Lucene search
+L

99 matches found

Check Point Advisories
Check Point Advisories
added 2011/09/27 12:0 a.m.11 views

Adobe Reader Image Texture BMP File Memory Corruption (APSB11-24; CVE-2011-2438; CVE-2011-4372)

A remote code execution vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupt BMP resource. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a malicious PDF...

9.3CVSS9.5AI score0.12763EPSS
Exploits1
OpenVAS
OpenVAS
added 2010/12/09 12:0 a.m.28 views

Winamp Multiple Vulnerabilities

This host is installed with Winamp and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwinampmultvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Winamp Multiple Vulnerabilities Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net Th...

9.3CVSS1AI score0.061EPSS
Exploits0References3
NVD
NVD
added 2010/12/02 4:22 p.m.19 views

CVE-2010-4372

Integer overflow in the innsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586...

9.3CVSS6.8AI score0.02836EPSS
Exploits0References3
CVE
CVE
added 2010/12/02 4:0 p.m.46 views

CVE-2010-4372

Winamp (before 5.6) is affected via the in_nsv plugin, with CVE-2010-4372 describing an integer/heap-based overflow in NSV metadata handling that can be triggered by crafted NSV TOC data. Multiple sources corroborate a similar class of vulnerability affecting in_nsv.dll and NSV streams/files, cap...

9.3CVSS7AI score0.02836EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/11/30 12:0 a.m.34 views

Winamp < 5.6 Multiple Vulnerabilities

The remote host is running Winamp, a media player for Windows. The version of Winamp installed on the remote host is earlier than 5.6. Such versions are potentially affected by the following vulnerabilities : - An integer overflow vulnerability exists in the 'innsv.dll' plugin when parsing the...

9.3CVSS5.9AI score0.061EPSS
Exploits0References9
Cvelist
Cvelist
added 2009/12/21 4:0 p.m.26 views

CVE-2009-4372

AlienVault Open Source Security Information Management OSSIM 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary commands via shell metacharacters in the uniqueid parameter to 1 wcl.php, 2 storagegraphs.php, 3 storagegraphs2.php, 4 storagegraphs3.php, a...

7.7AI score0.04819EPSS
Exploits1References11
CVE
CVE
added 2009/12/21 4:0 p.m.47 views

CVE-2009-4372

CVE-2009-4372 affects AlienVault OSSIM 2.1.5 (and possibly earlier versions before 2.1.5-4). It allows remote attackers to execute arbitrary commands via shell metacharacters in the uniqueid parameter to sem/wcl.php, sem/storage_graphs.php, sem/storage_graphs2.php, sem/storage_graphs3.php, and se...

7.5CVSS7.7AI score0.04819EPSS
Exploits1References11Affected Software1
Circl
Circl
added 2009/12/16 12:0 a.m.7 views

CVE-2009-4372

creationtimestamp| type| source ---|---|--- 2009-12-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/10480...

7.5CVSS5.8AI score0.04819EPSS
Exploits1References1
CVE
CVE
added 2008/10/01 3:0 p.m.46 views

CVE-2008-4372

CVE-2008-4372 is an XSS vulnerability in the AvailScript Article Script, specifically in articles.php, exploitable via the aIDS parameter. This allows remote attackers to inject arbitrary web script or HTML. Public references (NVD, CVE lists) list a CVSS v2 base score of 4.3 (Medium) with user in...

4.3CVSS5.7AI score0.0149EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2007/08/16 6:17 p.m.22 views

CVE-2007-4372

Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A...

10CVSS6.2AI score0.01239EPSS
Exploits0References2
Prion
Prion
added 2007/08/16 6:17 p.m.31 views

Stack overflow

Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372...

6CVSS7.9AI score0.05015EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2007/08/16 6:0 p.m.50 views

CVE-2007-4377

CVE-2007-4377 describes a stack-based buffer overflow in the IMAP service of SurgeMail 38k. An authenticated remote attacker can overflow by sending a long argument to the IMAP SEARCH command, potentially leading to arbitrary code execution. Some sources note affected versions older than 3.8k2/3....

6CVSS7.5AI score0.05015EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2007/08/16 6:0 p.m.55 views

CVE-2007-4372

CVE-2007-4372 relates to NetWin SurgeMail 38k on Windows Server 2003 with an unspecified vulnerability and unknown impact/remote vectors per the NVD entry (notes indicate vague advisory origins). Related records also describe CVE-2007-4377 as a separate vulnerability: a stack-based buffer overflo...

10CVSS6.3AI score0.01239EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2006/08/26 9:4 p.m.19 views

CVE-2006-4372

PHP remote file inclusion vulnerability in admin.lurmconstructor.php in the Lurm Constructor component comlurmconstructor 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lmabsolutepath parameter...

7.5CVSS7.6AI score0.02219EPSS
Exploits0References2
Cvelist
Cvelist
added 2006/08/26 1:0 a.m.22 views

CVE-2006-4372

PHP remote file inclusion vulnerability in admin.lurmconstructor.php in the Lurm Constructor component comlurmconstructor 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lmabsolutepath parameter...

7.6AI score0.02219EPSS
Exploits0References2
CVE
CVE
added 2006/08/26 1:0 a.m.48 views

CVE-2006-4372

The CVE-2006-4372 vulnerability affects the Mambo CMS (Lurm Constructor component com_lurm_constructor) version 0.6b and earlier. It allows remote attackers to execute arbitrary PHP code by supplying a URL in the lm_absolute_path parameter, via a PHP remote file inclusion vulnerability. Public re...

7.5CVSS7.9AI score0.02219EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2005/12/20 2:3 a.m.11 views

CVE-2005-4372

Cross-site scripting XSS vulnerability in account.html in Adaptive Website Framework AWF 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References5
CVE
CVE
added 2005/12/20 2:0 a.m.44 views

CVE-2005-4372

The CVE-2005-4372 entry describes a Cross-site scripting (XSS) vulnerability in Adaptive Website Framework (AWF) prior to or including version 2.10, exploitable via the page parameter in account.html. The underlying issue is improper handling of the page value, allowing remote attackers to inject...

4.3CVSS6AI score0.01177EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2005/12/20 2:0 a.m.20 views

CVE-2005-4372

Cross-site scripting XSS vulnerability in account.html in Adaptive Website Framework AWF 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...

5.7AI score0.01177EPSS
Exploits0References5
Rows per page
Query Builder