CVE-2011-1199

Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...

CVE-2011-1199

Removed by vendor...

[SECURITY] Fedora 15 Update: pywebdav-0.9.4.1-1.fc15

WebDAV library for Python. WebDAV is an extension to the normal HTTP/1.1 protocol allowing the user to upload data, create collections of objects, store properties for objects, etc...

CVE-2011-0115

The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a...

Memory corruption during text run construction (Windows) — Mozilla

Alex Miller reported that when very long strings were constructed and inserted into an HTML document, the browser would incorrectly construct the layout objects used to display the text. Under such conditions an incorrect length would be calculated for a text run resulting in too small of a memor...

Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability

This host is installed with Microsoft Office Power Point and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-022.nasl OID:1.3.6.1.4.1.25623.1.0.902411. OpenVAS Vulnerability Test $Id: gbmspowerpointcodeexecvuln.nasl 6538 2017-07-05 11:38:27Z cfischer ...

CVE-2011-0980

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability."...

glibc security and bug fix update

2.12-1.7.el60.3 - Require suid bit on audit objects in privileged programs 645679, CVE-2010-3856 2.12-1.7.el60.2 - Never expand in privileged programs 643821 2.12-1.7.el60.1 - Fix bug in generic strstr/memmem implementation handling certain repeated patterns 643341 - Correctly align TCB for AVX...

(0Day) Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Powerpoint 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with t...

Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability

This host is installed with Internet Explorer and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-018.nasl OID:1.3.6.1.4.1.25623.1.0.900278. OpenVAS Vulnerability Test $Id: gbmsiereleaseinterfacecodeexecutionvuln.nasl 6526 2017-07-05 05:43:52Z cfische...

Zero day vulnerability begin in Windows MHTML renderer !

Microsoft has aloof appear aegis advising 2501696 acknowledging a fresh aught day blemish in all accepted versions of Windows except Server Core. The blemish appears to acquiesce maliciously crafted web pages to assassinate cipher in any "zone" behindhand of which area is specified. Any...

CVE-2011-0410

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by 1 sniffing the network for transmissions of Java objects or 2 reading the database...

CVE-2011-0410

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by 1 sniffing the network for transmissions of Java objects or 2 reading the database...

CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

DEBIAN-CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

Apache Struts2/XWork Remote Command Execution Vulnerability

This host is running Struts and is prone to remote command execution vulnerability. OpenVAS Vulnerability Test $Id: gbapachestrutsxworkcmdexecvuln.nasl 5263 2017-02-10 13:45:51Z teissa $ Apache Struts2/XWork Remote Command Execution Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010...

Memory corruption

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."...

CVE-2010-3812

Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cau...