44 matches found
Microsoft Office CVE-2016-7232 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
KLA10902 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Out-of-bounds read can be exploited remotely via a specially designed...
Oracle: Security Advisory (ELSA-2008-0364)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-7232
Cross-site scripting XSS vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-7232
The CVE-2015-7232 issue affects the OSF for Drupal module (Drupal 7.x) specifically in the 7.x-3.x line prior to 7.x-3.1, when the OSF Ontology module is enabled. The vulnerability is a Cross-Site Scripting (XSS) in unspecified administration pages, allowing remote attackers to inject arbitrary s...
CVE-2014-7232
GE Healthcare Discovery XR656 and XR656 Plus devices are affected by a vulnerability due to default or hard-coded credentials (insite user: 2getin; xruser: 4$xray; root: #superxr). The ICS-CERT advisory enumerates affected products and states that successful exploitation could bypass authenticati...
OSF for Drupal - Critical - Multiple vulnerabilities - SA-CONTRIB-2015-134
The Open Semantic Framework OSF for Drupal is a middleware layer that allows structured data RDF and associated vocabularies ontologies to "drive" tailored tools and data displays within Drupal. The module is vulnerable to reflected Cross Site Scripting XSS because it did not sufficiently filter...
XTACACSD <= 4.1.2 report() Buffer Overflow
No description provided by source. $Id: xtacacsdreport.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Xtacacsd <= 4.1.2 - report Buffer Overflow
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
ESRI ArcGIS未明SQL注入漏洞
CVE ID:CVE-2013-7232 ArcGIS for Server软件平台让用户能够通过网络创建,管理和分发GIS服务,并以服务的形式支撑桌面软件应用,移动终端应用和网络地图应用等。 ArcGIS for Server存在未明SQL注入漏洞,允许远程攻击者利用漏洞提交特制的SQL查询,可操作或获取数据库数据。 漏洞与地图的输入有关。 0 ESRI ArcGIS for Server 10.2 厂商补丁: ESRI ----- 用户可参考如下厂商提供的安全公告获得补丁信息:...
CVE-2013-7232
Summary: CVE-2013-7232 is an SQL injection vulnerability in ESRI ArcGIS for Server up to version 10.2. The flaw allows remote attackers to execute arbitrary SQL commands via input to the map or feature service. Root cause involves unsanitized input being used in SQL queries exposed by the map/fea...
Scientific Linux Security Update : mysql on SL5.x i386/x86_64
"MySQL did not require privileges such as 'SELECT' for the source table in a 'CREATE TABLE LIKE' statement. An authenticated user could obtain sensitive information, such as the table structure. CVE-2007-3781 A flaw was discovered in MySQL that allowed an authenticated user to gain update...
XTACACSD <= 4.1.2 report Buffer Overflow
XTACACSD. CVE-2008-7232. Remote exploit for freebsd platform $Id: xtacacsdreport.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information o...
XTACACSD 4.1.2 Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'XTACACSD %q...
SLES9: Security update for MySQL
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: mysql mysql-Max mysql-client mysql-devel mysql-shared For more information, please visit the referenced security advisories. More details may also be found b...
SLES9: Security update for MySQL
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: mysql mysql-Max mysql-client mysql-devel mysql-shared For more information, please visit the referenced security advisories. More details may also be found b...
SuSE9 Security Update : MySQL (YOU Patch Number 12175)
The database server mySQL was updated to fix two security problems : - MySQL allowed local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are within the MySQL home data directory, which can poin...
CVE-2008-7232
CVE-2008-7232 describes a stack buffer overflow in XTACACSD
Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
Ubuntu Update for Linux kernel vulnerabilities USN-588-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5881.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-588-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...