Corsaire Security Advisory - The PeopleSoft IScript interface accepts a number of arguments via HTTP POST/GET calls. Using a carefully constructed URL, Java code can be executed in a users context.
49c7d7dac2df8685c1ffa08b0ea2b20a702114b5f2b917806113e242380c3f43
Corsaire Security Advisory - The PeopleSoft Gateway Administration utility has a servlet that discloses its full path to the configuration files on the server when improper values are passed to it.
08f4265e6b6df73f2a516dc2004f39b7a6a8b4a9721fbac7e78d54b11bea003a
Microsoft Security Bulletin MS03-051 - This bulletin addresses two new security vulnerabilities in Microsoft FrontPage Server Extensions, the most serious of which could enable an attacker to run arbitrary code on a user's system. The first vulnerability exists because of a buffer overrun in the remote debug functionality of FrontPage Server Extensions. The second vulnerability is a Denial of Service vulnerability that exists in the SmartHTML interpreter.
a64a5bca634bcd946c38df1abd14ced1ff623dc64459d7b7e57a6a36c3f219f5
Microsoft Security Bulletin MS03-050 - A security vulnerability exists in Microsoft Excel that could allow malicious code execution. This vulnerability exists because of the method Excel uses to check the spreadsheet before reading the macro instructions. If successfully exploited, an attacker could craft a malicious file that could bypass the macro security model. Another security vulnerability exists in Microsoft Word that could allow malicious code execution. This vulnerability exists due to to the way Word checks the length of a data value (Macro names) embedded in a document. If a specially crafted document were to be opened it could overflow a data value in Word and allow arbitrary code to be executed.
2e65329c134cc1472436bf1dfa5a13a48429afbcc0aa286c1a69fd0eec83e2c5
Microsoft Security Bulletin MS03-049 - A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service. If exploited, an attacker could gain System privileges on an affected system, or could cause the Workstation service to fail. An attacker could take any action on the system, including installing programs, viewing data, changing data, or deleting data, or creating new accounts with full privileges.
2ebf3e9a6635c0389c71cb5892f6c16f50e7ee7d9b2ac16950fd17ef4028aea8
Microsoft Security Bulletin MS03-048 - A cumulative update patch has been released for Internet Explorer that includes the functionality of all the previously-released updates for Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates the following five newly-discovered vulnerabilities.
dfc29d27adae94c6b106aaaf9545a35d4b5a7adc9870d2ce88bb70b85d0bef8c
NSFOCUS Security Advisory SA2003-07 - The HP-UX Software Distributor utilities are susceptible to a buffer overflow vulnerability when reading in the LANG variable since they do not perform any bounds checking on its size. Due to this, local attackers could gain root privileges.
fa7084e4341d66e2414719a1aa4874b255b2255729d312209d47cbdb4f8997bd
NSFOCUS Security Advisory SA2003-08 - Do to a lack of input validation on the NLSPATH variable, libc on HP-UX is susceptible to a format string vulnerability that will allow a local attacker to gain root privileges.
7763824063b03d4c3ebd80f0f6e25b25ad766c35105b7d94923ec0e3e6a15b2b
Fortigate firewall pre 2.50 maintenance release 4 allows a remote attacker to inject hostile code into an administrative interface. This vulnerability, used in conjunction with the fact that the username and MD5 hash of the user's password are stored in a cookie, allows a remote attacker to trick an administrator into giving up their credentials.
10520ea52ac2e94c5e4b69055bcaa957dce33e5e0594b94759fc3b4eefda58aa
Secure Network Operations Advisory SRT2003-11-11-1151 - Clam AntiVirus versions clamav-0.60 through clamav-0.60p are subject to format string attacks that allow a remote attacker to commit a denial of service and possibly perform remote command execution.
