Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...

Microsoft Windows kernel fails to reset values in CPU data structures

Overview A vulnerability in the Microsoft Windows kernel could allow an attacker to cause a denial-of-service condition. Description The Microsoft Windows kernel is responsible for handling processor resources and system services such as device and memory management. There is a vulnerability in t...

Macromedia JRun Server insecurely generates and handles JSESSIONIDs

Overview A vulnerability exists in Macromedia JRun that may allow an attacker to gain access to an authenticated user's session. Description Macromedia JRun is an application server that works with most popular web servers such as Apache and IIS. Macromedia states that JRun is deployed at over...

Apache vulnerable to buffer overflow when expanding environment variables

Overview There is a buffer overflow vulnerability in apresolveenv function of Apache that could allow a local user to gain elevated privileges. Description The Apache HTTP Server is a freely available web server that runs on a variety of operating systems including Unix, Linux, and Microsoft...

Microsoft Office WordPerfect 5.x Converter contains a buffer overflow vulnerability

Overview A buffer overflow vulnerability in the Microsoft Office WordPerfect 5.x Converter could allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Office WordPerfect 5.x Converter allows users to convert documents in WordPerfect format to Microsof...

Microsoft Windows GDI+ contains a buffer overflow vulnerability in the JPEG parsing component

Overview A buffer overflow vulnerability in the Microsoft Windows GDI+ JPEG parsing component could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows Graphics Device Interface GDI+ is an application programming interface API that provides...

Oracle Enterprise Manager contains several vulnerabilities

Overview Several vulnerabilities exist in the Oracle Enterprise Manager. According the the Oracle Security Alert, exploitation of these vulnerabilities would require the attacker to have a valid operating system user account on the Enterprise Manager host. Description The Oracle Enterprise Manage...

August 2004 Security Advisory

August 2004 Security Advisory August 12th, 2004 Background There is a path-sanitizing bug that affects daemon mode in all recent rsync versions including 2.6.2 but only if chroot is disabled. It does NOT affect the normal send/receive filenames that specify what files should be transferred this i...

Microsoft Internet Explorer contains an integer overflow in the processing of bitmap files

Overview A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer IE is a web browser. An integer overflow vulnerability has been discovered in the way that Internet Explorer processes...

Microsoft Windows HTML Help component fails to properly validate input data

Overview There is a vulnerability in the HTML Help component of Microsoft Windows that could allow an attacker to execute arbitrary code on an affected system. Description Microsoft HTML Help provides a standard help system for the Windows operating system. There is a vulnerability in the way...

Perl vulnerable to buffer overflow in win32_stat()

Overview A flaw in a standard function in some Perl distributions could allow an attacker to execute arbitrary code on the vulnerable system. Description The stat Perl function, similar to the standard C stat function, returns a list giving the status info for a file. Since the stat function is...

Multiple Symantec firewall products fail to properly process DNS response packets

Overview There is a vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted Domain Name Service DNS response packet could allow an unauthenticated, remote attacker to cause a denial of service condition. Description Symantec offers a suite of corporat...

PT-2004-1176 · Microsoft · Windows Xp

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP version SP1 Description: The issue concerns the Help and Support Center in Microsoft Windows XP, which fails to properly validate HCP URLs. This allows remote attackers to execute arbitrary code by using quotation marks i...

Sun Solaris contains a vulnerability in the tcsetattr() library function

Overview A vulnerability in the Sun Solaris tcsetattr library function could allow a unprivileged local user to cause the system to hang. Description Sun Solaris uses a tcsetattr library function to set the parameters associated with the terminal. There is an unspecified vulnerability in the...

util-linux login program discloses sensitive information

Overview util-linux login program uses a pointer that was previously freed and reallocated which could allow an attacker to gain access to sensitive information. Description util-linux is shipped with Red Hat and numerous other Linux distributions. It contains a collection of utility programs, su...

Oracle Application Server Web Cache contains heap overflow vulnerability

Overview Oracle Application Server Web Cache contains a heap overflow vulnerability in the handling of client requests that could result in arbitrary code execution. Description The Oracle Web Cache acts as a reverse proxy, caching static and dynamic content generated from Oracle Application web...

Apple Mac OS X "cd9660.util" buffer overflow

Overview A component utility in Apple's Mac OS X operating system suffers from a buffer overflow vulnerability in its handling of command-line arguments. This vulnerability could allow a local attacker to gain elevated privileges on the vulnerable system. Description Apple's Mac OS X operating...

FreeBSD fails to limit number of TCP segments held in reassembly queue

Overview FreeBSD fails to limit the number of TCP segments held in a reassembly queue which could allow an attacker to exhaust all available memory buffers mbufs on the destination system resulting in a denial-of-service condition. Description The Transmission Control Protocol TCP is part of the...

Apple Mac OS X Safari fails to properly display URLs in the status bar

Overview Apple Mac OS X Safari fails to properly display URLs in the status bar. Description Safari is a web browser for the Macintosh platform. There is an unspecified vulnerability in the way Safari displays URLs in the status bar. --- Impact The complete impact of this vulnerability is not yet...

Sun Solaris allows unprivileged local user to load arbitrary kernel modules

Overview Sun Solaris allows an unprivileged local user to load arbitrary kernel modules. Description Sun Solaris supports loadable kernel modules LKMs. LKMs are pieces of code that can be dynamically loaded and unloaded into the kernel. Sun Solaris contains a vulnerability that could allow an...