CVE-2005-0272
published 2005-05-02CVE-2005-0272: ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.66%
83.8th percentile
ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| photopost | reviewpost_php_pro | <= 2.5.1 | — |
| photopost | reviewpost_php_pro | — | — |
| photopost | reviewpost_php_pro | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2008-01-28·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
Common Vulnerabilities and Exposures assigned an identifier CVE-2005-3964 to the following vulnerability:
Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
References:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2
http://www.securityfocus.com/archive/1/archive/1/418459/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2006-0272.html
http://www.securityfocus.com/bid/15684
http://www.securityfocus.com/bid/15686
http://www.frsirt.com/english/advisories/2005/2709
http://securitytracker.com/id?1015303
http://xforce.iss.
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2006-02-07·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
Fixed in RHSA-2006-0272.
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2005-12-02·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
openmotif libUil buffer overflows
http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2
xfocus have discovered two buffer overflow flaws in openmotif's libUil
library. This overflow is going to depend on how a motif application
is passing data into the UIL library.
This issue also affects FC3
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0272.html
---
I can see where this issue has been
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2005-12-02·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
openmotif libUil buffer overflows
http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2
xfocus have discovered two buffer overflow flaws in openmotif's libUil
library. This overflow is going to depend on how a motif application
is passing data into the UIL library.
This issue also affects RHEL3
This issue also affects RHEL2.1
Discussion:
Created attachment 124061
CVE-2005-3964 libUil patch
---
Fixed in RHSA-2006-0272.
http://marc.info/?l=bugtraq&m=110485682424110&w=2http://secunia.com/advisories/13697/http://www.gulftech.org/?node=research&article_id=00062-01022005https://exchange.xforce.ibmcloud.com/vulnerabilities/18735http://marc.info/?l=bugtraq&m=110485682424110&w=2http://secunia.com/advisories/13697/http://www.gulftech.org/?node=research&article_id=00062-01022005https://exchange.xforce.ibmcloud.com/vulnerabilities/18735
2005-05-02
Published