PLUGINSPAGE privileged JavaScript execution II — Mozilla

Paul Nickerson reports that the fix for MFSA 2005-34 can be bypassed using nested javascript: URLs, again allowing the attacker to execute privileged code. The attacker must first convince the user to first click on the missing-plugin icon in the page or the "Install Missing Plugins..." button in...

GLSA-200511-23 : chmlib, KchmViewer: Stack-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200511-23 chmlib, KchmViewer: Stack-based buffer overflow Sven Tantau reported about a buffer overflow vulnerability in chmlib. The function 'chmdecompressblock' does not properly perform boundary checking, resulting in a...

HP-UX PHCO_33989 : HP-UX envd, Local Execution of Privileged Code (HPSBUX02073 SSRT051012 rev.2)

s700800 11.00 envd1M cumulative patch : A potential vulnerability has been identified with HP-UX running the envd1M. The vulnerability could be exploited by a local authorized user to execute arbitrary code and/or gain unauthorized privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

HP-UX PHSS_32919 : HP OpenView Event Correlation Services (OV ECS), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01141 SSRT4796, SSRT4873 rev.2)

s700800 11.23 OV ECS3.33 /3.32 Patch Mar'05 : Potential vulnerabilities have been identified with OpenView Event Correlation Services OV ECS. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of Service DoS. %NASLMINLEVEL 703...

HP-UX PHSS_32693 : HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01140 SSRT4795, SSRT4797, SSRT4864 rev.2)

s700800 11.23 OV NNM7.50 Patch for Jan-05 : Potential vulnerabilities have been identified with OpenView Network Node Manager OV NNM. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of ServiceDoS. %NASLMINLEVEL 70300 C...

HP-UX PHSS_32692 : HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01140 SSRT4795, SSRT4797, SSRT4864 rev.2)

s700800 11.X OV NNM7.50 Patch for Jan-05 : Potential vulnerabilities have been identified with OpenView Network Node Manager OV NNM. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of ServiceDoS. %NASLMINLEVEL 70300 C Tenab...

HP-UX PHSS_32781 : HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01140 SSRT4795, SSRT4797, SSRT4864 rev.2)

s700800 11.X OV NNM6.4x/ET2.0x Patch for Feb-05 : Potential vulnerabilities have been identified with OpenView Network Node Manager OV NNM. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of ServiceDoS. %NASLMINLEVEL 70300 ...

HP-UX PHSS_32918 : HP OpenView Event Correlation Services (OV ECS), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01141 SSRT4796, SSRT4873 rev.2)

s700800 11.X OV ECS3.33 /3.32 Patch Mar'05 : Potential vulnerabilities have been identified with OpenView Event Correlation Services OV ECS. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of Service DoS. %NASLMINLEVEL 7030...

HP-UX PHSS_33038 : HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01140 SSRT4795, SSRT4797, SSRT4864 rev.2)

s700800 11.X OV NNM7.01 Patch for Mar-05 : Potential vulnerabilities have been identified with OpenView Network Node Manager OV NNM. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of ServiceDoS. %NASLMINLEVEL 70300 C Tenab...

CVE-2005-1160

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...

Immunix OS 6.2 - LC glibc format string

/ source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide internationalization support according to the...

AMD K6 Processor - Denial of Service

AMD K6 Processor - Denial of Service source: https://www.securityfocus.com/bid/105/info A bug in Advance Micro Devices K6 processor allows non-privileged code to crash the machine. Under Linux 2.1.x a bug stops this vulnerability. $ cat a.s .text .align 4096 / r1 / .globl start start: movl start,...

AMD K6 Processor - Denial of Service

source: https://www.securityfocus.com/bid/105/info A bug in Advance Micro Devices K6 processor allows non-privileged code to crash the machine. Under Linux 2.1.x a bug stops this vulnerability. $ cat a.s .text .align 4096 / r1 / .globl start start: movl start, %edi / S1 / cmpb 0x80000000%edi,%dl ...