CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2007/02/18 12:0 a.m.•34 views

GLSA-200702-08 : AMD64 x86 emulation Sun's J2SE Development Kit: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200702-08 AMD64 x86 emulation Sun's J2SE Development Kit: Multiple vulnerabilities Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin ha...

9.3CVSS5.9AI score0.42821EPSS

Exploits1References6

RedHat Linux•added 2007/02/09 4:23 p.m.•2 views

security flaw

Multiple unspecified vulnerabilities in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, and Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges,...

9.3CVSS5.8AI score0.14768EPSS

RedHat Linux•added 2007/02/09 4:23 p.m.•1 views

security flaw

Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...

9.3CVSS6.1AI score0.07831EPSS

RedHat Linux•added 2007/02/09 4:23 p.m.•2 views

security flaw

Unspecified vulnerability in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 5 and earlier, Java System Development Kit SDK and JRE 1.4.210 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allows attackers to use untrusted applets to "access data in other...

RedHat Linux•added 2007/02/09 4:23 p.m.•1 views

security flaw

Unspecified vulnerability in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 6 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allows attackers to use untrusted applets to "access data in other...

F5 Networks•added 2007/02/09 12:0 a.m.•14 views

SOL7053 - BIND 9 vulnerabilities - Dereferencing freed fetch context and DNSSEC Validation

This Solution describes vulnerability issues reported in BIND where a remote user can cause denial of service conditions by sending specifically crafted packets to the BIND server. The dereferencing freed fetch context issue results from an issue where the named daemon dereferences a freed fetch...

0.3AI score

Exploits0Affected Software6

RedHat Linux•added 2007/02/07 7:57 p.m.•3 views

security flaw

RedHat Linux•added 2007/02/07 7:57 p.m.•1 views

security flaw

9.3CVSS5.8AI score0.14768EPSS

RedHat Linux•added 2007/01/24 12:0 a.m.•2 views

security flaw

9.3CVSS6.1AI score0.07831EPSS

RedHat Linux•added 2007/01/24 12:0 a.m.•1 views

security flaw

Gentoo Linux•added 2007/01/22 12:0 a.m.•47 views

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an...

9.3CVSS6.8AI score0.14768EPSS

Packet Storm•added 2007/01/13 12:0 a.m.•28 views

ebp2x-rfi.txt

+-------------------------------------------------------------------- + + Easy Banner Pro Version 2. = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: Easy Banner Pro Version + Venedor ...........: http://www.phpwebscripts.com...

7.4AI score

CERT•added 2007/01/09 12:0 a.m.•31 views

Kerberos administration daemon may free uninitialized pointers

Overview A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Description The MIT krb 5 administration daemon...

5CVSS9.6AI score0.21928EPSS

Exploits0References10

F5 Networks•added 2007/01/08 12:0 a.m.•42 views

SOL6924 - Insertion of special characters in URL path circumvents Accessibility Scope and Access Control Lists

It is possible to bypass the Deny list, configured in the Accessibility Scope section located on the Portal Access: Web Applications: Master Group Settings page, by inserting certain special characters into a URL path. In FirePass version 6.0, this issue also applies to the Deny list configured...

1.4AI score

Exploits0Affected Software1

F5 Networks•added 2007/01/05 12:0 a.m.•16 views

SOL6922 - Decimal-encoded IP address circumvents Accessibility Scope

It is possible to bypass the Deny list configured in the Accessibility Scope section of the Portal Access: Web Applications: Master Group Settings page using a URL with a decimal-encoded IP address. When you log in to the FirePass Webtop, you can enter a URL into the Webtop Address Bar if the...

0.3AI score

Exploits0Affected Software1

F5 Networks•added 2007/01/05 12:0 a.m.•11 views

SOL6920 - Cross-site scripting vulnerabilities

Multiple cross-site scripting XSS vulnerabilities exist in the FirePass Administrative Console pages. The affected FirePass URLs fail to fully sanitize certain URL arguments before the requested web page content is returned to the browser. It is possible for an attacker to create web pages, email...

0.4AI score

Exploits0Affected Software1

security_vulns•added 2007/01/01 12:0 a.m.•22 views

RFC2196

Network Working Group B. Fraser Request for Comments: 2196 Editor FYI: 8 SEI/CMU Obsoletes: 1244 September 1997 Category: Informational Site Security Handbook Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind...

8.3AI score