This update extends the information gathered to include CVE-1999-0516 and CVE-1999-0517 when present in the target.
This update modifies the application version displayed in Quick Information.
This update provides a better documentation for this module.
Music Animation Machine MIDI Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in MAM Player when handling misleading MIDI files. This situation leads to a buffer overflow and allows an attacker to overwrite an SEH Pointer and get control of execution. This vulnerability can be exploited via a specially crafted .mamx file.
FreeFTPd is prone to a buffer overflow when handling an overly long PASS command.
This module exploits a vulnerability in Mozilla Firefox when serializing XML to a DOM object. A certain method used during this process is likely to create a dangling pointer. Remote attackers can take advantage of this memory and use it to execute arbitrary code.
The vulnerability is caused due to an error when handling theme and screensaver files.
The /opt/ws/bin/sblistpack Perl script in Sophos Web Protection Appliance, which can be reached from the web interface, is vulnerable to OS command injection because its get_referers() function does not escape the first argument of the script before using it within a string that will be executed as a command by using backticks.
A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code in the affected appliance with the privileges of the "spiderman" operating system user.
A second vulnerability in the Sophos Web Protection Appliance (an OS command injection in the /opt/cma/bin/clear_keys.pl script, which can be executed by the "spiderman" user with the sudo command without password) allows an attacker who successfully compromised the appliance to escalate privileges from "spiderman" to root.
A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code in the affected appliance with the privileges of the "spiderman" operating system user.
A second vulnerability in the Sophos Web Protection Appliance (an OS command injection in the /opt/cma/bin/clear_keys.pl script, which can be executed by the "spiderman" user with the sudo command without password) allows an attacker who successfully compromised the appliance to escalate privileges from "spiderman" to root.
Siemens Solid Edge SEListCtrlX ActiveX control is prone to an arbitrary memory write vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
This module exploits an unsafe pickle operation of Graphite in order to install an agent.