terminating software vulnerabilities
vulnerabilities.aspcode.net
Searching terminating software vulnerabilities
CGIScript.net csNews.cgi allows remote authenti
metacharacters
|
authenticated
|
CGIScriptnet
|
terminating
|
capability
|
Settings"
|
"Advanced
|
arbitrary
|
csNewscgi
|
execute
|
quotes
|
fields
|
remote
|
allows
|
users
|
code
|
Perl
|
text
|
via
|
CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability.
eo420_GetStringFromVarPart in veo420.c for SAP
eo420_GetStringFromVarPart
|
database
|
veo420c
|
server
|
SAP
|
eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow.
Multiple buffer overflows in Gaim 0.75 allow re
overflows
|
Multiple
|
buffer
|
Gaim
|
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.
Cross-site scripting (XSS) vulnerability in Sna
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' (double quote) character.
The buffer overflow trigger in Cisco Security A
overflow
|
Security
|
trigger
|
buffer
|
Agent
|
Cisco
|
The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.
Buffer overflow in the IMAP service of MailEnab
Professional
|
MailEnable
|
overflow
|
Edition
|
service
|
Buffer
|
IMAP
|
Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.
PHP file include vulnerability in download.php
vulnerability
|
PHPSimplicity
|
downloadphp
|
Simplicity
|
include
|
Upload
|
before
|
file
|
PHP
|
PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters.
The thread termination routine in the kernel fo
termination
|
Windows
|
routine
|
thread
|
kernel
|
The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."
Multiple off-by-one errors in the cURL library
off-by-one
|
Multiple
|
library
|
errors
|
cURL
|
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.
IBM DB2 Universal Database (UDB) 820 before ESE
Universal
|
Database
|
IBM
|
DB2
|
IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared.
ASP.NET in Microsoft .NET Framework 2.0 SP2 and
Framework
|
Microsoft
|
earlier
|
Windows
|
ASPNET
|
NET
|
SP2
|
ASP.NET in Microsoft .NET Framework 2.0 SP2 and earlier for Windows 2000, XP, and Server 2003; and 2.0 and earlier for Windows Vista allows remote attackers to access configuration files and obtain sensitive information via "invalid URLs," probably containing a terminating NULL byte.
The wininet.dll FTP client code in Microsoft In
wininetdll
|
Microsoft
|
Internet
|
Explorer
|
client
|
code
|
FTP
|
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.
Off-by-one error in the fsp_readdir_r function
fsp_readdir_r
|
terminating
|
MAXNAMELEN
|
Off-by-one
|
directory
|
attackers
|
function
|
prevents
|
exactly
|
service
|
fsplibc
|
length
|
before
|
fsplib
|
allows
|
remote
|
denial
|
cause
|
being
|
error
|
which
|
entry
|
whose
|
added
|
byte
|
null
|
via
|
Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib before 0.9 allows remote attackers to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which prevents a terminating null byte from being added.
Software vulnerabilities results 1 to 14 of 14
Page:
1