CVE-2011-4576

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...

CVE-2011-3406

Buffer overflow in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote...

Buffer overflow

Buffer overflow in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote...

PT-2011-4435 · Microsoft · Windows Xp +7

Name of the Vulnerable Software and Affected Versions: Active Directory versions prior to the fixed version Active Directory Application Mode ADAM versions prior to the fixed version Active Directory Lightweight Directory Service AD LDS versions prior to the fixed version Microsoft Windows XP...

RealNetworks RealPlayer RV30 Uninitialized Index Value Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

[USN-1268-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1268-1 November 21, 2011 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

USN-1271-1 : linux-fsl-imx51 vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...

USN-1271-1: Linux kernel (FSL-IMX51) vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...

USN-1256-1: Linux kernel (Natty backport) vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook

Exploit for windows platform in category remote exploits var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu...

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url:...

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution

Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...

Oracle Hyperion Financial Management TList6 ActiveX Control Code Exec

Exploit for windows platform in category remote exploits Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url:...

Oracle Hyperion Financial Management Code Execution

Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...

CVE-2011-3878

Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization...

Race condition

Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization...

CVE-2011-3878

Removed by vendor...

HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

Ubuntu 10.10 : linux vulnerabilities (USN-1201-1)

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

Fedora 16 : ecryptfs-utils-90-1.fc16 (2011-10671)

privilege escalation via mountpoint race conditions CVE-2011-1831, CVE-2011-1832 - race condition when checking source during mount CVE-2011-1833 - mtab corruption via improper handling CVE-2011-1834 - key poisoning via insecure temp directory handling CVE-2011-1835 - information disclosure via...