Apple Safari 3.0.1 for Windows - Corefoundation.dll Denial of Service

Apple Safari 3.0.1 for Windows - Corefoundation.dll Denial of Service source: https://www.securityfocus.com/bid/24497/info Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input. An attacker may exploit this issue by enticing...

Apple Safari 3 for Windows - Document.Location Denial of Service

Apple Safari 3 for Windows - Document.Location Denial of Service source: https://www.securityfocus.com/bid/24499/info Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input. An attacker may exploit this issue by enticing...

Microsoft Windows Win32 API Code Execution (MS07-035; CVE-2007-2219)

Microsoft Win32 API application programming interface provides 32-bit services used by all Windows-based applications.A remote code execution vulnerability has been reported in the Microsoft Windows implementation of Win32 API.Remote attacker could exploit this issue by convincing a user to visit...

US-CERT Technical Cyber Security Alert TA07-151A -- Mozilla Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-151A Mozilla Updates for Multiple Vulnerabilities Original release date: May 31, 2007 Last revised: -- Source: US-CERT Systems Affected Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonk...

Media Technology Group CDPass ActiveX control stack buffer overflows

Overview The Media Technology Group CDPass ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Media Technology Group CDPass is software that provides bonus content for music CDs...

Symantec Norton Antivirus NAVOPTS.DLL ActiveX Control Remote Code Execution Vulnerability

Description Symantec Norton Antivirus ActiveX control is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successful exploits will allow attackers to execute arbitrary code in the context of th...

Mozilla Firefox 2.0.0.3 - Href Denial of Service

source: https://www.securityfocus.com/bid/23747/info Firefox is prone to a remote denial-of-service vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successful exploits can allow attackers to crash the affected browser,...

Second Sight Software ActiveGS ActiveX control stack buffer overflows

Overview The Second Sight Software ActiveGS ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Second Sight Software ActiveGS is an Apple IIGS emulator that is provided as an...

Second Sight Software ActiveMod ActiveX control stack buffer overflow

Overview The Second Sight Software ActiveMod ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Second Sight Software ActiveMod is a music player that is provided as an ActiveX control...

Preemptive Protection against Mozilla Firefox Cross Domain Scripting Vulnerability

A cross-domain vulnerability has been reported in Firefox and in SeaMonkey - Mozilla based browsers. Mozilla SeaMonkey is a free, open source, and cross-platform Internet suite. Mozilla Firefox is a cross-platform popular web browser. A remote attacker could exploit this vulnerability to compromi...

CVE-2007-0325

CVE-2007-0325 is a remote buffer overflow in Trend Micro OfficeScan’s Web-Deployment SetupINICtrl ActiveX control (OfficeScanSetupINI.dll, SetupINICtrl) used by OfficeScan Web deployment. The flaw affects OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client/Server/Messag...

Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control buffer overflows

Overview The Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control contains multiple buffer overflows, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Trend Micro OfficeScan comes with a web-based administration console that makes use...

Null pointer dereference

Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving...

Buffer overflow

Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WSFTP 2007 Professional allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors...

Apple WebKit build 18794 - WebCore Remote Denial of Service

Apple WebKit build 18794 - WebCore Remote Denial of Service source: https://www.securityfocus.com/bid/22059/info Apple WebKit is prone to a denial-of-service vulnerability. Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the...

Apple WebKit build 18794 - WebCore Remote Denial of Service

source: https://www.securityfocus.com/bid/22059/info Apple WebKit is prone to a denial-of-service vulnerability. Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the affected framework. Successful exploits will result in...

CVE-2006-6603

Buffer overflow in the YMMAPI.YMailAttach ActiveX control ymmapi.dll before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information...

CVE-2006-6603

Buffer overflow in the YMMAPI.YMailAttach ActiveX control ymmapi.dll before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information...

Apple Mac OS X 2006-007更新修复多个安全漏洞

Mac OS X是苹果家族计算机所使用的操作系统。 Apple 2006-007安全更新修复了Mac OS X中的多个安全漏洞，具体包括： CVE-2006-4396 Apple Type Services服务程序不安全地创建了错误日志文件，允许本地攻击者以系统权限覆盖或创建文件。 CVE-2006-4398 Apple Type Services服务程序中存在多个缓冲区溢出漏洞。本地攻击者可以通过发送特制的服务请求触发这些溢出，导致拒绝服务或以系统权限执行任意指令。 CVE-2006-4400 Apple Type...

CVE-2006-3893

Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document...