975 matches found
Microsoft Windows XML Core Services XSLT Buffer Overrun Vulnerability
Description Microsoft Windows is prone to a remotely exploitable buffer-overrun condition in the XSLT implementation of XML core services. An attacker can exploit this issue to execute arbitrary code on an unsuspecting victim's computer. This may facilitate a remote compromise. Technologies...
LibXfont, monolithic X.org: Multiple integer overflows
Background libXfont is the X.Org Xfont library, some parts are based on the FreeType code base. Description Several integer overflows have been found in the CID font parser. Impact A remote attacker could exploit this vulnerability by enticing a user to load a malicious font file resulting in the...
Code injection
Cisco IOS XR, when configured for Multi Protocol Label Switching MPLS and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service Modular Services Cards MSC crash or "MPLS packet handling problems" via certain MPLS packets, as identified by Cisco bug IDs 1 CSCsd15970...
CVE-2006-1928
Cisco IOS XR, when configured for Multi Protocol Label Switching MPLS and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service Modular Services Cards MSC crash or "MPLS packet handling problems" via certain MPLS packets, as identified by Cisco bug IDs 1 CSCsd15970...
[Full-disclosure] Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities Advisory ID: cisco-sa-20060419-xr http://www.cisco.com/warp/public/707/cisco-sa-20060419-xr.shtml Revision 1.0 For Public Release 2006 April 19 1500 UTC GMT -...
Microsoft Excel Malformed Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. This issue may be triggered when a Excel document with malformed record data is opened. Technologies Affected Avaya Modular Messaging MAS 3.0.0 Microsoft Excel 2000 Microsoft Excel 2000 SP2 Microsoft Excel 2000 SP3...
Microsoft Excel Malformed Parsing Format File Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. This issue may be triggered when a malformed Excel document is opened. Technologies Affected Avaya Modular Messaging MAS 3.0.0 Microsoft Excel 2000 Microsoft Excel 2000 SP2 Microsoft Excel 2000 SP3 Microsoft Excel 2000...
Microsoft Office Routing Slip Processing Remote Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote buffer-overflow vulnerability. This vulnerability occurs when the application handles a specially crafted document. A successful attack can result in a remote compromise in the context of an affected user. Update: This issue is known to be exploit...
Microsoft Excel Malformed Description Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. This issue may be triggered when an Excel document with malformed description data is opened. Technologies Affected Avaya Modular Messaging MAS 3.0.0 Microsoft Excel 2000 Microsoft Excel 2000 SP2 Microsoft Excel 2000 S...
Microsoft Internet Explorer WMF Image Parsing Memory Corruption Vulnerability
Description Microsoft Internet Explorer is affected by an WMF image-parsing memory-corruption vulnerability. This issue is allegedly due to an integer-overflow flaw that leads to corrupted heap memory. This problem presents itself when a user views a malicious WMF-formatted file containing...
Cross site scripting
Cross-site scripting vulnerability in category.php in Modular Merchant Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the cat parameter...
CVE-2006-0109
Cross-site scripting vulnerability in category.php in Modular Merchant Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the cat parameter...
CVE-2006-0109
Cross-site scripting vulnerability in category.php in Modular Merchant Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the cat parameter...
CVE-2006-0109
The CVE-2006-0109 entry describes a Cross-site scripting vulnerability in Modular Merchant Shopping Cart, specifically in category.php where the cat parameter can be exploited to inject arbitrary web script or HTML. The vulnerability affects that product/component and arises from unsanitized inpu...
CVE-2005-4471
CVE-2005-4471 concerns the POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP4 and earlier. The vulnerability allows remote attackers to cause a denial-of-service (infinite loop) by sending crafted packets over the network. The available records explicitly identify the af...
Plexcor's(r) CMS XSS vuln.
Plexcor's® CMS XSS vuln. Vuln. discovered by : r0t Date: 21 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/plexcors-cms-xss-vuln.html vendor:http://www.plexcor.com/ affected version: 4.0 and prior Product Description: Integrated modular content, communications, calendar, commerce,...
[SA18204] Avaya Modular Messaging POP3 Denial of Service Vulnerability
TITLE: Avaya Modular Messaging POP3 Denial of Service Vulnerability SECUNIA ADVISORY ID: SA18204 VERIFY ADVISORY: http://secunia.com/advisories/18204/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote OPERATING SYSTEM: Avaya Modular Messaging 2.x http://secunia.com/product/4484/...
nodez.txt
Description: Nodez is a young, but strong, open source Content Manager. Nodez is designed to be as modular, stable and lightweight as possible version: Version 4.6.1.1 vendor: http://nodez.greentinted.com Vulnerability: cross site script sploit...
Microsoft Internet Explorer HTTPS Proxy Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information disclosure vulnerability when using an authenticating proxy server for HTTPS communications. Exploitation of this issue could result in an attacker gaining a user's authentication credentials. This issue only exists when the...
CVE-2005-4176
AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory...