[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252212

 
 

909

 
 

196748

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251022 Download | Alert*

Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages.

Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name.

Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.

Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities.

The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.

PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.

Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows remote attacker to execute arbitrary code and cause a denial of service via a long HTTP request.

Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results.

faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00).

The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and execute arbitrary code via crafted recursive multipart MIME attachments.


Pages:      Start    15162    15163    15164    15165    15166    15167    15168    15169    15170    15171    15172    15173    15174    15175    ..   25102

© SecPod Technologies