php if imap mime header decode software vulnerabilities
vulnerabilities.aspcode.net
Searching php if imap mime header decode software vulnerabilities
Buffer overflow in w3-auth CGI program in miniS
arbitrary
|
attackers
|
commands
|
overflow
|
package
|
execute
|
w3-auth
|
request
|
miniSQL
|
program
|
Buffer
|
allows
|
remote
|
HTTP
|
CGI
|
via
|
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
Buffer overflow in Becky! Internet Mail client
Internet
|
overflow
|
Buffer
|
client
|
Becky
|
Mail
|
Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message.
Buffer overflow in phf CGI program allows remot
specifying
|
arbitrary
|
attackers
|
arguments
|
including
|
commands
|
overflow
|
execute
|
program
|
number
|
allows
|
Buffer
|
header
|
remote
|
large
|
long
|
MIME
|
CGI
|
phf
|
Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifying a large number of arguments and including a long MIME header.
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, w
Cyrus
|
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.
Opera 5.0 for Linux does not properly handle ma
attackers
|
malformed
|
properly
|
possibly
|
headers
|
service
|
allows
|
remote
|
denial
|
header
|
handle
|
Opera
|
Linux
|
whose
|
value
|
cause
|
which
|
name
|
same
|
MIME
|
does
|
HTTP
|
not
|
Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name.
Evolution 1.0.3 and 1.0.4 allows remote attacke
Evolution
|
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.
The imap_header function in the IMAP functional
functionality
|
imap_header
|
function
|
before
|
IMAP
|
PHP
|
The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.
The handle_image function in mail-format.c for
mail-formatc
|
handle_image
|
Evolution
|
function
|
Ximian
|
Agent
|
User
|
Mail
|
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
The IMAP functionality in PHP before 4.3.1 allo
functionality
|
before
|
IMAP
|
PHP
|
The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters.
Buffer overflow in the imap_fetch_overview func
imap_fetch_overview
|
functionality
|
function
|
overflow
|
Buffer
|
IMAP
|
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header.
Multiple buffer overflows in Gaim 0.75 allow re
overflows
|
Multiple
|
buffer
|
Gaim
|
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.
Multiple stack-based buffer overflows in (1) th
stack-based
|
overflows
|
Multiple
|
buffer
|
Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames.
rfc1867.c in PHP before 5.0.2 allows local user
rfc1867c
|
before
|
PHP
|
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.
Sophos Anti-Virus 3.78 allows remote attackers
Anti-Virus
|
Sophos
|
Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated.
Eval injection vulnerability in the decode func
rpc_decoderphp
|
vulnerability
|
attackers
|
arbitrary
|
injection
|
possibly
|
programs
|
function
|
execute
|
earlier
|
allows
|
remote
|
base64
|
decode
|
exoops
|
runcms
|
phpRPC
|
other
|
code
|
used
|
Eval
|
tag
|
PHP
|
via
|
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
Microsoft Exchange Server 2000 SP3, 2003 SP1 an
Microsoft
|
Exchange
|
Server
|
Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.
Unrestricted file upload vulnerability in userc
vulnerability
|
Unrestricted
|
usercpphp
|
MetaForum
|
upload
|
file
|
Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type with a filename containing an executable extension such as .php.
Buffer overflow in the sqlite_decode_binary fun
sqlite_decode_binary
|
function
|
overflow
|
library
|
bundled
|
before
|
Buffer
|
sqlite
|
PHP
|
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
Asterisk Open Source 1.4.5 through 1.4.11, when
Asterisk
|
Source
|
Open
|
Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an "invalid/corrupted" MIME body, which triggers a crash when the recipient listens to voicemail.
PHP 5.2.4 and earlier allows context-dependent
PHP
|
PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.
Software vulnerabilities results 1 to 20 of 3385
Page:
1
2
3
4
5
...
170
►