93 matches found
CVE-2013-5902
CVE-2013-5902 is an unspecified vulnerability in Oracle Java SE 6u65 and 7u45, related to the Deployment component, that could allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. The connected advisories (IBM and F5/Java security bulletins) confirm t...
KLA10511 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting this vulnerability malicious users can affect integrity, confidentiality and availability. This vulnerability can be exploited remotely via an unknown vectors related to 2D, Beans, CORBA, Deployment, Hotspot, Install, JAA...
CVE-2012-5902
The CVE-2012-5902 entry relates to a Cross-site Scripting (XSS) vulnerability in DFLabs PTK 1.0.5, specifically in the file ptk/lib/modal_bookmark.php where arbitrary web script/HTML can be injected via the arg4 parameter. The description consistently identifies the affected component and payload...
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 : krb5 vulnerabilities (USN-940-1)
It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Only Ubuntu 6.06 LTS was affected. CVE-2007-5902,...
USN-924-1: Kerberos vulnerabilities
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. CVE-2010-0629 It was discovered that Kerberos did not correctly free memory ...
openSUSE Security Update : xrdp (xrdp-458)
This update fixes multiple buffer overflows that can be exploited remotely to execute arbitrary code. CVE-2008-5902, CVE-2008-5903, CVE-2008-5904 Additionally xrdp does not register remote session as local anymore. Please note, the previous update was missing the patch. %NASLMINLEVEL 70300 C...
CVE-2008-5902
Buffer overflow in the xrdpbitmapinvalidate function in xrdp/xrdpbitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request...
CVE-2008-5902
CVE-2008-5902 is a buffer overflow in xrdp_bitmap_invalidate() in xrdp
Unfixed XSS vulnerability at uni17.ogame.de
Security researcher kInGoFcHaOs, has submitted on 17/08/2008 a cross-site-scripting XSS vulnerability affecting uni17.ogame.de, which at the time of submission ranked 5902 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/06/2009. It is...
SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4852)
This update fixes multiple vulnerabilities in krb5. It's unlikely that those vulnerabilities can actually be exploited. CVE-2007-5894 / CVE-2007-5902 / CVE-2007-5971 / CVE-2007-5972 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
CVE-2007-5902
CVE-2007-5902 is a Krb5 (MIT Kerberos 5) vulnerability: an integer overflow in svcauth_gss_get_principal (lib/rpc/svc_auth_gss.c) can be triggered by a large GSS client name in an RPC request, reported across multiple advisories (e.g., USN-940-1 / SUSE CVE page). Connected sources indicate mitiga...
CVE-2006-5902
viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...
CVE-2006-5902
The CVE-2006-5902 issue affects the viksoe GMail Drive shell extension. The vulnerability allows remote attackers to perform virtual filesystem actions by sending specially crafted e-mail messages with certain subject lines (e.g., GMAILFS: [13;a;1], which can inject a new file; GMAILFS: [13;a;1] ...