CVE-2006-3964
published 2006-08-01CVE-2006-3964: PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.27%
80.9th percentile
PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| banex | banex | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2008-01-28·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
Common Vulnerabilities and Exposures assigned an identifier CVE-2005-3964 to the following vulnerability:
Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
References:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2
http://www.securityfocus.com/archive/1/archive/1/418459/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2006-0272.html
http://www.securityfocus.com/bid/15684
http://www.securityfocus.com/bid/15686
http://www.frsirt.com/english/advisories/2005/2709
http://securitytracker.com/id?1015303
http://xforce.iss.
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2006-02-07·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
Fixed in RHSA-2006-0272.
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2005-12-02·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
openmotif libUil buffer overflows
http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2
xfocus have discovered two buffer overflow flaws in openmotif's libUil
library. This overflow is going to depend on how a motif application
is passing data into the UIL library.
This issue also affects FC3
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0272.html
---
I can see where this issue has been
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows
bugzilla·2005-12-02·CVSS 7.5
CVE-2005-3964 [HIGH] CVE-2005-3964 openmotif libUil buffer overflows
CVE-2005-3964 openmotif libUil buffer overflows
openmotif libUil buffer overflows
http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2
xfocus have discovered two buffer overflow flaws in openmotif's libUil
library. This overflow is going to depend on how a motif application
is passing data into the UIL library.
This issue also affects RHEL3
This issue also affects RHEL2.1
Discussion:
Created attachment 124061
CVE-2005-3964 libUil patch
---
Fixed in RHSA-2006-0272.
2006-08-01
Published