10ef4bf26c1ab47ad1a7b53bc21aae94a7fe570686b961eb6d52b4a3d73035fa
CERT Advisory CA-2003-28 - A specially crafted network message can trigger a buffer overflow in Microsoft's Workstation server. The vulnerability is caused by a flaw in the network management functions of the DCE/RPC service and a logging function implemented in Workstation Service (WKSSVC.DLL). Various RPC functions will permit the passing of long strings to the vsprintf() routine that is used to create log entries. The vsprintf() routine contains no bounds checking for parameters thus creating a buffer overflow situation.
979392a63ca9d86583ec3f6402dafeb1c0ea7237bc2af925d5f46a51e7c89a47
TerminatorX v3.8.1 contains several local root vulnerabilities including stack overflows and format string bugs. Includes the vulnerable code and solutions.
6896039ce102a933e00fff841c4b978321a4a345c95c62d0bcf97ed8888e020f
Secure Network Operations Advisory SRT2003-11-06-0710 - IBM DB2 UDB v7 through v8.1 contains multiple local security flaws including buffer overflows and format string bugs in db2start, db2stop, and db2govd. Fix available here.
024592d4a5147b75bed2225d6e629852eb1d72976b68b04a810ce561e313c67c
NGSSoftware Insight Security Research Advisory #NISR05112003 - Multiple Oracle Application Server SQL injection vulnerabilities exist for all OS platforms with Oracle 9i Application Server Release 1 and 2 and RDBMS.
c14bf67a31522701aa71637b6fe672b5b213d2b13fe5d981c029e99e1d4ae4cf
Secure Network Operations, Inc. Advisory SRT2003-11-02-0115 - The NIPRint LPD-LPR Print Server versions 4.10 and below on the Win32 platform are susceptible to a buffer overflow that can allow a remote user to gain SYSTEM privileges. http://www.secnetops.com.
fb70af3656c58520746abf065985b71d5adb36f13e3adc0125088d0ea0640f8c
Secure Network Operations, Inc. Advisory SRT2003-11-02-0218 - The NIPrint LPD-LPR Print Server versions 4.10 and below on the Win32 platform are susceptible to a vulnerability that allows a local user to escalate to SYSTEM privileges. http://www.secnetops.com.
fc2a664387e4787a695b2af87bd843a7baf71489667b12addea670ac90cb1175
OpenSSL Security Advisory 20031104 - A bug in OpenSSL 0.9.6 would cause certain ASN.1 sequences to trigger a large recursion. On platforms such as Windows this large recursion cannot be handled correctly and so the bug causes OpenSSL to crash. A remote attacker could exploit this flaw if they can send arbitrary ASN.1 sequences which would cause OpenSSL to crash. This could be performed for example by sending a client certificate to a SSL/TLS enabled server which is configured to accept them.
409756506e14f27eaed3fa2e17e064358dee057651432c52488fd3436c6babf8
isakmpd, OpenBSD's IKE daemon, contains severe flaws in payload handling that allow for the unauthorized deletion of IKE and IPsec SAs. It allows this due to a lack of encryption being applied in Quick Mode and a lack of validation for the origin of delete message payloads, among other issues.
3988c2d5ef9fcbecf1cf09989991d959569afb820df8646367b19b0ca3c9b78e
IA WebMail Server versions 3.1 and below from True North Software are vulnerable to a stack-based buffer overflow via its HTTP GET request header. This overflow can lead to a denial of service and remote code execution.
4ee7d2ce7cd21185e891a868872e9582aff0036983de46858eed8983a8b50341
Bugzilla Security Advisory - Five security related bugs have been discovered in this web-based bug tracking system. Two relate to SQL injection attacks via privileged user accounts. A third allows ex-members of a deleted group to get inserted into a new group if it is created reusing the same name. Two other issues allow extraction of bug information for any known email address and for a user to obtain descriptions for a product they do not have access to.
39b258a4c1f61e7a04f61190675f88517211c8525b062d55c9f258be69b46223
Ethereal Security Advisory Enpa-sa-00011 - The GTP, ISAKMP, MEGACO, and SOCKS protocol dissectors in Ethereal 0.9.15 contain remotely exploitable vulnerabilities.
d7bc0fcca6c99026c224ae9aaece5efe0f4949c630b3354a6113560049da4a5f