Searching toolkit software vulnerabilities

Format string vulnerability in x-gw in TIS Fire

vulnerability | Firewall | Toolkit | string | Format | x-gw | TIS |

Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) allows local users to execute arbitrary commands via a malformed display name.


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard.


Multiple buffer overflows in XMLStarlet Command

XMLStarlet | overflows | Multiple | Toolkit | Command | buffer | Line | XML |

Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c.


Format string vulnerability in xml_elem.c for X

vulnerability | XMLStarlet | xml_elemc | Command | Toolkit | string | Format | Line | XML |

Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code.


GameSpy SDK CD-Key Validation Toolkit, as used

Validation | attackers | command | sending | spoofed | GameSpy | Toolkit | bypass | longer | server | \disc\ | CD-Key | online | remote | allows | which | tells | games | many | used | use | key | SDK |

GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypass the CD key validation by sending a spoofed \disc\ command, which tells the server the CD key is no longer in use.


Unknown vulnerability in CPAINT Ajax Toolkit be

vulnerability | attackers | arbitrary | execute | Unknown | vectors | Toolkit | before | CPAINT | allows | files | 13-SP | read | code | Ajax | via | PHP | ASP |

Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows attackers to execute arbitrary PHP or ASP code or read files via unknown vectors.


The SISCO OSI stack for Windows, as used by MMS

MMS-EASE | Windows | stack | SISCO | used | OSI |

The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan.


Unspecified vulnerability in context.py in Alba

vulnerability | application | Unspecified | Albatross | contextpy | toolkit | before | web |

Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remote attackers to execute arbitrary commands via unspecified vectors involving template files and the "handling of submitted form fields".


Dave Nielsen and Patrick Breitenbach PayPal Web

Breitenbach | Services | Patrick | Nielsen | PayPal | Dave | Web |

Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php.


SQL injection vulnerability in SPT--ForumTopics

SPT--ForumTopicsphp | vulnerability | injection | Toolkit | Portal | Scout | SQL |

SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.


Race condition in the grid-proxy-init tool in G

grid-proxy-init | condition | Toolkit | Globus | Race | tool | 40x | 32x |

Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before Tuesday, August 15, 2006 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.


Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 2

Toolkit | Globus | 40x | 32x |

Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before Tuesday, August 15, 2006 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config.


** DISPUTED ** PHP remote file inclusion vulne

Administration | vulnerability | inclusion | loaderphp | DISPUTED | Toolkit | System | remote | file | PHP |

** DISPUTED ** PHP remote file inclusion vulnerability in loader.php in PHP System Administration Toolkit (PHPSaTK) allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config] parameter. NOTE: this issue is disputed by CVE; analysis shows that the GLOBALS[config] variable is initialized before being used.


The SISCO OSI stack, as used in SISCO MMS-EASE,

applications | attackers | MMS-EASE | possibly | control | service | Toolkit | denial | system | remote | allows | SISCO | AX-S4 | stack | cause | other | ICCP | used | MMS | OSI |

The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets.


The GdkPixbufLoader function in GIMP ToolKit (G

GdkPixbufLoader | function | ToolKit | GIMP |

The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.


Buffer overflow in the cmd_usr function in ftp-

Firewall | function | Internet | overflow | Toolkit | cmd_usr | Buffer | ftp-gw | TIS |

Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK) allows remote attackers to execute arbitrary code via a long destination hostname (dest).


Unspecified vulnerability in globus-job-manager

globus-job-manager | vulnerability | Unspecified | Toolkit | Globus |

Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6.6 and earlier) allows remote attackers to cause a denial of service (resource exhaustion and system crash) via certain requests to temporary TCP ports for a GRAM2 job or its MPICH-G2 applications.


Buffer overflow in lib/silcclient/client_notify

lib/silcclient/client_notifyc | overflow | Toolkit | Client | Buffer | before | SILC |

Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via "NICK_CHANGE" notifications.


Multiple race conditions in certain system call

conditions | Software | Multiple | wrappers | Generic | Toolkit | certain | system | race | call |

Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing.


Buffer overflow in the FileReadGIF function in

FileReadGIF | tkImgGIFc | function | overflow | Toolkit | Buffer |

Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.


Software vulnerabilities results 1 to 20 of 25     
Page: 12