CVE-2006-5559

The CVE-2006-5559 issue affects MDAC’s ADODB.Connection ActiveX control (versions 2.5 SP3, 2.7 SP1, 2.8, 2.8 SP1). The Execute/NextRecordset path can trigger memory corruption when the second argument is a BSTR, enabling remote code execution or an Internet Explorer crash via specially crafted in...

CVE-2006-5559

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects ADODB.Connection.2.7 and ADODB.Connection.2.8 in the Microsoft Data Access Components MDAC 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote...

Supported SmartDefense and Web Intelligence Protections for VPN-1 VSX NGX Gateways

VPN-1 VSX provides a set of virtual components acting as real network devices such as Firewall gateways, routers, switches, and network cables. Using these virtual components, network topologies are created that are functionally equivalent to networks built with physical devices. Each Virtual...

CVE-2006-4553

PHP remote file inclusion vulnerability in plugin.class.php in the comcomprofiler Components 1.0 RC2 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-4553

PHP remote file inclusion vulnerability in plugin.class.php in the comcomprofiler Components 1.0 RC2 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-4553

The CVE-2006-4553 entry describes a PHP remote file inclusion in com_comprofiler Components 1.0 RC2 for Mambo/Joomla!, exploitable via the mosConfig_absolute_path parameter to execute arbitrary PHP code. The affected software is a Mambo/Joomla! integration component (com_comprofiler Components 1....

contxtd.txt

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Components ContXTD Attack method: Remote File Inclusion Source: ensure this file is being included by a parent file / defined 'VALIDMOS' or die 'Direct Access to this location is not...

[SECURITY] [DSA 1153-1] New ClamAV packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1153-1 [email protected] http://www.debian.org/security/ Martin Schulze August 18th, 2006 http://www.debian.org/security/faq -...

CVE-2006-3977

Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components."...

[SECURITY] [DSA 1142-1] New freeciv packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1142-1 [email protected] http://www.debian.org/security/ Martin Schulze August 4th, 2006 http://www.debian.org/security/faq -...

Beware of being black with caution eWebEditor online editor-vulnerability warning-the black bar safety net

Network popular the website is news, forums, e-Mall as well as the blog. These systems will be required to have set the text size, color and insert images and other functions, so on the network there is a corresponding third-party functional components to complete the corresponding function, such...

Mambo Component Mam-Moodle alpha - Remote File Inclusion

Mambo Component Mam-Moodle alpha - Remote File Inclusion Mam - Moodle Remote File Include ------------------------------------------------------------------------------------ Bug Found by: jank0 greetz: hackbsd crew risk: dangerous this bug allows a remote atacker to execute commands via rfi path...

[SECURITY] [DSA 1110-1] New samba packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1110-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 16th, 2006 http://www.debian.org/security/faq -...

TIBCO Rendezvous daemon components contain a buffer overflow in the HTTP administrative interface

Overview A vulnerability in the TIBCO Rendezvous daemon components may allow a remote attacker to execute arbitrary code on an affected system. Description TIBCO Rendezvous is a distributed messaging software platform. A buffer overflow vulnerability has been discovered in the HTTP administrative...

[SECURITY] [DSA 1080-1] New dovecot packages fix directory traversal

-------------------------------------------------------------------------- Debian Security Advisory DSA 1080-1 [email protected] http://www.debian.org/security/ Steve Kemp May 29th, 2006 http://www.debian.org/security/faq -...

Design/Logic Flaw

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects ADO and distributed in Microsoft Data Access Components MDAC 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors...

CVE-2006-0003

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects ADO and distributed in Microsoft Data Access Components MDAC 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors...

Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability

Description The Microsoft MDAC RDS.Dataspace ActiveX control is vulnerable to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page. Technologies Affected Hitachi DA Broker for ODBC 01-00 Hitachi DA Broker for ODBC 01-...

Microsoft Security Bulletin MS06-014 Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)

Microsoft Security Bulletin MS06-014 Vulnerability in the Microsoft Data Access Components MDAC Function Could Allow Code Execution 911562 Published: April 11, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Executi...

[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1020-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...