64 matches found
CVE-2012-6166
CVE-2012-6166 entry is rejected/not used; does not represent an active vulnerability.
IBM WebSphere Application Server 8.5.5.x < 8.5.5.4 Multiple Vulnerabilities
Binary data 700046.prm...
IBM WebSphere Application Server 7.0.0.x < 7.0.0.35 Multiple Vulnerabilities
Binary data 700044.prm...
IBM WebSphere Application Server 8.0.0.x < 8.0.0.10 Multiple Vulnerabilities
Binary data 700045.prm...
CVE-2015-6166
Microsoft Silverlight 5 prior to 5.1.41105.00 is affected by CVE-2015-6166 due to improper handling of certain open/close requests, enabling remote code execution or, per the CVE, a denial of service via out-of-bounds read/write access. Severity is high (CVSS 9.3). Affected product: Silverlight 5...
KLA10717 Multiple vulnerabilities in Microsoft Silverlight
Multiple serious vulnerabilities have been found in Microsoft Silverlight. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper requests handling can be exploited remotely via a special...
MS15-129: Security Update for Silverlight to Address Remote Code Execution (3106614)
The version of Microsoft Silverlight installed on the remote Windows host is affected by the following vulnerabilities : - Multiple information disclosure vulnerabilities exist due to a failure to properly handle objects in memory. An attacker can exploit these issues, via crafted Silverlight...
CVE-2014-6166
CVE-2014-6166 affects IBM WebSphere Application Server: CEA service XXE vulnerability that could expose sensitive data when processing XML. Affected: WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4; Feature Pack for CEA 1.x before 1.0.0.15. Root cause is XML External E...
CVE-2014-6166
The Communications Enabled Applications CEA service in IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4, and Feature Pack for CEA 1.x before 1.0.0.15, allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entit...
MacOS X QuickTime RTSP Content-Type Overflow
No description provided by source. $Id: quicktimertspcontenttype.rb 10617 2010-10-09 06:55:52Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
CVE-2013-6166
CVE-2013-6166 affects Google Chrome pre-29. The issue arises when Chrome sends HTTP Cookie headers without validating that cookies meet character-set restrictions, enabling a remote attacker to trigger a persistent Logout CSRF-like effect by crafting a parameter that causes a web app to set a mal...
CVE-2013-6166
creationtimestamp| type| source ---|---|--- 2013-04-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38420...
SuSE 10 Security Update : evolution-data-server (ZYPP Patch Number 6166)
camel's NTLM SASL authentication mechanism as used by evolution did not properly validate server's challenge packets. CVE-2009-0582 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Fedora Core 11 FEDORA-2009-6166 (webkitgtk)
The remote host is missing an update to webkitgtk announced via advisory FEDORA-2009-6166. OpenVAS Vulnerability Test $Id: fcore20096166.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-6166 webkitgtk Authors: Thomas Reinke Copyright: Copyright c 200...
CVE-2008-6166
CVE-2008-6166 is an SQL injection vulnerability affecting the Joomla! KBase (com_kbase) 1.2 component. The flaw allows remote attackers to inject arbitrary SQL via the id parameter in an article action to index.php, enabling potential data exposure or modification. The linked references indicate ...
CVE-2008-6166
creationtimestamp| type| source ---|---|--- 2008-10-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6827...
Gentoo Security Advisory GLSA 200803-08 (win32codecs)
The remote host is missing updates announced in advisory GLSA 200803-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2007-6166
creationtimestamp| type| source ---|---|--- 2008-07-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6013 2010-01-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/11027 2010-05-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16424 2010-10-09...
Information disclosure
Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organizati...
QuickTime RTSP Content-Type header buffer overflow
Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...