PHP-Nuke versions 6.x through 7.2 have a flaw that allows for administrator level authentication bypass.
e506b19ed8619a63fd70561c25235584398ff9dd2637205db300cc42e775de9e
PHP-Nuke versions 6.x through 7.2 have a flaw that allows for user level authentication bypass.
24b939d8a82382eed2da1caaffa8502f8d77754e47102fee8be0407d1a625590
Adobe Acrobat versions 4 and 5 suffer from a denial of service vulnerability when too much memory gets allocated during file repair.
ae5c07d771e63edb6f99d8fc14af107117cc067035f53d32dc45b613cd6612c0
Microsoft Outlook Express 6.0 crashes when it attempts to open an EML file that contains a Sender: tag but does not have a From: tag.
401226492dbcf372ba53324b71129d1a0638c59da040c0b64633814b86ffc654
Microsoft Internet Explorer versions 5.0 to 6.0 allocate memory for BMP files without verifying the actual size of them, allowing memory resources to be easily maxed, resulting in a denial of service.
f138ac5cd2b69cba2ae88677e76ed4919082f5997dbe7d2c5d44f770f1d4c6df
RSniff, the packet sniffer for Linux, is susceptible to a denial of service attack.
63e855d919cd019e79d1bb3e8434abfd0ecbdb2f5a5c18f5366896725207f863
Gentoo Linux Security Advisory GLSA 200404-12 - Scorched 3D (build 36.2 and before) does not properly check the text entered in the Chat box (T key). Using format string characters, you can generate a heap overflow. This and several other unchecked buffers have been corrected in the build 37 release.
7cc0f27c7cfcf31aba5925849d764bba47c7530c06c0e539c47af1455f98b1a1
Gentoo Linux Security Advisory GLSA 200404-11 - Multiple vulnerabilities have been found in the implementation of protocol H.323 contained in pwlib. Most of the vulnerabilities are in the parsing of ASN.1 elements which would allow an attacker to use a maliciously crafted ASN.1 element to cause unpredictable behavior in pwlib. Versions affected are 1.5.2-r2 and below.
658918b474c937ad91678732957c057690adb54ec7abe93ce910c34aef5c29d9
Crackalaka version 1.0.8 is susceptible to a denial of service attack when it attempts to manage an unallocated sector of memory.
9dde802d0a2e809557045796e6a9e20512b83f9e5adb65b97c9b9917b77689ab
CERT Advisory TA04-099A - A cross-domain scripting vulnerability in Microsoft Internet Explorer (IE) could allow an attacker to execute arbitrary code with the privileges of the user running IE. The attacker could also read and manipulate data on web sites in other domains or zones.
45b5d0160e0525654903fd7af4653ab79ae3fdd6b7c8b72ed954e36b0b24feba
Priv8 Security Research Advisory #2004-002 - Versions 0.4.1 and below of LCDproc are vulnerable to multiple bugs that allow for arbitrary code execution.
82092cf612491eeb7dec6e405e05b133230a3034908b558a3d4ebed584972c09
Priv8 Security Research Advisory #2004-001 - All versions of LCDproc are vulnerable to a remotely exploitable buffer overflow that allows attackers to execute arbitrary code. The problem appears in function parse_all_client_messages() of parse.c file where a loop does not check if MAXARGUMENTS were reached, causing the program to crash when lots of arguments are passed to the function.
e6a3e47f9d3eb96f5fee396fb74b7e9a707654dae6aef17892ce43f2ff5ebf5c
InAccess Networks Security Advisory - A heap overflow vulnerability exists in Oracle 9iAS / 10g Application Server Web Cache that allows for arbitrary code execution.
4e378c70e2ef00bc393079279435003c09bf5895c7e3812c496bd01f0d2d04f9
Cisco Security Advisory 2004040 - A default username/password pair is present in all releases of the Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) software. A user who logs in using this username has complete control of the device. This username cannot be disabled. There is no workaround.
6a4be975d4201d649a7ffdf291e7929eaa6006a691c79fbabe79b61b888e910c
Internet Explorer 6 crashes when locally loading a page with a question mark in a SRC directive for an IFRAME.
db2729d2820dc69b04e1f7015ef4323602c2ea205588357e058d3c20a4af25c9
Cisco Security Advisory 20040408 - A malformed Internet Key Exchange (IKE) packet may cause the Cisco Catalyst 6500 Series Switch or the Cisco 7600 Series Internet Router hardware, with the VPNSM installed, to crash and reload.
0269ce725ef4e8d6cc8fa7275e00ab62e517f10e46ed46a4537532bfe38d0df9
AzDGDatingLite version 2.1.1 is susceptible to cross site scripting attacks.
e325332f1004ce749d1d099b4a55c1d8ed2f024bc85f8b126169bb5fcd844b80
A vulnerability exists in eMule version 0.42d in the DecodeBase16() function.
d3e30ff715989d9e92860890797d21f465cf17dc44a3a328f0318d8843836dbd
Further information regarding McAfee Freescan vulnerabilities that lead to information disclosure.
0c933e94553d043a1ade2fa60200bacdbf752c331eeb9bcde070e7b8bcf06438
The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allowing man-in-the-middle attacks and unauthorized connections.
71543886817095206418704efa10659ef5beea8a3d20927b8bb9d160165178e0
Kerio Personal Firewall version 4.0.13 is susceptible to a remote crash when using the web filter functionality.
aa32e7e541c23dcecb86d058506f76e1a1c434d554050792b523589586bd9cbb
NGSSoftware Insight Security Research Advisory #NISR17042004 - By crafting malformed .R3T file it is possible to cause a stack based overruns in RealPlayer / RealOne Player. By forcing a browser to a website containing such a file, code could be executed on the target machine running in the context of the logged on user, alternatively the end user would be required to open the .R3T file as a mail attachment. Systems Affected: RealPlayer 8, RealOne Player, RealOne Player v2 for Windows only (all languages), RealPlayer 10 Beta (English only) and RealPlayer Enterprise (all versions, stand-alone and as configured by the RealPlayer Enterprise Manager).
6d743136e2278e3913a2b15ed69ed2788f1f4b991aaed8aef0dce1951f4208cf
Symantec Virus Detection is susceptible to a buffer overflow.
31a857797e3983ace0f26dc8e18ec9b0bc7e387b4858a2de50c91d2630b74419
Mcafee FreeScan is susceptible to buffer overflow and private information disclosure attacks.
965b844a3cdf53e9218191c6a7f6de76daa2d357f51cad2f8a2e1a8cd4df2ca2
Panda ActiveScan version 5.0 has a buffer overflow that allows for arbitrary code execution with SYSTEM level privileges.
bb4d99560509598cb4f1c03ef93898aab049201920dcb2e36a4f8e75db55b32f