IBM Rational AppScan 8.x/7.x 多个安全漏洞

CVE ID:...

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system...

McAfee WebShield UI Authentication Bypass (SB10026)

The version of the McAfee WebShield UI hosted on the remote web server is affected by an authentication bypass vulnerability. It is possible to get a valid session ID as the administrative user by making a specially crafted request to /cgi-bin/localadmin. A remote, unauthenticated attacker can...

Adobe Releases Security Bulletins for Multiple Products

Adobe has released security bulletins to alert users of critical vulnerabilities in multiple products. The following products are affected: Adobe Illustrator CS 5.5 and earlier versions for Windows and Macintosh Adobe Photoshop CS 5.5 and earlier versions for Windows and Macintosh Adobe Flash...

Cisco Linksys PTZ Internet Video Camera PlayerPT ActiveX Overflow

Added: 04/19/2012 BID: 52673 OSVDB: 80297 Background The Cisco WVC200 Wireless-G PTZ Internet Video Camera sends live video through the Internet to a web browser anywhere in the world. Viewers can access the video stream through an HTTP service, which requires an ActiveX client to be installed in...

Cisco Linksys PTZ Internet Video Camera PlayerPT ActiveX Overflow

Added: 04/19/2012 BID: 52673 OSVDB: 80297 Background The Cisco WVC200 Wireless-G PTZ Internet Video Camera sends live video through the Internet to a web browser anywhere in the world. Viewers can access the video stream through an HTTP service, which requires an ActiveX client to be installed in...

linux-flashplugin -- multiple vulnerabilities

Adobe reports: Multiple Priority 2 vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system...

Security update available for Adobe Flash Player

Security update available for Adobe Flash Player Release date: March 5, 2012 Vulnerability identifier: APSB12-05 Priority: 2 CVE number: CVE-2012-0768, CVE-2012-0769 Platform: All Platforms SUMMARY These priority 2 updates address critical vulnerabilities in Adobe Flash Player 11.1.102.62 and...

Microsoft Remote Desktop Protocol (RDP) insecurely deallocates memory

Overview The Microsoft Remote Desktop Protocol RDP service contains a double-free vulnerability that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Remote Desktop Protocol RDP provides a remote graphical interface to...

Adobe Issues Emergency Fix For Flash Player Vulnerabilities

Adobe on Monday issued two emergency fixes for critical security vulnerabilities in its Flash Player product. The vulnerabilities, if left unpatched, could allow an attacker to take control of a system running a vulnerable version of Flash Player. Adobe on Monday issued two emergency fixes for...

flash-player to 11.1.102.62 (critical)

flash-player was updated to the security update to 11.1.102.62. It fixes lots of security issues, some already exploited in the wild. Details can be found on: https://www.adobe.com/support/security/bulletins/apsb12-03.h tml These vulnerabilities could cause a crash and potentially allow an attack...

Adobe Releases Security Advisory for Adobe Flash Player

Adobe has released a security advisory to alert users of vulnerabilities affecting the following software: Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux, and Solaris operating systems Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x Adobe Fla...

http://www.adobe.com/support/security/bulletins/apsb12-03.html

Security update available for Adobe Flash Player Release date: February 15, 2012 Vulnerability identifier: APSB12-03 CVE number: CVE-2012-0751, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756, CVE-2012-0767 Platform: All Platforms SUMMARY This update addresses critical...

Microsoft Word Access Violation Code Execution (MS11-099; CVE-2011-1983)

A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is due to an error in the way Microsoft Word handles objects in memory. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted Word file with an affected version...

Critical Zero-day Vulnerability in Adobe Reader

Critical Zero-day Vulnerability in Adobe Reader Researchers at the Lockheed Martin Computer Incident Response Team CRT and members of the Defense Security Information Exchange informed Adobe that their products were being exploited by hackers. The exploit affects all versions of Adobe Reader and...

Microsoft .Net and Silverlight Framework Remote Code Execution (MS11-078; CVE-2011-1253)

A remote code execution vulnerability has been reported in Microsoft .NET Framework and Silverlight framework. The vulnerability is due to the way that .NET Framework and Silverlight framework restrict inheritance within classes. A remote attacker may exploit this vulnerability by enticing...

EnjoySAP SAP GUI ActiveX Control Buffer Overflow (CVE-2007-3605)

A file execution vulnerability has been reported in EnjoySAP SAP GUI. The vulnerability is due to a boundary error in EnjoySAP while handling a certain method. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a malicious link. Successful exploitation of th...

GOM Player ActiveX Control Buffer Overflow (CVE-2007-5779)

A remote code execution vulnerability has been reported in GOM player. The vulnerability is due to a boundary error in GOM while handling a certain method. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a specially crafted HTML page. Successful...

ESTsoft ALZip MIM File Buffer Overflow (CVE-2011-1336)

A remote code execution vulnerability has been reported in ESTsoft's ALZip. The vulnerability is due to an error while parsing MIME files. A remote attacker may exploit this vulnerability by sending a specially crafted .mim file to an affected user. Successful exploitation of this vulnerability...

Microsoft Excel Out of Bounds Array Indexing Code Execution (MS11-072; CVE-2011-1987)

A remote code execution vulnerability has been reported in Microsoft Office Excel. An attacker could exploit this vulnerability to execute arbitrary code in an affected system. The vulnerability is due to an error in the way the application handles specially crafted Excel files. A remote attacker...