Lucene search
K

626 matches found

Symantec
Symantec
added 2010/10/12 12:0 a.m.40 views

Microsoft Internet Explorer Cross Domain CVE-2010-3330 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...

4.3CVSS8.7AI score0.22257EPSS
Exploits1Affected Software5
Symantec
Symantec
added 2010/10/12 12:0 a.m.18 views

Microsoft Internet Explorer Uninitialized Memory Word Document Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. The following versions of the...

0.2AI score
Exploits0Affected Software5
Symantec
Symantec
added 2010/10/12 12:0 a.m.14 views

Microsoft Internet Explorer Auto-Complete Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya Aura Conferencing Standard Avaya CallPilo...

6.5AI score
Exploits0Affected Software5
Symantec
Symantec
added 2010/10/12 12:0 a.m.24 views

Microsoft Windows Embedded OpenType Font Engine Integer Overflow Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Embedded OpenType EOT font engine. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attempts may trigger a denial-of-service conditio...

8AI score
Exploits0References1Affected Software11
Symantec
Symantec
added 2010/10/12 12:0 a.m.26 views

Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Exploits0References1Affected Software11
Symantec
Symantec
added 2010/10/12 12:0 a.m.23 views

Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability that affects the 'toStaticHTML' API. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya Aura...

6.5AI score
Exploits0Affected Software8
Symantec
Symantec
added 2010/10/12 12:0 a.m.36 views

Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2740 Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...

7.2CVSS0.01807EPSS
Exploits1Affected Software2
Symantec
Symantec
added 2010/10/12 12:0 a.m.18 views

Microsoft Windows Kernel 'Win32k.sys' Window Class Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Exploits0References2Affected Software11
Symantec
Symantec
added 2010/10/12 12:0 a.m.20 views

Microsoft Windows Common Control Library Remote Heap Buffer Overflow Vulnerability

Description Microsoft Windows Common Control Library is prone to a remote heap-based buffer-overflow vulnerability because the library fails to perform adequate boundary-checks on user-supplied data. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted web...

7.9AI score
Exploits0References3Affected Software6
Symantec
Symantec
added 2010/10/12 12:0 a.m.15 views

Microsoft Internet Explorer Anchor Element Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya Aura Conferencing Standard Avaya CallPilo...

6.5AI score
Exploits0Affected Software5
Exploit DB
Exploit DB
added 2010/10/05 12:0 a.m.71 views

Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution (Metasploit)

$Id: alcatelomnipcxmastercgiexec.rb 10556 2010-10-05 23:13:04Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS7AI score0.97407EPSS
Exploits8
Symantec
Symantec
added 2010/06/08 12:0 a.m.22 views

Microsoft Windows COM Object Validation Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Excel, PowerPoint, Publisher, Visio, Wordpad, or Word file. Successful exploits would allow the attacker to execute arbitrary code in the...

7.9AI score
Exploits0Affected Software19
Symantec
Symantec
added 2010/06/08 12:0 a.m.32 views

Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability

Description Microsoft Internet Explorer 8 Developer Tools 'iedvtool.dll' ActiveX control is prone to a remote code-execution vulnerability that stems from a memory-corruption issue. An attacker can exploit this issue to execute arbitrary code in the context of the application, usually Internet...

8AI score
Exploits0References1Affected Software14
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.140 views

CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: TANDBERG Video Communication Server Arbitrary File Retrieval Release Date:...

4CVSS0.3AI score0.05479EPSS
Exploits1
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.220 views

CVE-2009-4509: TANDBERG VCS Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: TANDBERG Video Communication Server Authentication Bypass Release Date:...

10CVSS0.6AI score0.05479EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2010/04/14 12:0 a.m.48 views

TANDBERG Video Communication Server Static SSH Host Keys

The remote device appears to be a TANDBERG Video Communication Server VCS, an appliance supporting interoperation of video conferencing and unified communications devices. The fingerprint for the SSH service running on this device matches that of the host key distributed with some versions of the...

8.5CVSS7.3AI score0.02148EPSS
Exploits0References3
Prion
Prion
added 2010/04/13 5:30 p.m.19 views

Authentication flaw

The administrative web console on the TANDBERG Video Communication Server VCS before X4.3 uses predictable session cookies in 1 tandberg/web/lib/secure.php and 2 tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and execute arbitrary code by...

10CVSS7.8AI score0.04533EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2010/04/13 5:0 p.m.43 views

CVE-2009-4510

The SSH service on the TANDBERG Video Communication Server VCS before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets...

7.4AI score0.02148EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/04/13 5:0 p.m.24 views

CVE-2010-1356

Unspecified vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773...

7.7AI score0.03254EPSS
Exploits0References1
CVE
CVE
added 2010/04/13 5:0 p.m.40 views

CVE-2010-1355

The CVE-2010-1355 entry concerns a Cross-site Scripting (XSS) vulnerability in the TANDBERG Video Communication Server (VCS) prior to X5.0. The connected sources confirm the affected product and that the vulnerability is XSS with unspecified vectors, allowing remote attackers to inject arbitrary ...

4.3CVSS5.9AI score0.00855EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder