Searching various software vulnerabilities

Tiger 2.2.3 allows local users to overwrite arb

Tiger |

Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger's default working directory, as defined by the WORKDIR variable.


runtar in the Amanda backup system used in vari

privileges | operating | providing | arbitrary | overwrite | executes | systems | various | allows | target | Amanda | system | runtar | backup | files | which | read | root | UNIX | user | used | tar |

runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar.


Windows 2000 Server allows remote attackers to

Windows |

Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization.


The go-gnome Helix GNOME pre-installer allows l

pre-installer | including | overwrite | arbitrary | installer | uudecode | go-gnome | various | symlink | attack | allows | snarf | local | GNOME | Helix | users | files | some | /tmp | via |

The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files.


LPPlus programs dccsched, dcclpdser, dccbkst, d

dccbkstshut | executable | dcclpdshut | arbitrary | installed | dcclpdser | services | programs | dccsched | various | dccshut | dccbkst | allows | LPPlus | setuid | users | start | world | which | local | root | stop | LPD |

LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.


Buffer overflow in cpqlogin.htm in web-enabled

cpqloginhtm | web-enabled | management | attackers | arbitrary | software | products | commands | overflow | Manager | execute | Insight | various | agents | Buffer | Compaq | allows | remote | long | user | such | name | via |

Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.


Buffer overflows in various CGI programs in the

administration | Interscan | overflows | VirusWall | programs | various | service | Buffer | remote | Micro | Trend | CGI |

Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands.


sendfiled, as included with Simple Asynchronous

Asynchronous | sendfiled | Transfer | included | Simple | File |

sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.


Directory traversal vulnerability in Endymion M

vulnerability | attackers | arbitrary | traversal | Directory | Endymion | MailMan | remote | before | allows | files | read | via |

Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs.


KvPoll 1.1 allows remote authenticated users to

clear_cookiesphp | "already_voted" | authenticated | including | various | setting | methods | allows | cookie | KvPoll | direct | remote | users | call | more | vote | once | than |

KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php.


SQL injection vulnerability in Thorsten Korner

vulnerability | injection | 123tkShop | Thorsten | before | Korner | SQL |

SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including function_describe_item1.inc.php.


The web-based administration capability for var

admin/adminshtml | administration | configuration | restrictions | capability | containing | attackers | web-based | products | request | Network | leading | various | modify | Camera | bypass | remote | access | allows | Axis | HTTP | via |

The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).


Venturi Client before 2.2, as used in certain F

protocols | including | Fourelle | Wireless | products | spammers | various | Venturi | certain | Client | abused | before | allows | which | relay | proxy | used | open | SMTP | can |

Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers.


Various PDF viewers including (1) Adobe Acrobat

including | viewers | Various | PDF |

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.


The /proc filesystem in Linux allows local user

information | permissions | /proc/self | filesystem | sensitive | ownership | executing | various | entries | program | opening | allows | setuid | change | causes | obtain | before | /proc | Linux | those | local | which | users | fail |

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.


Integer overflow in the rnd arithmetic rounding

arithmetic | attackers | negative | FishCart | versions | function | overflow | quantity | rounding | totals" | Integer | various | "cause | before | allows | remote | order | large | rnd | via |

Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity.


Spooler in Apache Foundation James 2.2.0 allows

Foundation | Spooler | Apache | James |

Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.


Multiple SQL injection vulnerabilities in BK Fo

vulnerabilities | arbitrary | attackers | injection | commands | Multiple | execute | remote | Forum | allow | via | SQL |

Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp.


Unknown vulnerability in "various plugins" for

vulnerability | NanoBlogger | plugins" | "various | Unknown |

Unknown vulnerability in "various plugins" for NanoBlogger 3.2.1 and earlier allows remote attackers to execute arbitrary commands.


mmgallery 1.55 allows remote attackers to obtai

mmgallery |

mmgallery 1.55 allows remote attackers to obtain sensitive information via a direct request for thumbs.php, which reveals the installation path in various error messages.


Software vulnerabilities results 1 to 20 of 116     
Page: 123456