CVE-2006-4099

Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values...

CVE-2006-4099

Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values...

CVE-2006-4099

CVE-2006-4099 concerns Business Objects Crystal Enterprise 9 and 10, where the system generates predictable session identifiers, allowing remote attackers to hijack other users’ sessions through the WCSID cookie. The connected documents confirm the vulnerable component and the impact (session hij...

Crystal Reports .RPT文件处理堆栈溢出漏洞

Crystal Reports是一种报表工具包，允许用户迅速创建灵活、特性丰富的报表，并集成到Web和Windows应用程序中。 Crystal Reports XI Professional在处理畸形的.RPT文件时存在栈溢出漏洞，攻击者可能利用此漏洞通过诱骗用户打开恶意文件在机器上执行任意指令。 Business Objects Crystal Reports XI Professional 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.businessobjects.com...

Business Objects Crystal Reports XI Professional文件处理缓冲区溢出漏洞

Business Objects Crystal Reports XI Professional是专业的水晶报表系列。 Business Objects Crystal Reports XI Professional处理.RPT文件存在问题，远程攻击者可以利用漏洞进行缓冲区溢出攻击，可能以进程权限执行任意指令。 目前没有详细漏洞细节提供。 Business Objects Crystal Reports XI Professional http://www.businessobjects.com/...

Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow

Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow source: https://www.securityfocus.com/bid/21261/info Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied...

Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow

source: https://www.securityfocus.com/bid/21261/info Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. An atacker may...

PT-2006-6664 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 2.0.5 Description: The issue allows remote authenticated users to cause a denial of service, resulting in an application crash. This occurs when a string representation of a serialized object is not properly stored...

GLSA-200611-10 : WordPress: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200611-10 WordPress: Multiple vulnerabilities 'random' discovered that users can enter serialized objects as strings in their profiles that will be harmful when unserialized. 'adapter' found out that user-edit.php fails to...

WordPress: Multiple vulnerabilities

Background WordPress is a PHP and MySQL based multiuser blogging system. Description "random" discovered that users can enter serialized objects as strings in their profiles that will be harmful when unserialized. "adapter" found out that user-edit.php fails to effectively deny non-permitted user...

Update Protection against Microsoft Internet Explorer Memory Corruption Vulnerabilities (MS06-042)

Microsoft Internet Explorer is prone to multiple memory corruption vulnerabilities. The application fails to properly handle un-initialized COM objects and chained Cascading Style Sheets CSS. This flaw allows attackers to cause denial of service and possibly to execute arbitrary code by convincin...

CVE-2005-4813

CVE-2005-4813 : Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certai...

faceStones personal <= v2.0.42 (objpath) Remote File Inclusion Exploit

============================================================================================== faceStones personal = v2.0.42 objpath Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor sit...

faceStones personal <= 2.0.42 (fs_form_links.php) File Include Vuln

No description provided by source. ============================================================================================== faceStones personal = v2.0.42 objpath Remote File Inclusion Exploit ===============================================================================================...

CVE-2006-4495

Microsoft Internet Explorer allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including 1 ciodm.dll, 2 myinfo.dll, 3 msdxm.ocx, and 4 creator.dll...

CVE-2006-4494

Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including 1 tcprops.dll, 2 fp30wec.dll, 3 mdt2db.dll, 4 mdt2qd.dll, and 5...

CVE-2006-4494

Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including 1 tcprops.dll, 2 fp30wec.dll, 3 mdt2db.dll, 4 mdt2qd.dll, and 5...

CVE-2006-4494

Microsoft Visual Studio 6.0 is affected. The vulnerability arises when remote attackers instantiate specific Visual Studio 6.0 ActiveX COM objects in Internet Explorer (tcprops.dll, fp30wec.dll, mdt2db.dll, mdt2qd.dll, vi30aut.dll), causing memory corruption that can lead to a denial of service a...

CVE-2006-4495

Microsoft Internet Explorer allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including 1 ciodm.dll, 2 myinfo.dll, 3 msdxm.ocx, and 4 creator.dll...

CVE-2006-4495

The CVE-2006-4495 issue affects Microsoft Internet Explorer. It arises when IE instantiates certain Windows 2000 ActiveX COM objects not designed as controls (ciodm.dll, myinfo.dll, msdxm.ocx, creator.dll). The root cause is improper COM object instantiation within IE, which can lead to memory co...