Adobe Flash Player Buffer Overflow (APSB15-04: CVE-2015-0324)

A heap buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a buffer overflow while handling specially crafted SWF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

MGASA-2014-0465 Updated srtp package fixes security vulnerability

Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol SRTP, in how the cryptopolicysetfromprofileforrtp function applies cryptographic profiles to an srtppolicy. A remote attacker could...

Server: Session Fixation

Due to authenticating a user without invalidating any existing session identifier an attacker has the opportunity to steal authenticated sessions. A successful exploit requires that PHP is configured to accept session parameters via GET. For more information please consult the official advisory...

Simple one-file gallery gallery.php f Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22700/info Simple one-file gallery is prone to multiple input-validation vulnerabilities, including a local file-include issue and a cross-site scripting issue. An attacker can exploit these issues to steal cookie-based...

Digium Asterisk File Descriptor Invalid Headers Syntax Denial of Service (CVE-2014-2287)

A denial of service condition has been reported in Digium Asterisk. The vulnerability is due to file descriptor exhaustion from a large number of invalid SIP INVITE requests. A remote attacker can exploit this vulnerability to cause a denial of service condition...

Adobe Flash Player Same Origin Security Bypass (APSB14-08; CVE-2014-0503)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the way Adobe Flash Player handles URLs within HTML files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted HTML file...

Adobe Flash Player Memory Corruption (APSB13-26; CVE-2013-5330)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

Basilic diff.php Arbitrary Command Execution (CVE-2012-3399)

The vulnerability is due to lack of input verification in the affected function A remote attacker can exploit this issue by sending a specially crafted script to the target. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands as the www-data...

AIX 5.3 TL 0 : at (IZ43453)

The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following file is vulnerable : /usr/bin/at. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the...

MySQLDumper 1.24.4 - 'sql.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multiple cross-site request-forgery vulnerabilities. 4. Multiple...

Ubuntu Update for linux-lts-backport-natty USN-1337-1

Ubuntu Update for Linux kernel vulnerabilities USN-1337-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13371.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-lts-backport-natty USN-1337-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...

PSF-2010-6 smtpd accept bug and race condition

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to condu...

CVE-2010-0793

Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted CC: header...

Microsoft Office Project Memory Validation Remote Code Execution (MS09-074; CVE-2009-0102)

Microsoft Project is a project management software program designed to assist project managers to stay informed, keep project teams aligned, increase productivity and control project work, schedules, and finances. A remote code execution vulnerability has been identified in the way Microsoft...

VMware Products Guest Privilege Escalation Vulnerability - Nov09 (Windows)

The host is installed with VMWare products and is prone to Privilege Escalation vulnerability. OpenVAS Vulnerability Test $Id: gbvmwareprdtsprivescvulnnov09win.nasl 4906 2017-01-02 13:06:55Z teissa $ VMware Products Guest Privilege Escalation Vulnerability - Nov09 Windows Authors: Sharath S...

MagpieRSS 0.72 - Cross-Site Scripting HTML Injection

MagpieRSS 0.72 - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/34891/info MagpieRSS is prone to multiple cross-site scripting issues and an HTML-injection issue because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code...

eCryptfs工具ecryptfs-setup-private口令泄露漏洞

BUGTRAQ ID: 31906 eCryptfs是Linux平台下的企业级加密文件系统。 eCryptfs工具的ecryptfs-setup-private程序在通过命令行调用ecryptfs-wrap-passphrase和ecryptfs-add-passphrase程序时，命令行参数包含有用户的已有登录口令和新创建的口令。本地攻击者可以在进程表中查看到这些口令。 eCryptfs eCryptfs -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://ecryptfs.sourceforge.net/...

Microsoft Word Could Allow Remote Code Execution Vulnerability

This host is installed with Microsoft Office with MS Word, which is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodmswordcodeexecvuln900006.nasl 6519 2017-07-04 14:08:14Z cfischer $ Description: Microsoft Word Could Allow Remote Code Execution Vulnerability...

Web Server Generic 3xx Redirect

The remote web server is configured to redirect users using a HTTP 302, 303 or 307 response. However, the server can redirect to a domain that includes components included in the original request. A remote attacker could exploit this by crafting a URL which appears to resolve to the remote server...

activekb-cookie.txt

--==+================================================================================+==-- --==+ ActiveKB = 1.5 Insecure Cookie Handling/Arbitrary Admin Access +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 1...