Argument injection vulnerability in the URI handler in Java Deployment Toolkit allows remote attackers to execute arbitrary code via the -J argument to javaws.exe, which is processed by the launch method.
This module exploits a remote buffer overflow in the streamprocess.exe service included in the Citrix Provisioning Services application by sending a malformed packet to the 6905/UDP port.
This module adds support for Windows 2003.
This module adds support for Windows 2003.
The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow.
This vulnerability exists within the handling of MixerSequencer objects. When this object is used to play a MIDI file, the GM_Song structure is populated with song data. In particular, it stores a integer value from the file and uses it later as an index into an array of function pointers. If this value is over 128 the process can be made to call a pointer outside the array.
This module exploits a remote buffer overflow in the Motorola Netopia netOctopus SDCS server service.
The vulnerability exists within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifies the number of bytes that follow. This value is not validated, and is then used to read data into a fixed-size stack buffer. This results in an exploitable stack buffer overflow.
The vulnerability exists within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifies the number of bytes that follow. This value is not validated, and is then used to read data into a fixed-size stack buffer. This results in an exploitable stack buffer overflow.
The CA iGateway component, contains a buffer overflow vulnerability due to improper bounds checking on HTTP GET requests by the iGateway component when debug mode is enabled.
The CmdProcessor.exe service of Trend Micro Control Manager is prone to a stack-based buffer overflow, which can be exploited by remote unauthenticated attackers to execute arbitrary code by sending a specially crafted IPC packet to the vulnerable service.
This module exploits a heap overflow in Windows Media Player (winmm.dll) when handling a specially crafted MIDI file.
A denial of service vulnerability has been found in the way the multiple
overlapping ranges are handled by the Apache HTTPD server.
This update fixes an issue when launching the module from an agent running
in a Linux system.
overlapping ranges are handled by the Apache HTTPD server.
This update fixes an issue when launching the module from an agent running
in a Linux system.
SlimFTPd server is prone to a stack buffer overflow when sending a LIST command with an overly-long argument. The attacker needs to be authenticated, so a successful login is required for the exploit to work.