Unfixed XSS vulnerability at loading.se
Security researcher Uber0n, has submitted on 05/11/2007 a cross-site-scripting (XSS) vulnerability affecting loading.se, which at the time of submission ranked 116728 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/11/2007. It is currently...
-0.1AI Score
Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:073)
Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via.....
1.4AI Score
0.55EPSS
Microsoft Windows Graphics Rendering Engine EMF File Privilege Escalation Vulnerability
Description Microsoft Windows Graphics Rendering Engine is prone to a local privilege-escalation vulnerability when rendering malformed EMF image files. An attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges, facilitating the complete compromise of affected...
-0.2AI Score
Microsoft Windows Graphics Device Interface Font Rasterizer Local Privilege Escalation Vulnerability
Description Microsoft Windows GDI Font Rasterizer is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain complete control of an affected computer. Failed attempts will likely cause the operating system to crash, resulting in denial-of-service conditions.....
0.1AI Score
Microsoft Windows Cursor And Icon ANI Format Handling Remote Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a stack buffer-overflow vulnerability because of insufficient format validation that occurs when handling malformed ANI cursor or icon files. An attacker can exploit this issue to execute arbitrary code with the privileges of an unsuspecting user. A...
-0.5AI Score
0.343EPSS
[SECURITY] [DSA 1270-2] New OpenOffice.org packages fix several vulnerabilities
Debian Security Advisory DSA 1270-2 [email protected] http://www.debian.org/security/ Martin Schulze March 28th, 2007 http://www.debian.org/security/faq Package : openoffice.org Vulnerability : several Problem type ...
8AI Score
0.55EPSS
Debian DSA-1270-2 : openoffice.org - several vulnerabilities
Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2007-0002 iDefense reported several integer overflow bugs in libwpd, a library for handling...
7.7AI Score
0.55EPSS
remote code execution in OpenOffice_org,libwpd
Several security problems were fixed in the Wordperfect converter library libwpd and OpenOffice_org: Solution There is no known workaround, please install the update...
3.8AI Score
0.55EPSS
[SECURITY] [DSA 1270-1] New OpenOffice.org packages fix several vulnerabilities
Debian Security Advisory DSA 1270-1 [email protected] http://www.debian.org/security/ Martin Schulze March 20th, 2007 http://www.debian.org/security/faq Package : openoffice.org Vulnerability : several Problem type ...
8AI Score
0.55EPSS
Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:064)
iDefense reported several overflow bugs in libwpd. An attacker could create a carefully crafted Word Perfect file that could cause an application linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary code if the file was opened by a victim. OpenOffice.org-2.X contains an...
7.6AI Score
0.211EPSS
[SECURITY] [DSA 1268-1] New libwpd packages fix arbitrary code execution
Debian Security Advisory DSA 1268-1 [email protected] http://www.debian.org/security/ Martin Schulze March 17th, 2007 http://www.debian.org/security/faq Package : libwpd Vulnerability : integer overflow Problem type ...
6.8AI Score
0.211EPSS
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2007:052)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.10. This update provides the latest Thunderbird to correct these...
7AI Score
0.971EPSS
SUSE-SA:2006:040: OpenOffice_org
The remote host is missing the patch for the advisory SUSE-SA:2006:040 (OpenOffice_org). Following security problems were found and fixed in OpenOffice_org: CVE-2006-2198: A security vulnerability in OpenOffice.org may make it possible to inject basic code into documents which is executed upon...
-0.1AI Score
0.021EPSS
Updated glibc packages are being provided to ensure that kernel and user-space tools are in sync. This update also fixes a bug present on x86_64 platforms where strncmp() is...
0.1AI Score
The version of glibc shipped with Mandriva 2007 has a bug that prevents the system from passing the lsb-runtime test suite (T.ttyname_r). This update also includes sparc64 updates and Unicode 5.0...
-0.2AI Score
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:206)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.8. This update provides the latest Thunderbird to correct these...
1AI Score
0.46EPSS
Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:168)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.7. This update provides the latest Firefox to correct these...
0.7AI Score
0.967EPSS
SUSE-SA:2007:001: OpenOffice_org
The remote host is missing the patch for the advisory SUSE-SA:2007:001 (OpenOffice_org). Security problems were fixed in the WMF and Enhanced WMF handling in OpenOffice_org These could potentially be used to execute code or crash OpenOffice when a user could be convinced to open specially crafted.....
-0.3AI Score
0.118EPSS
Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:010)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.9. This update provides the latest Firefox to correct these...
0.9AI Score
0.921EPSS
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:169)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.7. This update provides the latest Thunderbird to correct these...
1AI Score
0.967EPSS
Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:006)
Several integer overflows were discovered in the OpenOffice.org WMF file processor. An attacker could create a carefully crafted WMF file that would cause OpenOffice.org to execute arbitrary code when opened. Updated packages are patched to address this...
0.7AI Score
0.118EPSS
Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:205)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.8. This update provides the latest Firefox to correct these...
