Session fixation

lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service stack memory exhaustion and broker crash via a large persistent message...

CVE-2010-3701

CVE-2010-3701 affects Red Hat Enterprise MRG Messaging broker (qpidd) prior to version 1.2.2. The flaw is in lib/MessageStoreImpl.cpp where handling a very large persistent message by a remote authenticated user can exhaust stack memory, leading to a broker crash (DoS). Exploitation details: remo...

CVE-2010-3701

lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service stack memory exhaustion and broker crash via a large persistent message...

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Messaging security and bug fix update 1.2.2

Updated Red Hat Enterprise MRG Messaging packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

MRG: remote authenticated DoS in broker

lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service stack memory exhaustion and broker crash via a large persistent message...

MRG: remote authenticated DoS in broker

lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service stack memory exhaustion and broker crash via a large persistent message...

Design/Logic Flaw

The cxgbextensionioctl function in drivers/net/cxgb3/cxgb3main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIOGETQSETNUM ioctl call...

CVE-2010-3078

The xfsiocfsgetxattr function in fs/xfs/linux-2.6/xfsioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call...

Memory corruption

The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a parameter value with a crafted length, relate...

CVE-2010-3106

The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a parameter value with a crafted length, relate...

CVE-2010-3106

CVE-2010-3106 affects the ienipp.ocx ActiveX control in the browser plugin of Novell iPrint Client prior to version 5.42. The vulnerability arises from improper validation of the debug parameter, allowing a crafted length to trigger a stack memory corruption that can lead to remote code execution...

Wireshark / Ethereal < 1.0.15 / 1.2.10 Multiple Vulnerabilities

The installed version of Wireshark or Ethereal is potentially affected by multiple vulnerabilities. - The SigComp Universal Decompressor Virtual Machine could potentially overflow a buffer. Bug 4867 - The ANS.1 BER dissector could potentially exhaust the stack memory. Bug 4984 - The GSM A RR...

Internet Explorer Script Engine Stack Exhaustion (CVE-2006-0753)

A stack exhaustion vulnerability exists in the Microsoft Internet Explorer Script Engine. The flaw is caused by certain types of recursive function calls in Javascript code. An attacker can exploit this vulnerability to cause a denial of service condition of the vulnerable application. In an atta...

Microsoft Visual Basic Remote Code Execution Vulnerability (978213)

This host is missing a critical security update according to Microsoft Bulletin MS10-031. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Visual Basic Remote Code Execution Vulnerability (978213)

This host is missing a critical security update according to Microsoft Bulletin MS10-031. OpenVAS Vulnerability Test $Id: secpodms10-031.nasl 6413 2017-06-23 09:16:58Z cfischer $ Microsoft Visual Basic Remote Code Execution Vulnerability 978213 Authors: Antu Sanadi Copyright: Copyright c 2010...

CVE-2010-0815

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications VBA, and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via ...

Microsoft Visual Basic VBE6.DLL Stack Memory Corruption (MS10-031; CVE-2010-0815)

Microsoft Visual Basic VBA is a technology for developing client desktop packaged applications and integrating them with existing data and systems. Microsoft Office products include VBA and make use of VBA to perform certain functions. A remote code execution vulnerability has been reported in th...

MS10-031: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213)

A stack memory corruption vulnerability exists in the way that the installed version of Visual Basic for Applications VBA searches for ActiveX controls embedded in documents. If an attacker can trick a user on the affected system into opening a specially crafted document that supports VBA, this...

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

This host is missing a critical security update according to Microsoft Bulletin MS09-061. OpenVAS Vulnerability Test $Id: secpodms09-061.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability 974378 Authors: Nikita MR Updated By: Madhuri D ...

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

This host is missing a critical security update according to Microsoft Bulletin MS09-061. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...