Microsoft Windows Kernel GDI Data Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. This issue affects the Graphics Device Interface GDI. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result ...

Microsoft SQL Server CONVERT Function Buffer Overflow (MS08-040; CVE-2008-0086)

Microsoft SQL Server is a relational database management system RDBMS. Microsoft SQL Server uses Transact-SQL T-SQL, a proprietor extension to Structured Query Language SQL, for querying and modifying data and managing databases. SQL Server can be remotely accessed via the Tabular Data Stream TDS...

Microsoft Security Bulletin MS09-062 - Critical Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Microsoft Security Bulletin MS09-062 - Critical Vulnerabilities in GDI+ Could Allow Remote Code Execution 957488 Published: October 13, 2009 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These...

Jive Software Openfire Jabber Server SQL Injection (CVE-2008-6509)

Openfire previously known as Wildfire Server is an open source Jabber/XMPP server written in Java. Jabber is an open instant messaging technology that is maintained by the community. Extensible Messaging and Presence Protocol XMPP is an open, XML-inspired protocol originally aimed at...

VideoLAN VLC Media Player XSPF Memory Corruption (CVE-2008-4558)

VLC media player is an open source multimedia player. It can play many audio and video formats MPEG, DivX, ogg, Wave etc. as well as various streaming protocols. It is highly portable and available for multiple platforms. Support for various formats is implemented in the form of plugins bundled...

[PT-2009-05] CA Internet Security Suite Denial of Service Vulnerability

---------------------------------------------------------------------- PT-2009-05 Positive Technologies Security Advisory CA Internet Security Suite Denial of Service Vulnerability ---------------------------------------------------------------------- --- Affected Software CA Internet Security...

Mandrake Security Advisory MDVSA-2009:178 (squid)

The remote host is missing an update to squid announced via advisory MDVSA-2009:178. OpenVAS Vulnerability Test $Id: mdksa2009178.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:178 squid Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandrake Security Advisory MDVSA-2009:161-1 (squid)

The remote host is missing an update to squid announced via advisory MDVSA-2009:161-1. OpenVAS Vulnerability Test $Id: mdksa20091611.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:161-1 squid Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Microsoft Windows AVI File Data Validation Integer Overflow (MS09-038; CVE-2009-1546)

Audio Video Interleave AVI is a special case of Resource Interchange File Format RIFF. This file type used with applications that capture, edit, and play back audio-video sequences. The vulnerability is due to an error in the Windows component responsible for processing AVI files that does not...

Mandrake Security Advisory MDVSA-2009:161 (squid)

The remote host is missing an update to squid announced via advisory MDVSA-2009:161. OpenVAS Vulnerability Test $Id: mdksa2009161.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:161 squid Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandrake Security Advisory MDVSA-2009:161 (squid)

The remote host is missing an update to squid announced via advisory MDVSA-2009:161. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

squid -- several remote denial of service vulnerabilities

Squid security advisory 2009:2 reports: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when...

Mandriva Linux Security Advisory : mysql (MDVSA-2008:149)

Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user wit...

PGP Desktop Local Denial of Service Vulnerability

PGP Desktop is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Yxbbs3. 0 two injection vulnerabilities-vulnerability warning-the black bar safety net

Posted:Xiaoqiang Affected version: Yxbbs3. 0 Vulnerability description: yxbbs at the time of user registration, real-time detection of whether the user name already exists and the user name is legitimate, however the service end at the time of detection, the user-submitted data validation is not...

趋势科技Internet Security tmactmon.sys驱动本地权限提升漏洞

UGTRAQ ID: 34304 CVECAN ID: CVE-2009-0686 趋势科技的Internet Security是一套可适合保护家庭用户多台计算机的网络安全产品。 Internet Security的tmactmon.sys驱动的IOCTL处理器对IOCTL调用使用了METHODNEITHER通讯方式，但没有正确地验证Irp对象相关的缓冲区数据，这允许本地用户获得SYSTEM权限。 Trend Micro Internet Security Pro 2009 Trend Micro Internet Security Pro 2008 Trend Micro Intern...

phpads 2.0 - Multiple Vulnerabilities

Vendor: http://blondish.net Versions: PHPAds 2.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=8 ---- First, we need to acquire administrative access. We point our browser at...

Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Win

Mozilla Firefox browser is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Silentum Uploader 1.4.0 File Deletion

Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-side data, we can alter the path of files to be...

Silentum Uploader 1.4.0 - Remote File Deletion

Silentum Uploader 1.4.0 - Remote File Deletion Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-si...