Lucene search
K

1569 matches found

Ubuntu
Ubuntu
added 2011/02/11 1:27 a.m.75 views

USN-1061-1: iTALC vulnerability

Stéphane Graber discovered that the iTALC private keys shipped with the Edubuntu Live DVD were not correctly regenerated once Edubuntu was installed. If an iTALC client was installed with the vulnerable keys, a remote attacker could gain control of the system. Only systems using keys from the...

9.3CVSS5.3AI score0.0293EPSS
Exploits0
securityvulns
securityvulns
added 2011/02/11 12:0 a.m.79 views

Security updates available for Adobe Reader and Acrobat

Security updates available for Adobe Reader and Acrobat Release date: February 8, 2011 Vulnerability identifier: APSB11-03 CVE Numbers: CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0564, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0568, CVE-2011-0570, CVE-2011-0585,...

9.3CVSS1.3AI score0.4954EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2010/12/14 12:0 a.m.2 views

Microsoft OpenType Font Format Driver Double Free Code Execution (MS10-091; CVE-2010-3957)

OpenType is a font format developed jointly by Microsoft and Adobe as an extension of Apple's TrueType font format. A remote code execution vulnerability has been reported in the way Microsoft Windows OpenType Font OTF format driver improperly parses specially crafted OpenType fonts. A remote...

6.9CVSS7.3AI score0.0183EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/12/14 12:0 a.m.13 views

Microsoft Graphics Filters TIFF Image Converter Heap Overflow (MS10-105; CVE-2010-3947)

Tagged Image File Format TIFF is a container format for storing images, including photographs and line art. A remote code execution vulnerability has been discovered in the way that Microsoft Office parses specially crafted TIFF image files. The vulnerability is due to an error in Microsoft Offic...

9.3CVSS7.1AI score0.29343EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/12/14 12:0 a.m.10 views

Microsoft Graphics Filters TIFF Image Converter Buffer Overflow (MS10-105; CVE-2010-3949; CVE-2010-3950)

Tagged Image File Format TIFF is a container format for storing images, including photographs and line art. A buffer overflow vulnerability has been discovered in the way that Microsoft Office parses specially crafted TIFF image files. The vulnerability is due to an error in Microsoft Office TIFF...

9.3CVSS6.6AI score0.25106EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2010/12/14 12:0 a.m.5 views

Microsoft Graphics Filters PICT Image Converter Integer Overflow (MS10-105; CVE-2010-3946)

PICT is a graphics file format that allows the interchange of graphics both bitmapped and vector, and some limited text support, between Mac applications. A remote code execution vulnerability has been discovered in the way that Microsoft Office allocates buffer size when handling PICT image file...

9.3CVSS7.2AI score0.21603EPSS
Exploits0
Metasploit
Metasploit
added 2010/12/10 5:47 a.m.39 views

Cisco IOS HTTP Unauthorized Administrative Access

This module exploits a vulnerability in the Cisco IOS HTTP Server. By sending a GET request for "/level/num/exec/..", where num is between 16 and 99, it is possible to bypass authentication and obtain full system control. IOS 11.3 - 12.2 are reportedly vulnerable. This module tested successfully...

9.3CVSS7.2AI score0.6845EPSS
Exploits8
seebug.org
seebug.org
added 2010/12/09 12:0 a.m.32 views

ProFTPD受控制源软件包后门安全漏洞

ProFTPD是一款开放源代码FTP服务程序。 ProFTPD的特定时期版本被插入了后门代码,远程攻击者可利用这些后门非授权获取对FTP服务器的访问,从而控制系统。 此问题影响项目的主FTP服务器和所有镜像服务器发布的被攻击的ProFTPD 1.3.3c源代码包,此代码包中包含允许远程root权限访问的后门。2010年11月28日至12月2日期间下载的源代码受此问题影响。 ProFTPD Project ProFTPD 1.3.x 厂商补丁: ProFTPD Project --------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/11/17 12:0 a.m.55 views

Microsoft Word RTF文件解析栈溢出漏洞(MS10-087)

BUGTRAQ ID: 44652 CVE ID: CVE-2010-3333 Word是微软Office套件中的文字处理工具。 在处理RTF文档中的特定控制字时Word未经执行长度检查便将其属性字符串拷贝到了栈缓冲区中,这可能触发栈溢出。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Office XP SP3 Microsoft Office for Mac 2011 Microsoft Office 2010 Microsoft Office 2008 for Mac Microsoft Office 2007 SP2 Microsoft Office 200...

