A flaw exists in Microsoft Internet Explorer 5.x-6.0 that allows a remote attacker to execute a file using chm in showHelp().
74dacbfe84a67a971cd82b2d9a84831f67dbb9786abc754990bc01ccd23a36b1
The Landesk Management Suite versions 8.0 and below suffer from a buffer overflow in their SetClientAddress function inside of YAUTO.DLL.
5a625063a7cfb000b398dba689f5dbde9099a3be80474bd16b2c97f3b3361e10
Opera versions 7.22 and below allow for a remote site to overwrite local files during temporary file creation due to a lack of sanitizing filenames.
60c29d87a6f9de9b85286c7f945db2574fa8ee1f7e1c33632321555b1477c9ea
osCommerce versions 2.2-MS1 and 2.2-MS2 allow a remote attacker to send a malformed URI that can effectively deny a user legitimate access to their account via a denial of service attack that will cause an unremovable item to be placed in the users shopping cart. These releases are also subject to SQL injection attacks and cross-site scripting problems as well.
4c4f31e91ddc721a290c33f3497928cb959707eed54691809a10b531978ae64e
Xerox Document Centre 470, 255ST, and possibly others allow for remote unauthorized access to files, access to plaintext passwords for the HTTP administration interface, access to DES passwords for the operating system, and read-write access to HTTP users and passwords.
026b93d3219efe238d3210af33b8dafe109314334e03c1bb222b23d44131e548
Weak encryption in the client for the game Dark Age of Camelot exposes customer billing and authentication information during transmission.
6d944e3dc153c45f1774d46011fc92c063d2ad92d85abf77cd1c805dfeb68133
Two buffer overflows exist in lftp versions 2.3 to 2.6.9. When using the ls and rels commands during an HTTP/HTTPS connection, an attacker has the opportunity to exploit a sscanf() call in try_netscape_proxy() and try_squid_eplf().
763cfb7b83021a88fea152144b0becd3ae188d5febab74fae428d2aa26a62665
Eznet v3.5.0 and below contains a stack overflow in eZnet.exe which can be exploited in a GET request to SwEzModule.dll.
f6257c897987cc1e3d11a346e0c9313375ab796a397fcf72b2e85cc15cd1b584
Opera for Windows v7.x prior to v7.23 build 3227 contains a file overwrite vulnerability which allows remote downloads to overwrite any file on the filesystem.
f4080a105f0722ecfb13159fccbb24fb407efafa0251c74c77d7beb48149e744
Core Security Technologies Advisory CORE-2003-12-05 - New attack vectors were found for the Workstation Service vulnerability discussed in MS03-049 and the Messenger service vulnerabilities in MS03-001, MS03-026 and MS03-043. It was found that the attacks can be directed at UDP ports from spoofed source IP's, at the UDP broadcast addresses, or to ports above 1024, bypassing many firewalls by setting the source port to 53 and spoofing the packet from a trusted DNS server.
44529d93a00bb88bb168c0c51d37842dbc5cf391d901a6518dd8e0c2baf882ee
Sybase Adaptive Server Anywhere v9.0.0, the relational database at the core of SQL Anywhere Studio 8 contains over 50 vulnerabilities including format string overflows, buffer overflows, and denial of service conditions. Fix available here.
85b020d178f9754cbb630b420899e0a35ec15ff5fd3c3ba755e03d19390d2f14
Secure Network Operations Advisory SRT2003-12-04-0723 - Ebola, the AntiVirus scanning daemon system versions 0.1.4 and below, contain a remotely exploitable buffer overflow in their authentication sequence.
ab8ac4be2a73ff8565230c696bef71988ee754456506e8ac690fced1879fa5eb
Sending a blank GET request to a Linksys WRT54G v1.0 (firmware v 1.42.3) router results in a denial of service.
986a4c9134cb217705aa68dacd125d9dff813dac0af519f895c98449cde6ce59
Websense Enterprise versions 4.3.0 to 5.1 are susceptible a cross-site scripting attack where an end user may be tricked into running malicious code in their trusted zone.
6e69678fcb36ec02588ee2c42ee95597361b4f16a38bd7afc185b5f0ad3d4b42
Yahoo Instant Messenger versions 5.6.0.1347 and below is susceptible to a buffer overflow attack in the YAUTO.DLL file when a long URL is passed to the Open(String Url) function.
5d7b42348c6d1f81129057e67e3bb4a60281eb97d1d5a6558791d635b6257c57
The pxboard executable in XBoard versions 4.2.6 and below creates and writes to a file with a predictable filename in the /tmp directory.
273fdbcba2883e7c9dd1149352709a9f8d46252e9ea39b799308b8eb63cb590d
Gentoo Linux Security Announcement 200312-01 - On December 2nd, the rsync.gentoo.org server was compromised via a heap overflow in the rsync 2.56 server implementation.
db69bcc79065d6bee04297b0bb9b90c91db819197c09304db31a87f2671a117e
Detailed information on the linux kernel v2.4 prior to v2.4.23 local root vulnerability in the do_brk() kernel function. Kernels 2.4.20-18.9, 2.4.22 (vanilla), and 2.4.22 with grsecurity patch are confirmed vulnerable.
43a76479ec2e92c678e1e79c86fa11a5609b490ba6e29b4d220c64300a875126
Linux v2.4.x below v2.4.23 was found to contain a local root vulnerability when a multiple servers of the Debian project were compromised using a new kernel exploit. Due to an integer overflow in the do_brk() system call, it is possible for local users to gain root access. Users of kernel v2.4.22 and below should upgrade.
6b7bf49bb900c4191213c7198954faf0787e580c8572403926b9a31da91795b0