A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products. The specific flaw exists within the processing of an improperly defined "coffFiles" field in .CAB archives. Large values result in an unbounded data copy operation which can result in an exploitable stack-based buffer overflow.
37bf82225077227a302cfe57152987b0ad97b5ced6a8ed790909c5e9335b823d
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products. The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may occur.
9f08822728173c4c5a28f3becaa2ab42e6f934a8a24ce21f45393797c488afb6
Symantec Security Advisory - Files created by a Reporting Server may be accessible to an unauthorized user.
589ba56f401be09e9a8f35071b6a6e3ccaf8fdb6e6a9237a688e8a8e046e7299
Symantec Security Advisory - The administrator password for Symantec Reporting Server could be disclosed after a failed login attempt.
ee77f7cdeef720baf2f34f6ca5e2f869208de7deaa1e3db8a9edeaaf1ba02b62
K-letter version 1.0 suffers from a remote file inclusion vulnerability.
150bc80a4bf3249f2ee562115eea4623122626aa86ac4a3e098ed1aad6d55af7
Madirish Webmail version 2.0 suffers from a remote file inclusion vulnerability.
f74181ebd7f79da849299ffbde20518867743f25fec9eea99e1dfd67343011c8
EQdkp versions 1.3.2 and below remote SQL injection exploit that makes use of listmembers.php.
0dcf996585512a79b0b1956efd735cbc38a0932e33995acec9a3f43cdb26d11a
Sendcard versions 3.4.1 and below local file inclusion exploit that allows for remote code execution.
e78297aaa36318d5b225f7f41ddff52fa60395bdbb596e798b8922485ac562c7
Gentoo Linux Security Advisory GLSA 200706-01 - Victor Stinner reported an integer overflow in the exif_data_load_data_entry() function from file exif-data.c while handling Exif data. Versions less than 0.6.15 are affected.
93c756b460c5bfa2e87100f1927d6e0679f1f7c01341d7f461964af794e249bd
HP Security Bulletin - Potential vulnerabilities have been identified with HP-UX running CIFS Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code.
ad6a1b5d098b8eecd63cfedf8a874e5b4d3cc46528fe36eb85934ab4e10e0e8b
Comicsense suffers from a SQL injection vulnerability in index.php.
c4e2632a88978ae5c1a1a45a6a53ddbcc3c16fdc7b599cdf67308bb9e9ab93e2
untidy is general purpose XML Fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input. It's released under GPL v2 and written in python.
cb9f89dfdf1cce6e76b2946659b685492339efaff809146b7d036304fed2def0
Mandriva Linux Security Advisory - A vulnerability in the OLE2 parser in ClamAV was found that could allow a remote attacker to cause a denial of service via resource consumption with a carefully crafted OLE2 file.
5ba370f181042d0adb97ed232168b215ac814841206182bf098ee13767b83219
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Centennial Software XferWan. Authentication is not required to exploit this vulnerability. The specific flaw exists during the parsing of overly long requests to the XferWAN process. When logging requests, user-supplied data is copied to the stack resulting in an exploitable buffer overflow condition.
f4d076517c9d4a4a593a8dfb89136ce5a9d6ebd7819ce5197210307b4def4b97
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Business Objects Crystal Reports. Exploitation requires the target to visit a malicious web site. This specific flaw exists within the ActiveX control with CLSID 85A4A99C-8C3D-499E-A386-E0743DFF8FB7. Specifying large values to two specific functions available in this control results in an exploitable stack based buffer overflow.
e24ae113a22f3a7a7506ceb077927a8ccada365b76855ce78837eb1e93290125
This vulnerability allows an attacker to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. Authentication is not required to exploit this vulnerability. The specific flaw exists in the functionality exposed by the Storage Foundation for Windows Scheduler Service, VxSchedService.exe, which listens by default on TCP port 4888. During normal use an administrator may add schedules to be run using the management console which requires authentication. However, if an attacker connects directly to the scheduler service and issues the commands, there exists no validation of credentials.
b21f0715aa4ab1d1028ae1ca11d815a7f5ffa1a1e6b7b90f8db30cabb945c152
Mandriva Linux Security Advisory - A flaw in the way mutt processed certain APOP authentication requests was discovered. By sending certain responses when mutt attempted to authenticate again an APOP server, a remote attacker could possibly obtain certain portions of the user's authentication credentials. A flaw in how mutt handled certain characters in gecos fields could lead to a buffer overflow. A local user able to give themselves a carefully crafted Real Name could potentially execute arbitrary code if a victim used mutt to expand the attacker's alias.
6b8cbb2e3edb1a00296f3e4bc93c26ce131049a4ce5778da0a2b2e45ec352ecf
Mandriva Linux Security Advisory - Buffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.
b013269b0e31229df043feb395d1bcafdca5e4cc700e2c95ff5c8350894b35bb
Mandriva Linux Security Advisory - login in util-linux-2.12a (and later versions) skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.
838fdb8aedf9155a23354cb33cc337dc1b1551dd33d8c407d1f93c5842eda5a7
Mandriva Linux Security Advisory - A security hole was discovered in all versions of the PEAR Installer (http://pear.php.net/PEAR). The security hole is the most serious hole found to date in the PEAR Installer, and would allow a malicious package to install files anywhere in the filesystem. The vulnerability only affects users who are installing an intentionally created package with a malicious intent. Because the package is easily traced to its source, this is most likely to happen if a hacker were to compromise a PEAR channel server and alter a package to install a backdoor. In other words, it must be combined with other exploits to be a problem.
d5ddc79329de98184813b2b9b77553d5bda0fbf71ca44cd3fcd83d64e7f553a3
The directory traversal fix in Firefox version 2.0.0.4 only partially fixed the flaw and accidentally circumvents an existing input validation check.
4ad3e4fcce8b9bfb38e0e28040599ebf2b9642a4772941a3340a59feac189edf
Debian Security Advisory 1291-4 - The samba security update for CVE-2007-2446 introduced a regression, which broke connection to domain member servers in some scenarios. This update fixes this regression.
ca183405f2b1680ff8eecc3e3bd42583d58d4b5c42ab6cf1c4eff0b8c06ee585
Explorer.exe version 6.00.2900.2180 suffers from a buffer overflow vulnerability.
0ef909240a80f33f33969d55670911c0b5c3a8e387c86025576087057b4d4972
My Datebook is susceptible to cross site scripting and SQL injection vulnerabilities.
774981b38ee4d3b858f96bf4b4b91ac8898ef83a5a9dba2c2b93a8a93f91f159
Various F-Secure products are susceptible to a remotely exploitable vulnerability when parsing FSG packed files.
a10b67e91d8751747b85120f6a3ddf708396072425c7e53c310c721114b13b48