9.3CVSS1.2AI score0.89497EPSS
Exploits14
Check Point Advisories
Check Point Advisories
added 2010/10/12 12:0 a.m.10 views

Microsoft OpenType Font Parsing Elevation of Privilege (MS10-078; CVE-2010-2740)

OpenType is a font format developed jointly by Microsoft and Adobe as an extension of Apple's TrueType font format. An OpenType font file contains data, in table format, that comprises either a TrueType or a PostScript outline font. An elevation of privilege vulnerability has been reported in the...

7.2CVSS6.2AI score0.01807EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2010/10/12 12:0 a.m.6 views

Microsoft Browser Embedded Media Player Memory Corruption (MS10-082; CVE-2010-2745)

Windows Media Player is a feature of the Windows operating system for personal computers. It is used for playing audio and video. A remote code execution vulnerability has been reported in Windows Media Player. The vulnerability is due to an error in the Windows Media Player that improperly...

9.3CVSS7.1AI score0.24248EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2010/10/12 12:0 a.m.4 views

Microsoft Internet Explorer MSHTML Uninitialized Memory Corruption (MS10-071; CVE-2010-3331)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted when a document in an HTML format is opened in Microsoft Word. To trigger this issue, ...

9.3CVSS7AI score0.25422EPSS
Exploits1
FreeBSD
FreeBSD
added 2010/09/28 12:0 a.m.37 views

linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports: Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654...

9.3CVSS9.7AI score0.69679EPSS
Exploits18References2
Check Point Advisories
Check Point Advisories
added 2010/09/14 12:0 a.m.10 views

Microsoft Outlook RTF Email Parsing Heap Based Buffer Overflow (MS10-064; CVE-2010-2728)

Microsoft Outlook is an e-mail application and a personal information manager. A remote code execution vulnerability has been reported in the way that Microsoft Outlook parses content in a specially crafted e-mail message. The vulnerability is due to an error in Microsoft Outlook that fails to...

9.3CVSS7AI score0.17253EPSS
Exploits0
ThreatPost
ThreatPost
added 2010/09/13 10:20 p.m.28 views

Adobe Warns of Flash Player Zero-Day Attack

The zero-day hacker attacks against Adobe’s software products are coming fast and furious. Less than a week after the discovery of a sophisticated malware attack against an unpatched security hole in Adobe Reader/Acrobat, the company has issued a new warning for in-the-wild attacks against a...

9.3CVSS3.5AI score0.15621EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2010/08/10 12:0 a.m.7 views

Microsoft Word sprmCMajority Record Parsing Remote Code Execution (MS10-056; CVE-2010-1900)

A remote code execution vulnerability exists in the way that Microsoft Office Word handles malformed records inside of a specially crafted Word file. Exploitation of this vulnerability requires that a user open a specially crafted Word file with an affected version of Microsoft Office Word. An...

9.3CVSS6.9AI score0.39813EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2010/05/26 12:0 a.m.11 views

Update Protection against Adobe Shockwave Player DIR Files PAMI Chunk Code Execution Vulnerability (APSB10-12)

A remote code execution vulnerability has been identified in Adobe Shockwave Player. Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. An attacker can exploi...

9.3CVSS8.7AI score0.06369EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/04/30 12:0 a.m.170 views

CGI Generic XML Injection

By sending specially crafted parameters to one or more CGI scripts hosted on the remote web server, Nessus was able to get a very different response, which suggests that it may have been able to modify the behavior of the application and directly access a SOAP back-end. An attacker may be able to...

5.7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/04/14 12:0 a.m.27 views

Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)

This host is missing a critical security update according to Microsoft Bulletin MS10-026. OpenVAS Vulnerability Test $Id: secpodms10-026.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability 977816 Authors: Madhuri D Updated By: Madhuri D on...

9.3CVSS0.6AI score0.67888EPSS
Exploits13References2
CERT
CERT
added 2010/03/05 12:0 a.m.47 views

Energizer DUO USB battery charger software allows unauthorized remote system access

Overview The software available for the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. Description Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been...

9.3CVSS6.5AI score0.27429EPSS
Exploits6References5
Rows per page
Query Builder