Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods. Date published :...
Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files....
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. Date published :...
The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. Date published...
Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command. Date published : 2005-03-04 http://www.securityfocus.com/bid/12711...
Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command. Date published : 2005-03-04 http://www.securityfocus.com/bid/12711 http://www.securityfocus.com/archive/1/391960
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. Date published : 2005-03-04 http://www.securityfocus.com/bid/12704 http://www.securityfocus.com/archive/1/391987
Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. Date published : 2005-03-04 http://www.securityfocus.com/bid/12703 http://marc.info/?l=bugtraq&m=111023000624809&w=2
PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter. Date published : 2005-03-04 http://www.securityfocus.com/bid/12696 http://marc.info/?l=bugtraq&m=110971663824719&w=2
delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters. Date published : 2005-03-04 http://www.securityfocus.com/bid/12694 http://marc.info/?l=bugtraq&m=110970738214608&w=2
sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter. Date published : 2005-03-04 http://www.securityfocus.com/bid/12690 http://marc.info/?l=bugtraq&m=110971002211589&w=2
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters. Date published : 2005-03-04 http://www.securityfocus.com/bid/12693 http://marc.info/?l=bugtraq&m=110970474726113&w=2
Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in search.php or the (2) body or (3) subject of a...
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. Date published : 2005-03-04 http://www.securityfocus.com/bid/12695...