RSS   Vulnerabilities for 'Capi4hylafax'   RSS

2006-09-05
 
CVE-2006-3126

 

 
c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number.

 
2006-03-14
 
CVE-2006-1231

CWE-Other
 

 
CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a symlink attack on the c2faxrecv_dbgdatafile.sff temporary file.

 

 >>> Vendor: Julian pawlowski 2 Products
Capi4hylafax
Lulieblog


Copyright 2024, cxsecurity.com

 

Back to Top