5849 matches found
Mandrake Security Advisory MDVSA-2009:161-1 (squid)
The remote host is missing an update to squid announced via advisory MDVSA-2009:161-1. OpenVAS Vulnerability Test $Id: mdksa20091611.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:161-1 squid Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Microsoft Windows AVI File Data Validation Integer Overflow (MS09-038; CVE-2009-1546)
Audio Video Interleave AVI is a special case of Resource Interchange File Format RIFF. This file type used with applications that capture, edit, and play back audio-video sequences. The vulnerability is due to an error in the Windows component responsible for processing AVI files that does not...
Mandrake Security Advisory MDVSA-2009:161 (squid)
The remote host is missing an update to squid announced via advisory MDVSA-2009:161. OpenVAS Vulnerability Test $Id: mdksa2009161.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:161 squid Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandrake Security Advisory MDVSA-2009:161 (squid)
The remote host is missing an update to squid announced via advisory MDVSA-2009:161. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
squid -- several remote denial of service vulnerabilities
Squid security advisory 2009:2 reports: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when...
Mandriva Linux Security Advisory : mysql (MDVSA-2008:149)
Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user wit...
PGP Desktop Local Denial of Service Vulnerability
PGP Desktop is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Yxbbs3. 0 two injection vulnerabilities-vulnerability warning-the black bar safety net
Posted:Xiaoqiang Affected version: Yxbbs3. 0 Vulnerability description: yxbbs at the time of user registration, real-time detection of whether the user name already exists and the user name is legitimate, however the service end at the time of detection, the user-submitted data validation is not...
趋势科技Internet Security tmactmon.sys驱动本地权限提升漏洞
UGTRAQ ID: 34304 CVECAN ID: CVE-2009-0686 趋势科技的Internet Security是一套可适合保护家庭用户多台计算机的网络安全产品。 Internet Security的tmactmon.sys驱动的IOCTL处理器对IOCTL调用使用了METHODNEITHER通讯方式,但没有正确地验证Irp对象相关的缓冲区数据,这允许本地用户获得SYSTEM权限。 Trend Micro Internet Security Pro 2009 Trend Micro Internet Security Pro 2008 Trend Micro Intern...
phpads 2.0 - Multiple Vulnerabilities
Vendor: http://blondish.net Versions: PHPAds 2.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=8 ---- First, we need to acquire administrative access. We point our browser at...
Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Win
Mozilla Firefox browser is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Silentum Uploader 1.4.0 File Deletion
Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-side data, we can alter the path of files to be...
Silentum Uploader 1.4.0 - Remote File Deletion
Silentum Uploader 1.4.0 - Remote File Deletion Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-si...
MS Windows XP/2003 AFD.sys Privilege Escalation Exploit (K-plugin)
No description provided by source. Hi, I have just uploaded a k-plugin for Kartoffel, which exploits a flaw patched in the recent MS08-066 bulletin. http://kartoffel.reversemode.com/downloads.php backup: http://milw0rm.com/sploits/2008-afdplugin.zip For those researchers interesting in digging a...
CVE-2008-3477
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to...
FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc ADV FreeBSD-SA-06:18.ppp.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Security Advisory (FreeBSD-SA-05:07.ldt.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:07.ldt.asc ADV FreeBSD-SA-05:07.ldt.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
MS Jet Database (msjet40.dll) DB File Buffer Overflow Exploit
No description provided by source. / -------------------------------------- Microsoft Jet msjet40.dll Exploit -------------------------------------- Author: ---------- S.Pearson Computer Terrorism UK www.computerterrorism.com 11/04/2005 Credits: ---------- Hexview original advisory Tested on:...
Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
The remote host is missing an update to mysql-dfsg-5.0 announced via advisory DSA 1608-1. OpenVAS Vulnerability Test $Id: deb16081.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1608-1 mysql-dfsg-5.0 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
Microsoft Outlook Web Access Data Validation Cross Site Scripting (MS08-039; CVE-2008-2247)
Outlook Web Access OWA is a webmail service of Microsoft Exchange Server 5.0 and later. The web interface of OWA resembles the interface in Microsoft Outlook. A cross-site scripting vulnerability has been detected in Outlook Web Access. The vulnerability is a result of OWA failure to properly...