Spider Player 2.4.5 - Denial of Service

Spider Player 2.4.5 - Denial of Service Exploit Title : Spider Player Denial of Service Vulnerability Software : Spider Player Software link : http://spider-player.com/spider/files/SpiderPlayer2.4.5Setup.exe Autor : ABDI MOHAMED Email : [email protected] greetz: netown3r , sadhacker ,...

PT-2010-3509 · Microsoft · Iis +7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions SP2 and R2 Microsoft Windows 7 affected versions not specified Description...

PT-2010-4098 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions Gold, SP2, and R2 Microsoft Windows 7 affected versions not specified...

Novell Client Print Provider Buffer Overflow (CVE-2006-6114)

Microsoft Windows operating systems include a Print Spooler service, spoolsv.exe, which is started up with the system on most default installations. The print spooler service exports an Remote Procedure Call RPC interface to the server side of the spooler's Win32 API. A buffer overflow...

Internet Explorer FTP Response Parsing Memory Corruption (MS07-016; CVE-2007-0217)

Microsoft Internet Explorer IE is a web browser application that is included as part of Microsoft Windows operating systems. Microsoft Windows Internet WinINet application programming interface API in Internet Explorer is a component to serve as application interface for Internet protocols, such ...

Cross site scripting

The popen API function in TSRM/tsrmwin32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service crash via a crafted 1 "e" or 2 "er" string in the second argument aka mode, possibly related t...

Solaris 10 (x86) : 124848-04 (deprecated)

Sun Ray Connector for Microsoft Windows Operating Systems 1.1, Pat. Date this patch was last updated by Sun : Nov/26/08 This plugin has been deprecated and either replaced with individual 124848 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security...

PT-2008-5415 · Microsoft · Srv.Sys +2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 Description: A denial of service issue exists due to insufficient validation of buffer sizes in the Server service, allowing...

Guidance EnCase fails to detect more than 25 partitions

Overview Guidance Software's EnCase Forensic can only detect the first 25 partitions on a volume. Description Guidance Software's EnCase Forensic is a tool that allows an investigator to acquire and analyze a disk image. EnCase names partitions either c: through z:, with an additional partition...

Microsoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829)

Microsoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution 938829 Published: August 14, 2007 Version: 1.0 General Information Executive Summary This critical security update resolves a privately reported vulnerability. A remote code execution...

Bypassing PFW/HIPS open process control with uncommon identifier

Hello, We would like to inform you about a vulnerability in personal firewalls and HIPS software. Description: Windows operating systems with NT kernel version 5.0 and higher i.e. Windows 2000, XP, 2003 use integer numbers divisible by four to identify processes. Internal implementation of system...

CVE-2007-0711

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted 3GP video file...

Integer overflow

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted 3GP video file...

Internet Explorer Javaprxy.dll heap overflow

Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...

Microsoft Visual Studio .dbp and .sln buffer overflow

Added: 03/07/2006 CVE: CVE-2006-1043 BID: 16953 OSVDB: 23711 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow vulnerability leads to command execution when a specially crafted Database Project .dbp or...

Microsoft Visual Studio .dbp and .sln buffer overflow

Added: 03/07/2006 CVE: CVE-2006-1043 BID: 16953 OSVDB: 23711 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow vulnerability leads to command execution when a specially crafted Database Project .dbp or...

[NT] Microsoft Internet Explorer Drag-and-Drop Redeux

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Microsoft Active Directory LSASS Buffer Overflow (MS04-011; CVE-2003-0533)

The Local Security Authority Subsystem Service LSASS is used to manage security processes, including local permission and client/server authentication A vulnerability was detected in the LSASS service for several Microsoft Windows operating systems that can allow remote attackers to execute...

CVE-2005-0044

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability."...

EEYE: Windows ANI File Parsing Buffer Overflow

Windows ANI File Parsing Buffer Overflow Systems Affected: Windows Me Windows 2000 Windows XP SP1 and earlier Windows 2003 Overview: eEye Digital Security has discovered a vulnerability in USER32.DLL's handling of Windows animated cursor .ani files that will allow a remote attacker to reliably...