A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products. The specific flaw exists within the processing of an improperly defined "coffFiles" field in .CAB archives. Large values result in an unbounded data copy operation which can result in an exploitable stack-based buffer overflow.
37bf82225077227a302cfe57152987b0ad97b5ced6a8ed790909c5e9335b823dA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products. The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may occur.
9f08822728173c4c5a28f3becaa2ab42e6f934a8a24ce21f45393797c488afb6Symantec Security Advisory - Files created by a Reporting Server may be accessible to an unauthorized user.
589ba56f401be09e9a8f35071b6a6e3ccaf8fdb6e6a9237a688e8a8e046e7299Symantec Security Advisory - The administrator password for Symantec Reporting Server could be disclosed after a failed login attempt.
ee77f7cdeef720baf2f34f6ca5e2f869208de7deaa1e3db8a9edeaaf1ba02b62K-letter version 1.0 suffers from a remote file inclusion vulnerability.
150bc80a4bf3249f2ee562115eea4623122626aa86ac4a3e098ed1aad6d55af7Madirish Webmail version 2.0 suffers from a remote file inclusion vulnerability.
f74181ebd7f79da849299ffbde20518867743f25fec9eea99e1dfd67343011c8EQdkp versions 1.3.2 and below remote SQL injection exploit that makes use of listmembers.php.
0dcf996585512a79b0b1956efd735cbc38a0932e33995acec9a3f43cdb26d11aSendcard versions 3.4.1 and below local file inclusion exploit that allows for remote code execution.
e78297aaa36318d5b225f7f41ddff52fa60395bdbb596e798b8922485ac562c7Gentoo Linux Security Advisory GLSA 200706-01 - Victor Stinner reported an integer overflow in the exif_data_load_data_entry() function from file exif-data.c while handling Exif data. Versions less than 0.6.15 are affected.
93c756b460c5bfa2e87100f1927d6e0679f1f7c01341d7f461964af794e249bdHP Security Bulletin - Potential vulnerabilities have been identified with HP-UX running CIFS Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code.
ad6a1b5d098b8eecd63cfedf8a874e5b4d3cc46528fe36eb85934ab4e10e0e8bComicsense suffers from a SQL injection vulnerability in index.php.
c4e2632a88978ae5c1a1a45a6a53ddbcc3c16fdc7b599cdf67308bb9e9ab93e2untidy is general purpose XML Fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input. It's released under GPL v2 and written in python.
cb9f89dfdf1cce6e76b2946659b685492339efaff809146b7d036304fed2def0Mandriva Linux Security Advisory - A vulnerability in the OLE2 parser in ClamAV was found that could allow a remote attacker to cause a denial of service via resource consumption with a carefully crafted OLE2 file.
5ba370f181042d0adb97ed232168b215ac814841206182bf098ee13767b83219A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Centennial Software XferWan. Authentication is not required to exploit this vulnerability. The specific flaw exists during the parsing of overly long requests to the XferWAN process. When logging requests, user-supplied data is copied to the stack resulting in an exploitable buffer overflow condition.
f4d076517c9d4a4a593a8dfb89136ce5a9d6ebd7819ce5197210307b4def4b97A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Business Objects Crystal Reports. Exploitation requires the target to visit a malicious web site. This specific flaw exists within the ActiveX control with CLSID 85A4A99C-8C3D-499E-A386-E0743DFF8FB7. Specifying large values to two specific functions available in this control results in an exploitable stack based buffer overflow.
e24ae113a22f3a7a7506ceb077927a8ccada365b76855ce78837eb1e93290125This vulnerability allows an attacker to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. Authentication is not required to exploit this vulnerability. The specific flaw exists in the functionality exposed by the Storage Foundation for Windows Scheduler Service, VxSchedService.exe, which listens by default on TCP port 4888. During normal use an administrator may add schedules to be run using the management console which requires authentication. However, if an attacker connects directly to the scheduler service and issues the commands, there exists no validation of credentials.
b21f0715aa4ab1d1028ae1ca11d815a7f5ffa1a1e6b7b90f8db30cabb945c152Mandriva Linux Security Advisory - A flaw in the way mutt processed certain APOP authentication requests was discovered. By sending certain responses when mutt attempted to authenticate again an APOP server, a remote attacker could possibly obtain certain portions of the user's authentication credentials. A flaw in how mutt handled certain characters in gecos fields could lead to a buffer overflow. A local user able to give themselves a carefully crafted Real Name could potentially execute arbitrary code if a victim used mutt to expand the attacker's alias.
6b8cbb2e3edb1a00296f3e4bc93c26ce131049a4ce5778da0a2b2e45ec352ecfMandriva Linux Security Advisory - Buffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.
b013269b0e31229df043feb395d1bcafdca5e4cc700e2c95ff5c8350894b35bbMandriva Linux Security Advisory - login in util-linux-2.12a (and later versions) skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.
838fdb8aedf9155a23354cb33cc337dc1b1551dd33d8c407d1f93c5842eda5a7Mandriva Linux Security Advisory - A security hole was discovered in all versions of the PEAR Installer (http://pear.php.net/PEAR). The security hole is the most serious hole found to date in the PEAR Installer, and would allow a malicious package to install files anywhere in the filesystem. The vulnerability only affects users who are installing an intentionally created package with a malicious intent. Because the package is easily traced to its source, this is most likely to happen if a hacker were to compromise a PEAR channel server and alter a package to install a backdoor. In other words, it must be combined with other exploits to be a problem.
d5ddc79329de98184813b2b9b77553d5bda0fbf71ca44cd3fcd83d64e7f553a3The directory traversal fix in Firefox version 2.0.0.4 only partially fixed the flaw and accidentally circumvents an existing input validation check.
4ad3e4fcce8b9bfb38e0e28040599ebf2b9642a4772941a3340a59feac189edfDebian Security Advisory 1291-4 - The samba security update for CVE-2007-2446 introduced a regression, which broke connection to domain member servers in some scenarios. This update fixes this regression.
ca183405f2b1680ff8eecc3e3bd42583d58d4b5c42ab6cf1c4eff0b8c06ee585Explorer.exe version 6.00.2900.2180 suffers from a buffer overflow vulnerability.
0ef909240a80f33f33969d55670911c0b5c3a8e387c86025576087057b4d4972My Datebook is susceptible to cross site scripting and SQL injection vulnerabilities.
774981b38ee4d3b858f96bf4b4b91ac8898ef83a5a9dba2c2b93a8a93f91f159Various F-Secure products are susceptible to a remotely exploitable vulnerability when parsing FSG packed files.
a10b67e91d8751747b85120f6a3ddf708396072425c7e53c310c721114b13b48
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed