Design/Logic Flaw

Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0 and 4.6.6 allows remote authenticated users to affect confidentiality and integrity via vectors related to HTML Surround...

CVE-2013-1520

CVE-2013-1520 affects Oracle Industry Applications (Oracle Clinical Remote Data Capture Option) 4.6.0 and 4.6.6. The vulnerability is described as unspecified in the Oracle RDC component, enabling remote authenticated users to impact confidentiality and integrity via vectors related to HTML Surro...

CVE-2013-1520

Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0 and 4.6.6 allows remote authenticated users to affect confidentiality and integrity via vectors related to HTML Surround...

HP LaserJet Security flaw allows remote data access

A critical vulnerability discovered in certain LaserJet Pro printers that could give remote attackers access to sensitive data. Homeland Security's Computer Emergency Response Team recently issued a vulnerability note warning that HP LaserJet Professional printers contain a telnet debug shell whi...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

PT-2013-1353 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions 9.0 through 10 Description: The issue is related to the administrator.cfc component in Adobe ColdFusion, which allows remote attackers to bypass authentication and possibly execute arbitrary code. This is achieved by...

GPS based tracking service provided by Samsung vulnerable to thieves

Samsung which is currently believed to the highest Smartphones Seller in the World is now providing a Remote tracking solution in all its smartphones to Track the lost phone with the name "Samsung Dive". The Service is based on the Architecture which primarily acquires precise location of the sma...

DEBIAN-CVE-2012-4540

Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service crash, or possibly execute arbitrary cod...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Clinical/Remote Data Capture component in Oracle Industry Applications 4.6.0 and 4.6.2 allows remote authenticated users to affect confidentiality, related to HTML Surround...

CVE-2012-1763

CVE-2012-1763 affects Oracle Clinical/Remote Data Capture in Oracle Industry Applications 4.6.0 and 4.6.2. The vulnerability, related to HTML Surround, allows remote authenticated users to affect confidentiality (partial impact). CVSS metrics from NVD indicate network access with single authentic...

kernel: recv{from,msg}() on an rds socket can leak kernel memory

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

CVE-2012-1743

Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround...

CVE-2012-1743

Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround...

CVE-2012-1743

CVE-2012-1743 concerns the Oracle Clinical Remote Data Capture Option in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3. The description notes an unspecified vulnerability related to HTML Surround that allows remote authenticated users to affect confidentiality. The connected documents pr...

Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow(ms02-065)

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...

Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065) (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Microsoft IIS MDAC msadcs.dll RD...

MS02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow

This module can be used to execute arbitrary code on IIS servers that expose the /msadc/msadcs.dll Microsoft Data Access Components MDAC Remote Data Service RDS DataFactory service. The service is exploitable even when RDS is configured to deny remote connections handsafe.reg. The service is...

MS99-025 Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution

This module can be used to execute arbitrary commands on IIS servers that expose the /msadc/msadcs.dll Microsoft Data Access Components MDAC Remote Data Service RDS DataFactory service using VbBusObj or AdvancedDataFactory to inject shell commands into Microsoft Access databases MDBs, MSSQL...