1388 matches found
CVE-2002-0864
CVE-2002-0864 corresponds to a Microsoft RDP flaw affecting Windows XP (RDP 5.1) where a Remote Desktop PDU Confirm Active packet that omits the Pattern BLT can cause a denial of service (crash). OpenVAS entries also describe an information-disclosure risk from RDP 5.0/5.1 due to unencrypted chec...
CVE-2002-0864
The Remote Data Protocol RDP version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service crash when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop."...
CVE-2002-1142
CVE-2002-1142 is a heap-based buffer overflow in the MDAC RDS component caused by an unchecked buffer in the RDS Data Stub when handling malformed HTTP requests. Affected: MDAC versions 2.1–2.6 and Internet Explorer 5.01–6.0. Impact: remote code execution with the privileges of the service (e.g.,...
CVE-2004-0036
SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter...
CVE-2003-1516
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.201 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet...
CVE-2003-0841
The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request...
[SECURITY] [DSA 241-1] New kdeutils packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 241-1 [email protected] http://www.debian.org/security/ Martin Schulze January 24th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 240-1] New kdegames packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 240-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2003 http://www.debian.org/security/faq -...
CVE-2002-2108
Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold from November 2001 to January 2002, allows remote attackers to modify data via a web page or HTML e-mail...
DEBIAN-CVE-2002-1747
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...
ISS Security Brief: Microsoft MDAC Remote Compromise Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief November 21, 2002 Microsoft MDAC Remote Compromise Vulnerability Synopsis: Microsoft has released a security bulletin detailing a vulnerability in Microsoft MDAC technology. MDAC or Microsoft Data Access Components is a...
Microsoft Data Access Components RDS Buffer Overflow Vulnerability
Description Microsoft Data Access Components MDAC contains a buffer overflow in a Remote Data Services RDS component. The server side RDS component affected is called the RDS Data Stub, while the client side is called the Data Space control. Successful exploitation of this vulnerability could all...
CVE-2002-0864
The Remote Data Protocol RDP version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service crash when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop."...
CVE-2002-0863
Remote Data Protocol RDP version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."...
EUVD-2002-0855
Remote Data Protocol RDP version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."...
CVE-2002-0863
Remote Data Protocol RDP version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."...
Security Bulletin MS02-007
---------------------------------------------------------------------- Title: SQL Server Remote Data Source Function Contain Unchecked Buffers Date: 20 February 2002 Software: Microsoft SQL Server Impact: Run code of attacker's choice on server Max Risk: Moderate Bulletin: MS02-007 Microsoft...
CVE-2001-0014
Remote Data Protocol RDP in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability...
CVE-2001-0014
CVE-2001-0014 affects Windows 2000 Terminal Services (Remote Data Protocol). The vulnerability arises from improper handling of certain malformed RDP packets, allowing remote attackers to cause a denial of service. The provided documents identify the affected component and DoS impact but do not s...
Security Bulletin MS01-006
---------------------------------------------------------------------- Title: Patch Available for "Invalid RDP Data" Vulnerability Date: 31 January 2001 Software: Windows 2000 Terminal Services Impact: Denial of Service Bulletin: MS01-006 KB Article: Q286132 Available Soon Microsoft encourages...