Lucene search
K

673 matches found

Prion
Prion
added 2009/08/12 5:30 p.m.23 views

Heap overflow

Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration ISA Server 200...

9.3CVSS8.6AI score0.29462EPSS
Exploits4References4Affected Software5
Cvelist
Cvelist
added 2009/07/15 3:0 p.m.22 views

CVE-2009-1135

Microsoft Internet Security and Acceleration ISA Server 2006 Gold and SP1, when Radius OTP is enabled, uses the HTTP-Basic authentication method, which allows remote attackers to gain the privileges of an arbitrary account, and access published web pages, via vectors involving attempted access to...

7AI score0.26454EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2009/07/15 12:0 a.m.21 views

Microsoft ISA Server Privilege Escalation Vulnerability (970953)

This host is missing a critical security update according to Microsoft Bulletin MS09-031. OpenVAS Vulnerability Test $Id: secpodms09-031.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft ISA Server Privilege Escalation Vulnerability 970953 Authors: Nikita MR Copyright Copyright c 2009 SecPod,...

9CVSS0.8AI score0.26454EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/07/15 12:0 a.m.23 views

Microsoft ISA Server Privilege Escalation Vulnerability (970953)

This host is missing a critical security update according to Microsoft Bulletin MS09-031. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9CVSS5AI score0.26454EPSS
Exploits1References2
Symantec
Symantec
added 2009/07/13 12:0 a.m.29 views

Microsoft Office Web Components ActiveX Control 'msDataSourceObject()' Code Execution Vulnerability

Description Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit...

Exploits0References4Affected Software3
OpenVAS
OpenVAS
added 2009/04/23 12:0 a.m.35 views

Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability (961759)

This host is missing a critical security update according to Microsoft Bulletin MS09-016. OpenVAS Vulnerability Test $Id: secpodms09-016.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability 961759 Authors: Chandan S Copyright c 2009...

5CVSS6.3AI score0.78496EPSS
Exploits2References1
Prion
Prion
added 2009/04/15 8:0 a.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition TMG MBE; and Internet Security and Acceleration ISA Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote...

4.3CVSS5.8AI score0.22849EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2009/04/15 8:0 a.m.32 views

CVE-2009-0077

The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition TMG MBE; and Internet Security and Acceleration ISA Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote...

5CVSS6.4AI score0.78496EPSS
Exploits1References7
CVE
CVE
added 2009/04/15 3:49 a.m.80 views

CVE-2009-0237

CVE-2009-0237 is a non-persistent cross-site scripting (XSS) vulnerability in the HTML forms authentication component cookieauth.dll used by ISA Server and Forefront TMG MBE and affected 2006/2006 SP1, as described in the MS09-016 bulletin. The root cause is improper input validation of HTTP form...

4.3CVSS5.6AI score0.22849EPSS
Exploits1References7Affected Software2
NVD
NVD
added 2008/08/01 2:41 p.m.22 views

CVE-2008-3439

SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.4AI score0.0184EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.20 views

CVE-2008-3439

SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.4AI score0.0184EPSS
Exploits0References3
CVE
CVE
added 2008/08/01 2:0 p.m.38 views

CVE-2008-3439

CVE-2008-3439 affects SpeedBit Video Acceleration prior to 2.2.1.8. The vulnerability arises from improper verification of update authenticity, enabling a man‑in‑the‑middle to run arbitrary code via a Trojan‑horse update. Demonstrations linked to evilgrade and DNS cache poisoning illustrate the i...

7.5CVSS7.5AI score0.0184EPSS
Exploits0References3Affected Software1
Fedora
Fedora
added 2008/01/19 12:0 a.m.37 views

[SECURITY] Fedora 7 Update: cairo-1.4.14-1.fc7

Cairo is a vector graphics library designed to provide high-quality display and print output. Currently supported output targets include the X Window System, OpenGL via glitz, in-memory image buffers, and image files PDF, PostScript, and SVG. Cairo is designed to produce identical output on all...

6.8CVSS0.6AI score0.05486EPSS
Exploits0
Cvelist
Cvelist
added 2006/10/18 10:0 a.m.26 views

CVE-2006-5379

The accelerated rendering functionality of NVIDIA Binary Graphics Driver binary blob driver For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite...

7.1AI score0.26046EPSS
Exploits1References22
securityvulns
securityvulns
added 2006/07/11 12:0 a.m.33 views

Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability

Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability July 10, 2006 Product Overview: The Juniper Networks Redline DX application acceleration platform delivers a complete data center acceleration solution for web-enabled and IP-based business applications. Vulnerability...

1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2005/07/14 4:0 a.m.8 views

CVE-2001-1533

Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the server does not experience any instability...

5.2AI score0.18012EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/06/08 4:0 a.m.18 views

CVE-2005-1907

The ISA Firewall service in Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to cause a denial of service Wspsrv.exe crash via a large amount of SecureNAT network traffic...

6.5AI score0.19314EPSS
Exploits0References6
NVD
NVD
added 2005/05/31 4:0 a.m.14 views

CVE-2005-1907

The ISA Firewall service in Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to cause a denial of service Wspsrv.exe crash via a large amount of SecureNAT network traffic...

5CVSS6.5AI score0.19314EPSS
Exploits0References6
securityvulns
securityvulns
added 2004/06/11 12:0 a.m.40 views

ISA Server 2000 Service Pack 2 Release Notes

ISA Server 2000 Service Pack 2 Release Notes SUMMARY Microsoft Internet Security and Acceleration ISA Server 2000 Service Pack 2 SP2 includes all the hotfixes and security bulletins that are released for ISA Server 2000, including all the hotfixes and security bulletins that were released as part...

0.6AI score
Exploits0
CVE
CVE
added 2004/01/15 5:0 a.m.77 views

CVE-2003-0819

CVE-2003-0819 is a buffer-overflow vulnerability in the H.323 filter of Microsoft ISA Server 2000 that could allow remote code execution in the Microsoft Firewall Service via crafted H.323 traffic. OpenVAS entries corroborate a remote-code-execution risk; affected product is ISA Server 2000 (Gold...

10CVSS7.7AI score0.40866EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder