DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.

Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.

The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.

atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges.

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.

Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.

Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name.

The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.

The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords.

Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands.

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufact...

HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.

Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.

NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.

Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive.

Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a cl...

MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.

The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.

Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack.

Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field.

The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.