NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to bypass security protections and configure privileged options via a long argument to ncpmon.exe, which provides access to alternate...
Client Firewall in NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to bypass firewall program execution rules by replacing an allowed program with an arbitrary program. Date...
Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1) long locale environment variables to a strcpy function call in c_locale_glibc2.c and (2) long arguments to unspecified functions...
SQL injection vulnerability in vuBB 0.2 allows remote attackers to execute arbitrary SQL commands via the pass parameter in a cookie. Date published : 2006-03-02 http://www.securityfocus.com/bid/16930 https://www.exploit-db.com/exploits/1543
SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that...
uConfig agent in Compex NetPassage WPE54G router allows remote attackers to cause a denial of service (unresposiveness) via crafted datagrams to UDP port 7778. Date published : 2006-03-02 http://www.securityfocus.com/bid/16894 http://www.security.nnov.ru/Ldocument605.html
SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie....
Cross-site scripting (XSS) vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) subject parameters. Date published : 2006-03-02 http://www.securityfocus.com/bid/16877...
Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to execute arbitrary PHP code via the (1) X-Forwarded-For and (2) Client-Ip HTTP headers, which are stored in Data/flood.db.php....
nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server. Date published...
automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with...
IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions"....
Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user...
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules. Date published...