer | server | remote | which | relay | data | SMTP | spam | HELO | long | use | via |

Buffer overflow in qwik-smtpd allows remote attackers to use the server as an SMTP spam relay via a long HELO command, which overwrites the adjacent localIP data buffer.


Firefox before 1.0.1 and Mozilla before 1.7.6 a

Firefox | before |

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.


Multiple directory traversal vulnerabilities in

vulnerabilities | phpgroupware | phpSysInfo | directory | traversal | Multiple | indexphp | earlier | used |

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.


PHP remote file inclusion vulnerability in cale

$path_to_calendar | path_to_calendar | vulnerability | calendarphp | SoftComplex | overwrites | attackers | arbitrary | parameter | inclusion | function | variable | Calendar | extract | execute | allows | remote | which | Event | call | file | code | via | PHP | URL |

PHP remote file inclusion vulnerability in calendar.php in SoftComplex PHP Event Calendar 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_calendar parameter, which overwrites the $path_to_calendar variable from an extract function call.


Adobe Reader and Acrobat 7.0.8 and earlier allo

Acrobat | Reader | Adobe |

Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.


viksoe GMail Drive shell extension allows remot

demonstrated | filesystem | extension | attackers | messages | subject | virtual | actions | certain | perform | e-mail | viksoe | allows | remote | GMail | lines | shell | Drive | via |

viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by (1) a GMAILFS: [13;a;1] message with a new filename and a file attachment, which injects a new file into the filesystem; (2) a GMAILFS: [13;a;1] message with an existing filename and a file attachment, which overwrites existing file content; and (3) a GMAILFS: [14;a;1] message, which creates a folder.


The js_dtoa function in Mozilla Firefox 2.x bef

function | Firefox | Mozilla | js_dtoa | before |

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.


The Perforce client does not restrict the set o

overwrites | arbitrary | overwrite | attackers | receiving | modifying | operating | malicious | restrict | Perforce | request | remote | config | allows | server | client | files | which | file | does | upon | set | not |

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server.


Microsoft Windows XP and Vista overwrites ARP t

gratuitous | overwrites | Microsoft | attackers | included | Windows | entries | service | remote | denial | allows | cause | table | which | Vista | ARP |

Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host.


Variable extraction vulnerability in grab_globa

grab_globalsphp | vulnerability | extraction | Variable | Dynamic | Portal | System | Net |

Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation.


PHP 4 before 4.4.5, and PHP 5 before 5.2.1, whe

before | PHP |

PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling session_decode on a string beginning with "_SESSION|s:39:".


The tblinf32.dll (aka vstlbinf.dll) ActiveX con

tblinf32dll |

The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote attackers to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka "ActiveX Object Vulnerability."


** DISPUTED ** Cross-domain vulnerability in M

documentdomain | vulnerability | Cross-domain | information | statically | overwrites | restricted | JavaScript | attackers | Microsoft | attribute | Internet | DISPUTED | variable | document | Explorer | domains | bypass | Origin | allows | remote | access | Policy | other | sets | Same | via |

** DISPUTED ** Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute. NOTE: this issue has been disputed by other researchers, citing a variable scoping issue and information about the semantics of document.domain.


Cross-domain vulnerability in Apple Safari for

vulnerability | Cross-domain | Windows | Safari | Apple |

Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows remote attackers to bypass the "same origin policy" and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute.


Cross-domain vulnerability in Apple Safari for

vulnerability | Cross-domain | Windows | Safari | Apple |

Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute to a file:// location, a different vector than CVE-2007-3482.


The IM Server (aka IMserve or IMserver) 2.0.5.3

Server |

The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging before 2.07 in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (daemon crash) via certain data to TCP port 5179 that overwrites a destructor, as reachable by the (1) DoAttachVideoSender, (2) DoAttachVideoReceiver, (3) DoAttachAudioSender, and (4) DoAttachAudioReceiver functions.


Buffer overflow in NET$CSMACD.EXE in HP OpenVMS

NET$CSMACDEXE | overflow | earlier | OpenVMS | service | denial | allows | Buffer | cause | local | users |

Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet.


Software vulnerabilities results 1 to 20 of 23     
Page: 12