350 matches found
Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0283)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Web Client Plug-in error: “invalid Single Sign-On token”
Challenge When a new user of the vSphere web client attempts to access the Veeam Web Client Plug-in, they encounter the following error: Server error: Failed to login to Veeam Backup Enterprise Manager. Login failed due to invalid Single Sign-On token Cause To successfully obtain statistics from...
ClamAV UPX File PE parsing Memory Access Error (CVE-2013-2020)
A memory access error vulnerability exists in ClamAV antivirus software. The vulnerability is due to an errors in "pe.c" while parsing UPX-packed executable files. Remote attackers could exploit the vulnerability to cause a denial of service condition. Successful exploitation would lead to...
ClamAV Encrypted PDF File Handling Memory Access Error (CVE-2013-2021)
A memory access error has been reported in ClamAV antivirus...
Internet Explorer Initialization Error Use-after-free (MS13-037; CVE-2013-1307)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Oracle Java Web Start ActiveX Control launchApp Memory Access Error (CVE-2013-2416)
A code execution vulnerability exists in Oracle Java Web Start. The vulnerability is due to memory corruption in javaws.exe, a helper application executed from the launchApp method of the JWS ActiveX control. An attacker can exploit this vulnerability by enticing the target user to open a special...
Internet Explorer CHTML Use After Free (MS13-009; CVE-2013-0029)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Google Chrome < 24.0.1312.52 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 24.0.1312.52 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to SVG layout, DOM handling, video seeking, PDF fields and printing. CVE-2012-5145, CVE-2012-5147,...
libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service application crash via a...
Information disclosure
FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdfbridge.php and certain other files...
Microsoft Host Integration Server snabase.exe Memory Access Error
A denial of service DoS vulnerability has been reported in Microsoft Host Integration Server HIS. HIS is a gateway application that provides host access and integration, extending Microsoft Windows to other systems by integrating mission-critical host applications, data sources, messaging and...
Cisco IOS Secure Shell Denial of Service Vulnerabilities - Cisco Systems
The Secure Shell server SSH implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device. The IOS SSH server is an optional service that is disabled by default, but its...
TCPDUMP ISAKMP Payload Handling DoS (CVE-2004-0183)
Tcpdump parses and displays, and optionally records packets received on a network interface matching a user provided filter. Two vulnerabilities exist in the Tcpdump ISAKMP payload handling module, which can be exploited to cause a DoS Denial of Service by sending packets with specially crafted...
DEBIAN-CVE-2008-1389
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...
Fetchmail Verbose模式超大日志消息远程拒绝服务漏洞
BUGTRAQ ID: 29705 CVECAN ID: CVE-2008-2711 Fetchmail是免费的软件包,可以从远程POP2、POP3、IMAP、ETRN或ODMR服务器检索邮件并将其转发给本地SMTP、LMTP服务器或消息传送代理。 Fetchmail在处理消息时存在内存访问错误,以-v -v verbose级别运行的fetchmail在试图打印超过2048字节的头时会重新调整缓冲区大小并填充消息的多出部分,但没有重新初始化其 valist类型的源指针,因此可能会在栈上的无效地址读取数据,导致出现分段错误而崩溃。 fetchmail 6.3.9 临时解决方法:...
Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service Vulnerabilities Advisory ID: cisco-sa-20080521-ssh http://www.cisco.com/warp/public/707/cisco-sa-20080521-ssh.shtml Revision 1.0 For Public Release 2008 May 21 1600 UTC GMT...
Moderate: Red Hat Security Advisory: conga security, bug fix, and enhancement update
Updated conga packages that correct a security flaw and provide bug fixes and add enhancements are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Conga package is a web-based administration tool for remote cluster and storag...
CVE-2004-1001
Unknown vulnerability in the passwdcheck function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pamchauthtok function call is not properly handled...
PT-2004-2106 · Ethereal +1 · Ethereal +1
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.10.1 through 0.10.7 Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending a certain packet that causes the HTTP dissector to access...
Debian DSA-498-1 : libpng - out of bound access
Steve Grubb discovered a problem in the Portable Network Graphics library libpng which is utilised in several applications. When processing a broken PNG image, the error handling routine will access memory that is out of bounds when creating an error message. Depending on machine architecture,...