6680 matches found
New Cridex Banking Trojan variant Surfaces with Self-Spreading Functionality
In an effort to infect large number of people, cybercriminals have developed a new malicious software program that contains functionality to spread itself quickly. Geodo, a new version of the infamous Cridex also known as Feodo or Bugat banking information stealing Trojan works in conjunction wit...
Mitsubishi Electric GB-50A - Multiple Remote Authentication Bypass Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28406/info The Mitsubishi Electric GB-50A is prone to multiple authentication-bypass vulnerabilities. Successful exploits will allow unauthorized attackers to gain access to administrative functionality and completely...
leadtools activex common dialogs 16.5 - Multiple Vulnerabilities
No description provided by source. LEADTOOLS ActiveX Common Dialogs 16.5 Multiple Remote Vulnerabilities Vendor: LEAD Technologies, Inc. Product Web Page: http://www.leadtools.com Affected version: 16.5.0.2 Summary: With LEADTOOLS you can control any scanner, digital camera or capture card that h...
Gamespy Software Development Kit CD-Key Validation Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11881/info It has been reported that the GameSpy SDK is prone to a buffer overflow vulnerability in its CD-key validation functionality. This issue is due to a failure of the SDK to properly check the length of...
Microsoft Foundation Class Library 7.0 ISAPI Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5188/info The Microsoft Foundation Class Library is a library used to develop applications for Microsoft Windows. Some versions of the MFC include an ISAPI class, which can be used to construct applications which extend w...
Simple PHP Blog <= 0.4.0 - Remote Command Execution
No description provided by source. $Id: sphpblogfileupload.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
WP-Footnotes 2.2 WordPress Plugin Multiple Remote Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27572/info WP-Footnotes plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. The plugin also insecurely exposes...
sFileManager <= v.24a Local File Inclusion Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= sFileManager = v.24a / Local File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: sFileManager $ Version: = v.24a $ File affected: fm.php $ Download:...
Microsoft Windows NT 4/2000 NetBIOS Name Conflict Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1514/info An attacker can send the NetBIOS name service a NetBIOS Name Conflict message even when the receiving machine is not in the process of registering its NetBIOS name. The target will then not attempt to use that...
Microsoft Windows Media Player 11 ScriptCommand Multiple Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/35335/info Microsoft Windows Media Player is prone to multiple information-disclosure vulnerabilities because it fails to properly restrict access to certain functionality when handling media files. An attacker can exploi...
Belchior Foundry VCard 2.8 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9910/info It has been reported that vCard is prone to a remote authentication bypass vulnerability. This issue is due to a design error that would allow a malicious user access to certain admin functionality without havin...
Novell Groupwise Internet Agent Stack Overflow
No description provided by source. Application: Novell Groupwise Internet Agent Stack Overflow Platforms: Windows, Linux, Netware GroupWise 7.0, 7.01, 7.02, 7.03x, 7.04, 8.0, 8.01x Exploitation: Remote code execution CVE Number: Novell TID: 7006374 Author: Francis Provencher Protek Research Lab's...
Solaris 8 libsldap Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a...
MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat. ...
Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments...
iCal 3.7 - Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6506/info A buffer overflow vulnerability has been reported for iCal. The vulnerability occurs when the iCal web server receives an overly long HTTP request. This will cause iCal to crash and result in a denial of service...
McAfee Asset Manager 6.6 - Multiple Vulnerabilities
No description provided by source. Cloud SSO is vuln to unauthed XSS in the authentication audit form: https://twitter.com/BrandonPrry/status/445969380656943104 McAfee Asset Manager v6.6 multiple vulnerabilities http://www.mcafee.com/us/products/asset-manager.aspx Authenticated arbitrary file rea...
[SECURITY] Fedora 20 Update: gnupg2-2.0.24-1.fc20
GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described...
Cmseasy SQL注射漏洞 2
简要描述: 注入..无限制 详细说明: frontclass.php 对 username 做了限制 但是 忘了\转义符 ifpregmatch'/'|"/', $POST'username' || pregmatch'/'|"/', $GET'username' || pregmatch'/'|"/', $COOKIE'loginusername' exit'非法参数'; 先看注册 useract.php 289 行: function registeraction iffront::post'submit' if!config::get'regon'...
Wireless Network Watcher - Show who is connected to your wireless network
Wireless Network Watcher is a small utility that scans your wireless network and displays the list of all computers and devices that are currently connected to your network. For every computer or device that is connected to your network, the following information is displayed: IP address, MAC...