Searching run time software vulnerabilities

Buffer overflow in run-time linkers (1) ld.so o

run-time | overflow | linkers | Buffer |

Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.


Various modems that do not implement a guard ti

configured | implement | attackers | arbitrary | sequence | commands | appears | execute | packets | subject | Various | message | modems | others | remote | e-mail | "+++" | guard | allow | modem | ICMP | such | time | ATH0 | can | IRC | via | ATH | etc | not |

Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others.


Buffer overflow in Computalynx CMail POP3 mail

Computalynx | overflow | server | Buffer | CMail | mail | POP3 |

Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows remote attackers to run arbitrary code via a long HELO command.


keyinit in S/Key does not require authenticatio

authentication | initialize | privileges | activities | passwords | password | attacker | sequence | one-time | keyinit | account | require | gained | create | allows | which | S/Key | other | does | user | such | sudo | may | has | not | use | new |

keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.


run-mailcap in mime-support 3.22 and earlier al

mime-support | run-mailcap |

run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.


Integer overflow in the NTP daemon (NTPd) befor

overflow | Integer | daemon | NTP |

Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.


The xntpd ntp (ntpd) daemon before 4.2.0b, when

xntpd | ntp |

The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.


Direct code injection vulnerability in Task Man

vulnerability | injection | Invision | Manager | Direct | Board | Power | code | Task |

Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and selecting "Run Task Now".


Advantage Century Telecommunication (ACT) P202S

Telecommunication | Advantage | Century |

Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol (NTP) server in Taiwan, which could allow remote attackers to provide false time information, block access to time information, or conduct other attacks.


Race condition in articles/BitArticle.php in Bi

articles/BitArticlephp | temp/articles | extensions | attackers | extension | uploading | arbitrary | directory | Bitweaver | condition | mod_mime | webroot | execute | double | stored | period | allows | remote | Apache | under | small | files | which | code | Race | time | run | PHP |

Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.


The Client-Server Run-time Subsystem in Microso

Client-Server | Microsoft | Subsystem | Run-time | Windows | Server | SP2 |

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."


PunBB uses a predictable cookie_seed value that

registration | cookie_seed | predictable | superadmin | account | derived | PunBB | value | uses | time | can |

PunBB uses a predictable cookie_seed value that can be derived from the time of registration of the superadmin account (installation time), which might allow local users to perform unauthorized actions.


Acer Notebook LunchApp.APlunch ActiveX control

LunchAppAPlunch | attackers | arbitrary | Notebook | commands | execute | ActiveX | control | calling | method | allows | remote | Acer | Run |

Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.


The Client Server Run-Time Subsystem (CSRSS) in

Subsystem | Run-Time | Client | Server |

The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash) or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696.


Apache Derby before 10.2.1.6 does not determine

before | Apache | Derby |

Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.


Use-after-free vulnerability in the Client/Serv

Use-after-free | Client/Server | vulnerability | Subsystem | Run-time |

Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a "dangling pointer" to a process data structure.


OpenSSH, when using OPIE (One-Time Passwords in

OpenSSH | using | OPIE |

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.


The Pascal run-time library (PAS$RTL.EXE) befor

run-time | library | Pascal |

The Pascal run-time library (PAS$RTL.EXE) before Wednesday, April 18, 2007 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before Thursday, April 19, 2007 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain Pascal code.


NuFW 2.2.3, and certain other versions after 2.

NuFW |

NuFW 2.2.3, and certain other versions after 2.0, allows remote attackers to bypass time-based packet filtering rules via certain "out of period" choices of packet transmission time.


The WebService (XML-RPC) interface in Bugzilla

WebService |

The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 does not enforce permissions for the time-tracking fields of bugs, which allows remote attackers to obtain sensitive information via certain XML-RPC requests, as demonstrated by the (1) Deadline and (2) Estimated Time fields.


Software vulnerabilities results 1 to 20 of 226     
Page: 12345...12