Lucene search
K

472 matches found

ThreatPost
ThreatPost
added 2010/08/31 1:55 p.m.10 views

Do You Know What Your Database Users Are Doing?

In our last column, we focused on privilege escalation attacks, and the impact that this category of SQL injection attacks can have on the database – particularly where specific database vulnerabilities exist, and can be exploited through the manipulation of privileges. Let’s look more deeply at...

0.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2010/07/27 5:52 p.m.17 views

Escalating Privileges In the Database Can Wreak Havoc

Privilege escalation attacks consist of exploiting a bug or design flaw in a software application to gain access to resources which normally are protected from an application or user. The result is that the application allows actions with privileges beyond an acceptable level for the specific use...

1.3AI score
Exploits0
Symantec
Symantec
added 2009/06/12 8:0 a.m.22 views

Specifically Crafted Archive/Container Files can Bypass Initial Scans

SUMMARY Specifically-crafted archive and container files can potentially bypass initial malware scans in some products. AFFECTED PRODUCTS Products --- Symantec Mail Security for Domino Symantec Mail Security for Microsoft Exchange Symantec Mail Security for SMTP Symantec Brightmail Gateway Symant...

0.1AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2008/11/04 10:11 a.m.2 views

kernel: splice: fix bad unlock_page() in error case

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the addtopagecachelru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service kernel BUG and system crash, as...

5.5CVSS6.1AI score0.00616EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2007/10/29 12:0 a.m.4 views

PT-2007-6681 · Digium · Asterisk Zaptel

Name of the Vulnerable Software and Affected Versions: Asterisk Zaptel version 1.4.5.1 Description: The issue is related to a buffer overflow in the sethdlc.c file, potentially allowing local users to gain privileges via a long device name in the ifr name field. However, the vendor disputes this,...

4.6CVSS7.1AI score0.00355EPSS
Exploits0References10
securityvulns
securityvulns
added 2006/10/26 12:0 a.m.42 views

Modify Data via Inline Views

Name Modify Data via Inline Views 8107967 DB09 Systems Affected Oracle 9i - 10g Rel. 2 Severity High Risk Category Unauthorized Access Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com Advisory 18 October 2006 V 1.00 Advisory...

1.3AI score
Exploits0
CERT
CERT
added 2006/04/12 12:0 a.m.28 views

SunnComm MediaMax privilege elevation vulnerability

Overview SunnComm MediaMax contains a privilege elevation vulnerability, which may allow a user with limited rights to execute code with elevated privileges. Description SunnComm MediaMax SunnComm MediaMax is copy protection software that is automatically installed by some audio CDs. Sony BMG has...

4.6CVSS7.1AI score0.00468EPSS
Exploits1References7
Symantec
Symantec
added 2003/11/11 12:0 a.m.16 views

Microsoft Internet Explorer Mouse Click Event Hijacking Vulnerability

Description A vulnerability exists in Internet Explorer when handling specific DHTML events, allowing a malicious Web page to intercept mouse click events to perform unintended drag and drop operations. In particular, it is possible to simulate a mouse drag and drop event through use of the moveB...

Exploits0References2Affected Software1
Symantec
Symantec
added 2003/06/15 12:0 a.m.16 views

PMachine Lib.Inc.PHP Remote Include Command Execution Vulnerability

Description It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands. Technologies Affected PMachine PMachine 2.2.1 Recommendations Block external access at the network boundary, unles...

1.3AI score
Exploits0Affected Software1
CERT
CERT
added 2003/02/18 12:0 a.m.20 views

Oracle9i Database contains remotely exploitable buffer overflow in "ORACLE.EXE"

Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 The buffer overflow exists in a...

8.3AI score
Exploits0References3
CERT
CERT
added 2003/02/18 12:0 a.m.13 views

Oracle9i Database contains remotely exploitable buffer overflow in "BFILENAME" function

Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle 9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...

8AI score
Exploits0References3
securityvulns
securityvulns
added 2000/12/22 12:0 a.m.133 views

Sample SecurID Token Emulator with Token Secret Import

Sample SecurID Token Emulator with Token Secret Import We have performed some cryptoanalysis and let's just say we do have grounds to believe that this algorithm is easily breakable. Once again, security of the cipher should be based entirely on the secrecy of the key, not the algorithm. Least...

0.2AI score
Exploits0
Rows per page
Query Builder