109 matches found
Layton Helpbox 4.4.0 Password Disclosure
Layton Helpbox 4.4.0 Password Disclosure Vulnerability by Joseph Sheridan Summary Layton Technologies Helpbox product version 4.4.0 is vulnerable to a password disclosure vulnerability in an error page. CVE number: CVE-2012-4976 Impact: High Vendor homepage: http://www.laytontechnology.com Vendor...
CVE-2011-4741
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a database connection string within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by client@2/domain@1/hosting/aspdotnet/...
Oracle Hyperion Enterprise Performance Management arsqls24.dll缓冲区溢出漏洞
Oracle Hyperion Enterprise Performance Management是性能管理软件。 Oracle Hyperion Enterprise Performance Management在实现上存在安全漏洞,可被恶意用户利用控制用户系统。 在解析数据库连接字符串时,arsqls24.dll中存在边界错误。通过诱使用户打开特制的Hyperion Interactive Reporting Studio .oce文件造成栈缓冲区溢出。 Oracle Hyperion Enterprise Performance Management EPM 11.x 厂商补丁:...
Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overf
No description provided by source. Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow Vulnerability tested against: Microsoft Windows 2k3 r2 sp2 Oracle Hyperion Performance Management and BI v11.1.2.1.0 download url of the Oracle Hyperion suite...
CVE-2008-4693
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."...
Details about the hlfreeze/hl-headnut/csdos bugs
Title: Details about the hlfreeze/hl-headnut/csdos bugs Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org This short text is an idea I have had during the patching of the so called csdos.pl bug since there were a lot of things unclear. I will try to be much clear as I can... but...
CVE-2006-0734
The SVCheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service infinite loop and daemon hang via a backslash character at the end of a connection string to UDP port 27015...
CVE-2003-0407
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string...
CVE-2003-0407
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string...