0.8AI Score
0.46EPSS
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2007:011)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.9. This update provides the latest Thunderbird to correct these...
7AI Score
0.799EPSS
Re: [Full-disclosure] S21sec-034-en: Cisco VTP DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello - Cisco has posted a Security Response in reference to this issue at the following URL: http://www.cisco.com/warp/public/707/cisco-sr-20070129-vtp.shtml Cisco Response An issue has been reported to the Cisco PSIRT involving malformed VLAN...
-0.2AI Score
Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x allows remote attackers to cause a denial of service by sending crafted TCP traffic to an IPv4 address on the IOS...
6.8AI Score
0.051EPSS
Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD...
7.8AI Score
0.21EPSS
Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing...
6.8AI Score
0.051EPSS
Debian DSA-1246-1 : openoffice.org - buffer overflow
John Heasman from Next Generation Security Software discovered a heap overflow in the handling of Windows Metafiles in OpenOffice.org, the free office suite, which could lead to a denial of service and potentially execution of arbitrary...
0.7AI Score
0.118EPSS
[SECURITY] [DSA 1246-1] New OpenOffice.org packages fix arbitrary code execution
Debian Security Advisory DSA 1246-1 [email protected] http://www.debian.org/security/ Martin Schulze January 8th, 2007 http://www.debian.org/security/faq Package : openoffice.org Vulnerability : buffer overflow Problem...
6.2AI Score
0.118EPSS
code execution in OpenOffice_org
Security problems were fixed in the WMF and Enhanced WMF handling in OpenOffice_org These could potentially be used to execute code or crash OpenOffice when a user could be convinced to open specially crafted document (for instance a document sent by E-mail). Solution There is no known workaround,....
2.7AI Score
0.118EPSS
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:146)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program. Corporate 3 had contained the Mozilla suite however, due to the support cycle for Mozilla, it was felt that upgrading Mozilla to Firefox and Thunderbird would allow for better future.....
-0.7AI Score
0.974EPSS
Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:143-1)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program. Previous updates to Firefox were patch fixes to Firefox 1.0.6 that brought it in sync with 1.0.8 in terms of security fixes. In this update, Mozilla Firefox 1.5.0.6 is being provided...
AI Score
0.974EPSS
[ MDKSA-2006:226 ] - Updated squirrelmail packages fix vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:226 http://www.mandriva.com/security/ Package : squirrelmail Date : December 11, 2006 Affected: Corporate 3.0, Corporate 4.0 Problem Description: Multiple cross-site scripting...
1.2AI Score
0.024EPSS
Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 RC1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the av parameter to (1) msg/view.php, (2) msg/inc_message.php, (3) msg/inc_envoi.php, and (4)...
8AI Score
0.299EPSS
Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 RC1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the av parameter to (1) msg/view.php, (2) msg/inc_message.php, (3) msg/inc_envoi.php, and (4)...
7.6AI Score
0.299EPSS
Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 RC1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the av parameter to (1) msg/view.php, (2) msg/inc_message.php, (3) msg/inc_envoi.php, and (4)...
7.6AI Score
0.299EPSS
Berty Forum <= 1.4 (index.php) Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web...
7.1AI Score
WGCC Beta <= 0.5.6 (quiz.php) Remote SQL InJection Vulnerability
Title : WGCC Beta <= 0.5.6 (quiz.php) Remote SQL InJection Vulnerability Author : ajann Dork : "Web Group Communication Center beta 0.5.6/0.5.5/.." Greetz : Tüm, Müslüman, Aleminin, Ramazan, Bayram., MUBAREK, Olsun -->Login Before Injection [Inject]]]...
0.8AI Score
Active Bulletin Board v1.1 beta2 (doprofiledit.asp) Remote User Pass Change
<html> <body bgcolor="#000000">...
0.4AI Score
Active Bulletin Board <= 1.1b2 Remote User Pass Change Exploit
Exploit for unknown platform in category web...
7.1AI Score
Debian DSA-1104-2 : openoffice.org - several vulnerabilities
Loading malformed XML documents can cause buffer overflows in OpenOffice.org, a free office suite, and cause a denial of service or execute arbitrary code. It turned out that the correction in DSA 1104-1 was not sufficient, hence, another update. For completeness please find the original advisory.....
0.2AI Score
0.021EPSS
Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functions.gb.php, (3)...
7.6AI Score
0.373EPSS
Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functions.gb.php, (3)...
7.5AI Score
0.373EPSS
Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functions.gb.php, (3)...
7.5AI Score
0.373EPSS
-0.1AI Score
7.1AI Score
7.4AI Score
EPSS
PHP remote file inclusion vulnerability in includes/log.inc.php in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled and _SESSION[permission] parameter is set to "yes", allows remote attackers to execute arbitrary PHP code via a URL in the dir_path...
7.9AI Score
0.016EPSS
SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the squadID...
8.2AI Score
0.007EPSS
SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the squadID...
8.1AI Score
0.007EPSS