900 matches found
Cisco ICM Setup Manager Agent.exe HandleUpgradeAll Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When processing the...
Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the...
Cisco ICM Setup Manager Agent.exe AgentUpgrade Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the...
IBM Informix Dynamic Server oninit.exe EXPLAIN Remote Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is required in that an attacker must have valid credentials to connect to the database. The specific flaw exists within the oninit.exe process bound by default ...
SAP BusinessObjects Crystal Reports Server CMS.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CMS.exe process which listens by default on several TCP ports above 1024. When...
SAP Crystal Reports JobServer GIOP Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JobServer.exe process which listens by default on several TCP ports above 1024...
IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed e-mail. The process...
Oracle Secure Backup observiced.exe Buffer Overflow (CVE-2010-0072)
Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The server allowsfor single point of management of data present on network attached storage NAS devices and distributed hostswhich may have different operating systems. A stack buffer overflow vulnerability...
Novell iManager eDirectory Plugin Schema Buffer Overflow (CVE-2009-4486)
A stack buffer overflow vulnerability exists in the Novell iManager eDirectory plugin. The vulnerability is due to improper validation of user input by a sub-application. A remote, authenticated attacker can exploit this vulnerability by sending specially crafted parameters to the application...
Ipswitch IMail Server Mailing List Message Subject Buffer Overflow
The Ipswitch IMail Server is a mail server product geared towards medium to large size organizations. It contains implementations of POP3, IMAP4, and SMTP servers. The SMTP server module is installed and started in a default installation. A buffer overflow vulnerability has been reported in...
Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Teaming. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Tomcat server installed by default with Teaming. The server exposes an AJAX request...
IBM SolidDB 'solid.exe' Handshake Remote Code Execution Vulnerability
IBM SolidDB is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM user privileges. Failed exploit attempts will result in a denial-of- service condition. The vulnerability is reported in version 6.5 FP1 6.5.0.1. Prior versions...
Ipswitch Imail Server List Mailer Reply-To Address Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IPSwitch IMail List Mailer. Authentication is not required to exploit this vulnerability. The specific flaw exists within imailsrv.exe which is invoked to handle messages sent to the imailsrv. When...
IBM SolidDB solid.exe Handshake Request Username Field Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the solid.exe process which listens by default on TCP port 1315. The code responsible for...
Microsoft Windows DNS Client Buffer Overrun (CVE-2006-3441)
There exists a buffer overflow vulnerability in the DNS client component of Microsoft Windows. The flaw is caused by the improper processing of crafted DNS messages. A remote attacker may leverage this vulnerability by sending crafted DNS responses to the affected service, resulting in the possib...
RealVNC VNC Server ClientCutText Message Memory Corruption
A memory corruption vulnerability has been reported in RealVNC VNC Server. The vulnerability is due to insufficient boundary checks by RealVNC when handling certain messages sent from RealVNC clients. A remote attackerscould exploit this issue by sending a crafted VNC command ot a target server...
HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted...
CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: TANDBERG Video Communication Server Arbitrary File Retrieval Release Date:...
SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP MaxDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serv.exe process which listens by default on TCP port 7210. The process trusts a value...
Lenovo Hotkey Driver <= v5.33 Privilege Escalation
No description provided by source. Author: Chilik Tamir - Amdocs Power Security Testing Group Website: http://invalid-packet.blogspot.com/2010/03/full-disclosure-security-vulnerability.html Subject: Security vulnerability Privilege escalation in Lenovo Hotkey Driver and Access Connections version...