Patroklos Argyroudis

#10279of 53,635
26.9Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2011-4394
7.5
2011-10-21
Atcom · Atcom Netvolution · CVE-2011-3340
**Name of the Vulnerable Software and Affected Versions** ATCOM Netvolution version 2.5.8 **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `Referer` HTTP header, potentially leading to unauthorized data access or modification. **Recommendations** For ATCOM Netvolution version 2.5.8, consider restricting access to the SQL database or implementing input validation to prevent malicious SQL commands from being executed. As a temporary workaround, restrict the use of the `Referer` HTTP header to minimize the risk of exploitation.
PT-2011-1650
5.0
2011-01-14
Gif2Apng · Gif2Apng · CVE-2010-4695
**Name of the Vulnerable Software and Affected Versions** gif2png versions 2.5.1 through 2.5.2 **Description** The issue allows remote attackers to create PNG files in unintended directories via a crafted command-line argument. This can be demonstrated by a CGI program that launches gif2png. **Recommendations** For gif2png versions 2.5.1 and 2.5.2, consider restricting access to the command-line interface until a patch is available. As a temporary workaround, avoid using gif2png with untrusted input.
PT-2010-3640
6.9
2010-05-28
Freebsd · Freebsd · CVE-2010-2020
**Name of the Vulnerable Software and Affected Versions** FreeBSD versions 7.2 through 8.1-PRERELEASE **Description** The issue concerns a lack of validation for the length of a certain `fhsize` parameter in the NFS client, specifically in the `sys/nfsclient/nfs vfsops.c` file. This allows local users to gain privileges via a crafted mount request when `vfs.usermount` is enabled. **Recommendations** For FreeBSD versions 7.2 through 8.1-PRERELEASE, consider disabling the `vfs.usermount` option to minimize the risk of exploitation until a patch is available.
PT-2009-5868
7.5
2009-12-08
Corehttp · Corehttp · CVE-2009-3586
**Name of the Vulnerable Software and Affected Versions** CoreHTTP versions 0.5.3.1 and earlier **Description** The issue is caused by an off-by-one error in the src/http.c file, which can be triggered by an HTTP request with a long first line, potentially leading to a buffer overflow. This could result in a denial of service or possibly allow remote attackers to execute arbitrary code. **Recommendations** For CoreHTTP versions 0.5.3.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.