studios software vulnerabilities
vulnerabilities.aspcode.net
Searching studios software vulnerabilities
Cerulean Studios Trillian 0.73 and earlier use
Trillian
|
Cerulean
|
Studios
|
Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.
ArtsCore Studios CuteCast Forum 1.2 stores pass
attackers
|
passwords
|
plaintext
|
ArtsCore
|
document
|
CuteCast
|
request
|
Studios
|
allows
|
obtain
|
stores
|
remote
|
Forum
|
under
|
which
|
file
|
user
|
HTTP
|
root
|
web
|
via
|
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file.
Buffer overflow in Stormy Studios Knet 1.04c an
arbitrary
|
attackers
|
possibly
|
overflow
|
service
|
execute
|
earlier
|
request
|
Studios
|
Stormy
|
Buffer
|
denial
|
remote
|
allows
|
cause
|
long
|
HTTP
|
Knet
|
104c
|
code
|
GET
|
via
|
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
Firefly Studios Stronghold 2 1.2 and earlier al
Stronghold
|
attackers
|
service
|
earlier
|
Firefly
|
Studios
|
denial
|
allows
|
remote
|
cause
|
Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters.
Cerulean Studios Trillian 3.0 allows remote att
attackers
|
Trillian
|
Cerulean
|
service
|
Studios
|
denial
|
allows
|
remote
|
cause
|
Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ.
SQL injection vulnerability in detail.asp in Su
vulnerability
|
Superfreaker
|
attackers
|
arbitrary
|
parameter
|
injection
|
detailasp
|
commands
|
USupport
|
execute
|
Studios
|
allows
|
remote
|
SQL
|
via
|
SQL injection vulnerability in detail.asp in Superfreaker Studios USupport 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in detail.asp in Su
vulnerability
|
Superfreaker
|
attackers
|
arbitrary
|
parameter
|
injection
|
detailasp
|
commands
|
execute
|
Studios
|
UStore
|
allows
|
remote
|
SQL
|
via
|
SQL injection vulnerability in detail.asp in Superfreaker Studios UStore 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
Multiple SQL injection vulnerabilities in Super
vulnerabilities
|
Superfreaker
|
unspecified
|
UPublisher
|
attackers
|
arbitrary
|
injection
|
commands
|
Multiple
|
Studios
|
execute
|
vectors
|
remote
|
allow
|
SQL
|
via
|
Multiple SQL injection vulnerabilities in Superfreaker Studios UPublisher 1.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors in (a) sendarticle.asp and (b) printarticle.asp, and the ID parameter to (c) index.asp and (d) preferences.asp, different vectors than CVE-2006-5888.
SQL injection vulnerability in Superfreaker Stu
vulnerability
|
Superfreaker
|
UPublisher
|
parameter
|
attackers
|
arbitrary
|
injection
|
commands
|
loginasp
|
Username
|
Studios
|
execute
|
allows
|
remote
|
SQL
|
via
|
SQL injection vulnerability in Superfreaker Studios UPublisher 1.0 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp. NOTE: the provenance of this information is unknown; details are obtained from third party sources.
Heap-based buffer overflow in the Rendezvous /
Rendezvous
|
Extensible
|
Heap-based
|
Messaging
|
Presence
|
Protocol
|
overflow
|
buffer
|
Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.
Multiple heap-based buffer overflows in the IRC
heap-based
|
overflows
|
component
|
Cerulean
|
Trillian
|
Multiple
|
Studios
|
before
|
buffer
|
IRC
|
Pro
|
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string.
Cerulean Studios Trillian Pro before 3.1.5.1 al
Trillian
|
Cerulean
|
Studios
|
before
|
Pro
|
Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker.
Heap-based buffer overflow in Cerulean Studios
Heap-based
|
Cerulean
|
Trillian
|
overflow
|
Studios
|
before
|
buffer
|
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478.
Buffer overflow in the AOL Instant Messenger (A
Messenger
|
overflow
|
Instant
|
Buffer
|
AOL
|
Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring.
The AOL Instant Messenger (AIM) protocol handle
Messenger
|
Instant
|
AOL
|
The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the "aim: &c:\" substring and contains a full pathname in the ini field. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Software vulnerabilities results 1 to 17 of 17
Page:
1