rxvt unicode software vulnerabilities
vulnerabilities.aspcode.net
Searching rxvt unicode software vulnerabilities
rxvt, when compiled with the PRINT_PIPE option
-print-pipe
|
PRINT_PIPE
|
specifying
|
privileges
|
including
|
Slackware
|
malicious
|
operating
|
parameter
|
compiled
|
various
|
program
|
command
|
systems
|
option
|
allows
|
RedHat
|
using
|
local
|
Linux
|
users
|
line
|
rxvt
|
gain
|
root
|
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
screen and rxvt in Red Hat Linux 6.0 do not pro
properly
|
devices
|
screen
|
allows
|
which
|
write
|
other
|
local
|
users
|
Linux
|
modes
|
rxvt
|
ttys
|
Red
|
Hat
|
set
|
not
|
tty
|
screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.
xterm, Eterm, and rxvt allow an attacker to cau
characters
|
embedding
|
attacker
|
service
|
resized
|
certain
|
escape
|
window
|
denial
|
which
|
force
|
xterm
|
allow
|
cause
|
Eterm
|
rxvt
|
xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.
Aladdin eSafe Gateway versions 3.0 and earlier
circumvent
|
filtering
|
attacker
|
document
|
encoding
|
versions
|
Aladdin
|
Gateway
|
UNICODE
|
earlier
|
within
|
remote
|
allows
|
SCRIPT
|
eSafe
|
tags
|
HTML
|
via
|
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters.
Microsoft IIS 4.0 and before, when installed on
partition
|
installed
|
Microsoft
|
attacker
|
encoded
|
Unicode
|
obtain
|
source
|
allows
|
before
|
remote
|
files
|
code
|
URL
|
FAT
|
IIS
|
ASP
|
via
|
Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.
Buffer overflow in tt_printf function of rxvt 2
tt_printf
|
function
|
overflow
|
Buffer
|
rxvt
|
Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument.
Netegrity SiteMinder 3.6 through 4.5.1 allows r
SiteMinder
|
Netegrity
|
through
|
Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters.
Macromedia JRun 3.0, 3.1, and 4.0 allow remote
Macromedia
|
attackers
|
character
|
encoded
|
Unicode
|
source
|
remote
|
values
|
files
|
allow
|
view
|
JRun
|
code
|
URL
|
via
|
JSP
|
Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL.
The HTTP proxy for Symantec Enterprise Firewall
Enterprise
|
Firewall
|
Symantec
|
proxy
|
HTTP
|
The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
HP OpenView Select Access 5.0 through 6.0 does
restrictions
|
characters
|
correctly
|
attackers
|
OpenView
|
encoded
|
unicode
|
through
|
Access
|
remote
|
decode
|
Select
|
bypass
|
allow
|
could
|
UTF-8
|
which
|
does
|
URL
|
not
|
HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.
Buffer overflow in command.C for rxvt-unicode b
rxvt-unicode
|
containing
|
arbitrary
|
sequences
|
attackers
|
commandC
|
overflow
|
crafted
|
execute
|
allows
|
before
|
escape
|
remote
|
Buffer
|
long
|
code
|
file
|
via
|
Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences.
The SMTP service in MailEnable Enterprise 1.04
MailEnable
|
Enterprise
|
service
|
SMTP
|
The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the Unicode version of msearch (unicode-msearch) 1.51(U1)-beta1, 1.51(U1), and 1.52(U1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Firefox before 1.0.7 and Mozilla Suite before 1
Firefox
|
before
|
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
Buffer overflow vulnerability in the unicode_to
unicode_to_bytes
|
vulnerability
|
Location
|
Protocol
|
overflow
|
Service
|
Buffer
|
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
estcmd in Hyper Estraier 1.0.1 on Windows syste
Estraier
|
estcmd
|
Hyper
|
estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attackers to read unauthorized files via a crafted search request for a filename that contains Unicode characters.
rxvt-unicode before 6.3, on certain platforms t
rxvt-unicode
|
permissions
|
platforms
|
non-Unix
|
intended
|
maintain
|
devices
|
certain
|
openpty
|
allows
|
before
|
access
|
which
|
write
|
Linux
|
users
|
local
|
read
|
gain
|
such
|
most
|
does
|
use
|
pty
|
tty
|
not
|
BSD
|
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.
Buffer overflow in SecureCRT 5.0.4 and earlier
SecureCRT
|
overflow
|
Buffer
|
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string.
Buffer overflow in ArgoSoft FTP Server 1.4.3.6
ArgoSoft
|
overflow
|
Server
|
Buffer
|
FTP
|
Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer.
Software vulnerabilities results 1 to 20 of 53
Page:
1
2
3
►