350 matches found
Microsoft Excel SERIES Record Parsing Code Execution (MS12-030) - Ver2 (CVE-2012-1847)
A remote code execution vulnerability has been reported in Microsoft Excel. The vulnerability is due to an error in the way Microsoft Excel handles memory when opening specially crafted Excel files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted Exc...
Oracle Internet Directory Pre-Authentication LDAP Denial of Service (CVE-2008-2595)
There exists a denial of service vulnerability in the Oracle Internet Directory. The vulnerability is due to a NULL pointer dereference error when processing LDAP requests. Remote unauthenticated attackers could exploit this vulnerability by sending a crafted LDAP request to create a denial of...
Oracle Java FileDialog.Show Heap Buffer Overflow - Ver2 (CVE-2011-0802)
A remote code execution vulnerability has been reported in Oracle Java Runtime Environment.The vulnerability is due to insufficient validation of the selected file's default values size. A remote attacker could exploit this vulnerability by enticing an unsuspecting user to open a web page...
Microsoft Internet Explorer Memory Corruption (MS14-010; CVE-2014-0279)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user t...
Microsoft Internet Explorer Memory Corruption (MS14-010; CVE-2014-0281)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user t...
Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0275)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0277)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0271)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0276)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Memory Corruption (MS14-010; CVE-2014-0278)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user t...
HP Intelligent Management Center BIMS bimsDownload Information Disclosure (CVE-2013-4823)
An information disclosure vulnerability has been reported in the BIMS add-in module of HP Intelligent Management Center.The vulnerability is due to lack of authentication and insufficient input validation in the bimsDownload servlet when processing HTTP request parameters. Remote attackers can...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3187)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3188)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3184)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
SAP Management Console OSExecute Payload Execution
This module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password for the SAP Management Console must be provided. This module has been tested successfully on both Windows and Linux platforms running SAP Netweaver. In order to exploit a Lin...
iSCSI target Multiple Implementations iSNS Stack Buffer Overflow - High Confidence (CVE-2010-2221)
A stack buffer overflow vulnerability has been reported in iscsitarget, an open implementation of iSCSI Enterprise Target. The vulnerability is caused by missing boundary checks when handling SCN messages. Remote attacker can exploit this vulnerability by sending a malicious message to an iSCSI...
PHP apache_request_headers Function Buffer Overflow (CVE-2012-2329)
A buffer overflow was reported in the apacherequestheaders function in PHP. The vulnerability is due to the insecure handling of the HTTP headers. An attacker can exploit this issue by sending a specially crafted HTTP request to the target server. Successful exploitation may allow the attacker to...
Adobe Reader PDF File DLL Injection Remote Code Execution (APSA13-02; CVE-2013-0640)
A remote code execution vulnerability has been reported in Adobe Reader. The vulnerability is due to a dll injection while handling malformed PDF files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted PDF file. Successful exploitation would allow an...
Sourcefire Snort rule20275eval Buffer Overflow
A buffer overflow vulnerability has been reported in a pre-compiled Snort rule distributed by Sourcefire. The vulnerability is due to a stack buffer overflow in rule 3:20275.A remote attacker can exploit this issue by sending a malicious response packet containing a overly long message to the...
General Electric D20 Password Recovery
A data leakage vulnerability has been reported in General Electric D20ME. The vulnerability is due to improper security restrictions. A remote attacker can exploit this issue by sending a specially crafted TFTP requests to the target. Successful exploitation would allow an attacker to steal...