CA Multiple Products Console Server Login Handling Buffer Overflow (CVE-2007-2522)

CA Computer Associates provides a group of products intended for enhancing the security of enterprise as well as individual clients. Main series of these products were formerly known as CA eTrust products. The following is a brief list of major products in this group: CA Anti-Virus for the...

Microsoft Windows privilege escalation

Invalid event handling allows code execution in system context...

Microsoft Windows SafeDisk driver buffer overflow

Buffer overflow in secdrv.sys driver allows code execution in syste, context...

Apple Quicktime code execution

It's possible to execute script in browser's system context...

ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability

ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-045.html December 12, 2006 -- CVE ID: CVE-2006-6335 -- Affected Vendor: Sophos -- Affected Products: All versions of Sophos Anti-Virus v2.40 scanning engine --...

EEYE: McAfee ePolicy Orchestrator Remote Compromise

McAfee ePolicy Orchestrator Remote Compromise Release Date: July 13, 2006 Severity: High Remote Code Execution Vendor: McAfee Systems Affected: McAfee Common Management EPO Agent versions below version 3.5.5.438 Overview: McAfee ePolicy Orchestrator is the remote security management software for...

CVE-2002-0700

This CVE concerns Microsoft Content Management Server (MCMS) 2001, where a buffer overflow in the Profile Service (an MDAC-related function used during user authentication) can allow an attacker to execute code in the Local System context by authenticating to a vulnerable web page. The issue is c...

Norton antivirus privelege escalation

Можно запустить помощь winhlp32.exe в контексте локальной системы...

iPlanet Web Server 4.1 - Search Component File Disclosure

source: https://www.securityfocus.com/bid/5191/info The iPlanet Web Server search engine is prone to a file disclosure vulnerability. It is possible for remote attackers to make requests to the search engine which will cause arbitrary readable files on the host running the vulnerable software to ...

CVE-2001-1514

ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to 1 child processes created with and 2 child processes that call the CreateProcess function and are executed with or end with the CFX extension...

Microsoft Index Server 2.0 Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (2)

Microsoft Index Server 2.0 Indexing Service Windows 2000 - ISAPI Extension Buffer Overflow 2 / source: https://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the...

Microsoft Index Server 2.0 Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (PoC)

Microsoft Index Server 2.0 Indexing Service Windows 2000 - ISAPI Extension Buffer Overflow PoC // source: https://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the...

Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (3)

source: https://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A maliciously crafted request could allow...

Дырка в Windows 2000 (Network DDE Agent privilege elevation)

Network DDE Agent выполняет запросы клинтской программы в контексте локальной системы вместо контекста запрашивающего пользователя...

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver

source: https://www.securityfocus.com/bid/474/info When the computer is idle for the set time period user definable Winlogon.exe starts the screensaver. The screen saver process is selectable by the user. Winlogon.exe uses the CreateProcessAPI call to start the screen saver and immediately suspen...