Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. Date published : 2005-08-05 http://www.securityfocus.com/bid/3942 http://www.supernature-forum.de/vbb/printthread.php?threadid=6458
graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands via the command parameter, which is provided to the passthru function. Date published : 2005-08-05 http://www.securityfocus.com/bid/3962 http://securitytracker.com/id?1003376
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the...
InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data. Date published : 2005-08-05 http://www.securityfocus.com/bid/4359 http://www.jcraft.com/jzlib/ChangeLog
Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag. Date published : 2005-08-05...
Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content. Date published : 2005-08-05 http://www.securityfocus.com/bid/4334 http://archives.neohapsis.com/archives/bugtraq/2002-03/0267.html
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or...
Buffer overflow in axspawn.c in Axspawn-pam before 0.2.1a allows remote attackers to execute arbitrary code via large packets. Date published : 2005-08-05 http://www.securityfocus.com/bid/3824 http://www.dabo.de/software/axspawn.html
The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets. Date published : 2005-08-05 http://www.securityfocus.com/bid/3852 http://securitytracker.com/id?1003252
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. Date published : 2005-08-05 http://www.securityfocus.com/bid/4405...
Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.webroot...
Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root’s parent, which generates a 403...
The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin. Date published : 2005-08-05 http://www.securityfocus.com/bid/3974...
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel...