CVE-2008-3365 – PixelPost 1.7.1 - 'language_full' Local File Inclusion
https://notcve.org/view.php?id=CVE-2008-3365
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter. Vulnerabilidad de salto de directorio en index.php en Pixelpost 1.7.1 sobre Windows, cuando "register_globals" está activado, permite a atacantes remotos incluir y ejecutar archivos locales a través de .. (punto punto) en el parámetro "languaje_full". • https://www.exploit-db.com/exploits/6150 http://secunia.com/advisories/31239 http://securityreason.com/securityalert/4062 http://www.pixelpost.org/blog/2008/07/27/pixelpost-171-security-patch http://www.securityfocus.com/archive/1/494817/100/0/threaded http://www.securityfocus.com/bid/30397 http://www.vupen.com/english/advisories/2008/2207/references https://exchange.xforce.ibmcloud.com/vulnerabilities/44031 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2008-0927 – Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers Denial of Service
https://notcve.org/view.php?id=CVE-2008-0927
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777. El archivo dhost.exe en Novell eDirectory versión 8.7.3 anterior a las versiones sp10 y 8.8.2 permite a los atacantes remotos provocar una denegación de servicio (consumo de CPU) por medio de una petición HTTP con (1) varios encabezados de conexión o (2) un encabezado de conexión con varios valores separados por comas. NOTA: esta vulnerabilidad podría ser similar a CVE-2008-1777. Novell eDirectory versions below 8.7.3 SP 10 and versions below 8.8.2 suffer from a denial of service related vulnerability. • https://www.exploit-db.com/exploits/5547 http://secunia.com/advisories/29805 http://www.novell.com/support/viewContent.do?externalId=3829452&sliceId=1 http://www.securityfocus.com/archive/1/491622/100/0/threaded http://www.securityfocus.com/bid/28757 http://www.securitytracker.com/id?1019836 http://www.vupen.com/english/advisories/2008/1217/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41787 • CWE-399: Resource Management Errors •
CVE-2007-6026 – Microsoft Jet Engine - '.MDB' File Parsing Stack Overflow
https://notcve.org/view.php?id=CVE-2007-6026
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. Un desbordamiento del búfer en la región stack de la memoria en Microsoft msjet40.dll versión 4.0.8618.0 (también se conoce como Microsoft Jet Engine), como es usado por Access 2003 en Microsoft Office 2003 SP3, permite a atacantes asistidos por el usuario ejecutar código arbitrario por medio de un archivo de base de datos de archivos MDB que contiene una estructura de columnas con un conteo de columnas modificado. NOTA: este podría ser el mismo problema que CVE-2005-0944. • https://www.exploit-db.com/exploits/4625 http://dvlabs.tippingpoint.com/advisory/TPTI-08-04 http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://ruder.cdut.net/blogview.asp?logID=227 http://securityreason.com/securityalert/3376 http://www.kb.cert.org/vuls/id/936529 http://www.securityfocus.com/archive/1/483797/100/0/threaded http://www.securityfocus.com/archive/1/483858/100/100/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-0050
https://notcve.org/view.php?id=CVE-2005-0050
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability." • http://www.kb.cert.org/vuls/id/130433 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/19101 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2568 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3582 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A47 • CWE-20: Improper Input Validation •
CVE-2004-1080 – Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045)
https://notcve.org/view.php?id=CVE-2004-1080
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." El servicio WINS (wins.exe) de Microsoft Windows NT Server 4.0, Windows 2000 Server y Windows Server 2003 permite a atacantes remotos escribir localizaciones de memoria arbitrarias y posiblemente ejecutar código arbitrario mediante un puntero de memoria modificado en un paquete de replicación WINS al puerto TCP 42. • https://www.exploit-db.com/exploits/909 https://www.exploit-db.com/exploits/16359 http://marc.info/?l=bugtraq&m=110150370506704&w=2 http://secunia.com/advisories/13328 http://securitytracker.com/id?1012516 http://support.microsoft.com/kb/890710 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.immunitysec.com/downloads/instantanea.pdf http://www.kb.cert.org/vuls/id/145134 http://www.osvdb.org/12378 http://www.securityfocus.com/bid/11763 http:// •