4747 matches found
IMP Content-Type Header XSS
The remote server is running at least one instance of IMP whose version number is between 2.0 and 3.2.3 inclusive. Such versions are vulnerable to a cross-scripting attack whereby an attacker may be able to cause a victim to unknowingly run arbitrary JavaScript code simply by reading a MIME messa...
security flaw
rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service crash via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name...
PT-2002-2420 · Max Krasnyansky · Vtun
Name of the Vulnerable Software and Affected Versions: VTun versions 2.0 through 2.5 Description: The Electronic Code Book ECB mode in VTun uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks. This could allow remote attackers to gain sensitive...
PT-2002-2656 · Pingtel · Pingtel Xpressa
Name of the Vulnerable Software and Affected Versions: Pingtel Xpressa versions 1.2.5 through 2.0.1 Description: The issue allows remote attackers to avoid registering with the SIP registrar by exploiting predictable values in a Session Identification Protocol SIP request, specifically the Call-I...
PT-2001-2378 · Php · Php
Name of the Vulnerable Software and Affected Versions: PHP versions 4.0.5 through 4.1.0 Description: The issue is related to the mail function in PHP, where the 5th parameter is not properly cleansed in safe mode, allowing local users and possibly remote attackers to execute arbitrary commands vi...
Visual Studio 2019 Security Update (16.11.55)
This security update applies to all editions of Visual Studio 2019 between versions 16.0.0 and 16.11.54, and will update client machines to version 16.11.55. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in orde...
Visual Studio 2017 Security Update (15.9.79)
This security update applies to all editions of Visual Studio 2017 between versions 15.0.0 and 15.9.78, and will update client machines to version 15.9.79. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order...