99 matches found
Adobe Reader Image Texture BMP File Memory Corruption (APSB11-24; CVE-2011-2438; CVE-2011-4372)
A remote code execution vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupt BMP resource. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a malicious PDF...
Winamp Multiple Vulnerabilities
This host is installed with Winamp and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwinampmultvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Winamp Multiple Vulnerabilities Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net Th...
CVE-2010-4372
Integer overflow in the innsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586...
CVE-2010-4372
Winamp (before 5.6) is affected via the in_nsv plugin, with CVE-2010-4372 describing an integer/heap-based overflow in NSV metadata handling that can be triggered by crafted NSV TOC data. Multiple sources corroborate a similar class of vulnerability affecting in_nsv.dll and NSV streams/files, cap...
Winamp < 5.6 Multiple Vulnerabilities
The remote host is running Winamp, a media player for Windows. The version of Winamp installed on the remote host is earlier than 5.6. Such versions are potentially affected by the following vulnerabilities : - An integer overflow vulnerability exists in the 'innsv.dll' plugin when parsing the...
CVE-2009-4372
AlienVault Open Source Security Information Management OSSIM 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary commands via shell metacharacters in the uniqueid parameter to 1 wcl.php, 2 storagegraphs.php, 3 storagegraphs2.php, 4 storagegraphs3.php, a...
CVE-2009-4372
CVE-2009-4372 affects AlienVault OSSIM 2.1.5 (and possibly earlier versions before 2.1.5-4). It allows remote attackers to execute arbitrary commands via shell metacharacters in the uniqueid parameter to sem/wcl.php, sem/storage_graphs.php, sem/storage_graphs2.php, sem/storage_graphs3.php, and se...
CVE-2009-4372
creationtimestamp| type| source ---|---|--- 2009-12-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/10480...
CVE-2008-4372
CVE-2008-4372 is an XSS vulnerability in the AvailScript Article Script, specifically in articles.php, exploitable via the aIDS parameter. This allows remote attackers to inject arbitrary web script or HTML. Public references (NVD, CVE lists) list a CVSS v2 base score of 4.3 (Medium) with user in...
CVE-2007-4372
Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A...
Stack overflow
Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372...
CVE-2007-4377
CVE-2007-4377 describes a stack-based buffer overflow in the IMAP service of SurgeMail 38k. An authenticated remote attacker can overflow by sending a long argument to the IMAP SEARCH command, potentially leading to arbitrary code execution. Some sources note affected versions older than 3.8k2/3....
CVE-2007-4372
CVE-2007-4372 relates to NetWin SurgeMail 38k on Windows Server 2003 with an unspecified vulnerability and unknown impact/remote vectors per the NVD entry (notes indicate vague advisory origins). Related records also describe CVE-2007-4377 as a separate vulnerability: a stack-based buffer overflo...
CVE-2006-4372
PHP remote file inclusion vulnerability in admin.lurmconstructor.php in the Lurm Constructor component comlurmconstructor 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lmabsolutepath parameter...
CVE-2006-4372
PHP remote file inclusion vulnerability in admin.lurmconstructor.php in the Lurm Constructor component comlurmconstructor 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lmabsolutepath parameter...
CVE-2006-4372
The CVE-2006-4372 vulnerability affects the Mambo CMS (Lurm Constructor component com_lurm_constructor) version 0.6b and earlier. It allows remote attackers to execute arbitrary PHP code by supplying a URL in the lm_absolute_path parameter, via a PHP remote file inclusion vulnerability. Public re...
CVE-2005-4372
Cross-site scripting XSS vulnerability in account.html in Adaptive Website Framework AWF 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2005-4372
The CVE-2005-4372 entry describes a Cross-site scripting (XSS) vulnerability in Adaptive Website Framework (AWF) prior to or including version 2.10, exploitable via the page parameter in account.html. The underlying issue is improper handling of the page value, allowing remote attackers to inject...
CVE-2005-4372
Cross-site scripting XSS vulnerability in account.html in Adaptive Website Framework AWF 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...