Null pointer dereference

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...

Cross site scripting

Cross-site scripting XSS vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary w...

CVE-2010-2103

Cross-site scripting XSS vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary w...

CVE-2010-2103

CVE-2010-2103: Apache Axis2/Java Axis2 administration console (axis2-admin/engagingglobally) is vulnerable to cross-site scripting via the modules parameter. Affected: Axis2/Java 1.4.1, 1.5.1 (and possibly other versions) used in SAP Business Objects 12, 3Com IMC, etc. The vulnerability is due to...

CVE-2010-2103

Cross-site scripting XSS vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary w...

ProCheckUp Security Advisory 2010.3

PR10-03: Authenticated XSS within the Apache Axis2 administration console Vulnerability found: 30th January 2010 Vendor informed: 1st February 2010 Vulnerability fixed: Severity: Medium Description: Axis2 is a web services/SOAP/WDSL engine, widely used within many commercial products Procheckup h...

CVE-2010-1283

Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir aka Director files, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a modified field in a 0xFFFFFF49 record...

Internet Explorer DHTML Objects Memory Corruption (MS07-069; CVE-2007-5347)

Microsoft Internet Explorer IE is a web browser application that is capable of rendering both static and dynamic web content. The application is primarily used for tasks related to web browsing, such as displaying HTML encoded pages, downloading files, etc. A memory corruption vulnerability exist...

VulnCheck KEV: CVE-2009-0075

Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption...

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

[DSecRG-09-053] VMware Remoute Console - format string

Digital Security Research Group DSecRG Advisory DSECRG-09-053 Application: VMware Remoute Console Version: e.x.p build-158248 Vendor URL: http://vmware.com Bugs: Format String Vulnerabilitys Exploits: YES PoC Reported: 07.08.2009 Vendor response: 13.08.2009 Date of Public Advisory: 09.04.2010 CVE...

VMware Remote Console e.x.p build-158248 - format string vulnerability

Exploit for multiple platform in category dos / poc ====================================================================== VMware Remote Console e.x.p build-158248 - format string vulnerability ====================================================================== Digital Security Research Group...

Ubuntu Update for openjdk-6 vulnerabilities USN-923-1

Ubuntu Update for Linux kernel vulnerabilities USN-923-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9231.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for openjdk-6 vulnerabilities USN-923-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Microsoft IE HTML渲染远程代码执行漏洞（MS10-018）

BUGTRAQ ID: 39024 CVE ID: CVE-2010-0807 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer访问已被删除的对象的方式中存在一个远程执行代码漏洞。攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 7.0 临时解决方法： 在Office 2007中禁用ActiveX控件。 不要打开意外的文件。 厂商补丁： Microsoft...

CVE-2010-1233

Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects...

Integer overflow

Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects...

Deserialization of untrusted data

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March...

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

PT-2010-2536 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 7 Description: The issue arises from improper handling of objects in memory, allowing remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption. A remote code...

Microsoft Data Access Components ActiveX Data Objects Memory Corruption Vulnerability

Description Microsoft Data Access Components are prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the...