5836 matches found
CVE-2011-1016
CVE-2011-1016 concerns the Linux kernel Radeon GPU drivers and their DRM subsystem. The affected component is the Radeon GPU driver (radeon/kms) in kernels before 2.6.38-rc5, where data related to the AA resolve registers was not properly validated. This could allow a local user to write to arbit...
CVE-2010-4195
The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors...
Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)
This host is missing a critical security update according to Microsoft Bulletin MS11-011. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Citrix Access Gateway - Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Citrix Access Gateway Command Injection Vulnerability Release Date: 2010-12-21 Application: Citrix Access...
Microsoft Graphics Filters TIFF Image Converter Heap Overflow (MS10-105; CVE-2010-3947)
Tagged Image File Format TIFF is a container format for storing images, including photographs and line art. A remote code execution vulnerability has been discovered in the way that Microsoft Office parses specially crafted TIFF image files. The vulnerability is due to an error in Microsoft Offic...
CA Multiple Products Alert Notification Server Buffer Overflow (CVE-2007-4620)
Computer Associates, or CA, develop and sell various software to enterprise users. Some CA products, such as Threat Manager, Protection Suites, and BrightStor ARCserve Backup, share a set of common components. One of these common component is Alert Notification Server. This component runs as a...
Paypal.com Cross Site Scripting
https://www.paypal.com | HTTP Header Injection | Cross Site Scripting XSS | CAPEC-34 | CWE-79 Hoyt LLC - October 28, 2010 http://cloudscan.blogspot.com | http://cloudscan.me https://www.paypal.com | HTTP Header Injection | Cross Site Scripting XSS Tested on IE8, Chrome, Firefox. The affected URL'...
Mozilla Firefox SeaMonkey 3.6.10 Thunderbird 3.1.4 - document.write Memory Corruption
Mozilla Firefox SeaMonkey 3.6.10 Thunderbird 3.1.4 - document.write Memory Corruption source: https://www.securityfocus.com/bid/44247/info Mozilla Firefox, Thunderbird, and Seamonkey are prone to a memory-corruption vulnerability because they fail to adequately validate user-supplied data...
CA BrightStor ARCserve Backup Tape Engine Service Buffer Overflow
Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration and Threat Management. There exists a...
Microsoft Office Word RTF Parsing Engine Memory Corruption
Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...
Microsoft Office Word RTF Parsing Engine Memory Corruption
Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...
CA BrightStor ARCserve Backup Tape Engine RPC GetGroupStatus Buffer Overflow (CVE-2006-6917)
Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. There exists a...
Microsoft Word RTF Parsing Engine Memory Corruption (MS10-056; CVE-2010-1901)
Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to insufficient data validation by Microsoft Office Word when handling rich text data. A remote attacker could trigger this flaw by convincin...
Microsoft Word RTF Data Parsing Buffer Overflow (MS10-056; CVE-2010-1902)
Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to insufficient data validation by Microsoft Office Word when handling rich text data. A remote attacker could trigger this flaw by convincin...
AdPeeps 'index.php' Multiple Vulnerabilities.
AdPeeps is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CA BrightStor ARCserve Backup Tape Engine RPC ReserveGroup Buffer Overflow (CVE-2006-6917)
Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. There exists a...
CVE-2010-2630
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service application crash via a crafted file, a different vulnerability than...
NTSOFT BBS E-Market Professional Cross Site Scripting
+================================================================================================+ + NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil code + +================================================================================================+ Authors: Ivan Sanchez...
CVE-2010-0484
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to...
Input validation
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to...