1330 matches found
Apple Mac OS X Loginwindow.app information leakage
Username and password can be found in process memory...
Firebird 2.0.3 Relational Database - protocol.cpp XDR Protocol Remote Memory Corruption
Firebird 2.0.3 Relational Database - protocol.cpp XDR Protocol Remote Memory Corruption source: https://www.securityfocus.com/bid/27403/info Firebird is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to...
openSUSE 10 Security Update : smb4k (smb4k-2514)
This update of smb4k fixes several security bugs that can be exploited locally to get access to confidential data, overwrite file contents, and to overflow process memory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
CVE-2007-2393
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution...
Code injection
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution...
PHP 5.1.6 - Chunk_Split() Integer Overflow
PHP 5.1.6 - ChunkSplit Integer Overflow source: https://www.securityfocus.com/bid/24261/info PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory...
PHP 5.1.6 - 'Chunk_Split()' Integer Overflow
source: https://www.securityfocus.com/bid/24261/info PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory. Attackers may be able to execute arbitra...
Memory corruption
Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785...
CVE-2007-2619
Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785...
CVE-2007-2619
Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785...
CVE-2007-2619
CVE-2007-2619 affects Symantec pcAnywhere 11.5.x and 12.0.x, where unencrypted login credentials can reside in process memory. The description indicates local administrators can read memory to retrieve credentials, making this a local access issue. No explicit exploit details or mitigation are pr...
PHP 5.1.6 - 'Msg_Receive()' Memory Allocation Integer Overflow
source: https://www.securityfocus.com/bid/23236/info PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory. Exploiting this issue may allow attacker...
[NB07-22] Multiple vulnerabilities in NETxEIB OPC server
Multiple vulnerabilities in NETxEIB OPC server ============================================== OPC servers provide a standard way to interoperate automation and control systems, bridging data from several industrial protocols such as DNP3, MODBUS, etc. to a more standard data access interface. The...
Design/Logic Flaw
xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users' files, or obtain other sensitive information, by reading the xterm process memory. NOT...
Microsoft Internet Explorer 678 - li Element Denial of Service (3)
Microsoft Internet Explorer 678 - li Element Denial of Service 3 source: https://www.securityfocus.com/bid/36070/info Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. Successful exploits can allow attackers to crash the affected browser, resulting in...
Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (3)
source: https://www.securityfocus.com/bid/36070/info Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. Given the nature of this issue, attackers may al...
Microsoft Office 2000/2002 - Property Code Execution
source: https://www.securityfocus.com/bid/18911/info Microsoft Office is prone to a code-execution vulnerability. This is due to a failure to handle exceptional conditions. Successfully exploiting this issue allows attackers to corrupt process memory and to execute arbitrary code in the context o...
CVE-2006-2708
Secure Elements Class 5 AVR client aka C5 EVM before 2.8.1 allows remote attackers to read portions of process memory via a modified size for 1 EMGETCEPARAMETER and 2 EMSETCEPARAMETER messages, which leads to a buffer overflow probably an over-read...
Buffer overflow
Secure Elements Class 5 AVR client aka C5 EVM before 2.8.1 allows remote attackers to read portions of process memory via a modified size for 1 EMGETCEPARAMETER and 2 EMSETCEPARAMETER messages, which leads to a buffer overflow probably an over-read...
CVE-2006-2708
CVE-2006-2708 affects Secure Elements Class 5 AVR client (C5 EVM) prior to version 2.8.1. Affected component: EM_GET_CE_PARAMETER and EM_SET_CE_PARAMETER message handling. Root cause: remote attackers can alter the size parameter, causing a buffer over-read/read of process memory. Impact (per sou...