Page 3 of 12 results (0.002 seconds)

CVSS: 7.5EPSS: 3%CPEs: 86EXPL: 0

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. • http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml http://www.linuxcompatible.org/print42495.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:054 http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html http://www.securityfocus.com/bid/11347 https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171 https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type •

CVSS: 4.3EPSS: 1%CPEs: 23EXPL: 0

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados en start_form() de CGI.pm permite a atacantes remotos insertar script web mediante una URL que es introducida en parámetro "action" del formulario. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000713 http://marc.info/?l=bugtraq&m=105880349328877&w=2 http://marc.info/?l=bugtraq&m=106018783704468&w=2 http://marc.info/?l=full-disclosure&m=105875211018698&w=2 http://secunia.com/advisories/13638 http://securitytracker.com/id? •