Lucene search
K

9803 matches found

securityvulns
securityvulns
added 2002/02/27 12:0 a.m.91 views

Multiple PHP Vulnerabilities - Remote Compromise Exploit in Circulation

Internet Security Systems Security Alert February 27, 2002 Multiple PHP Vulnerabilities: Remote Compromise Exploit in Circulation Synopsis: ISS X-Force has learned of multiple buffer overflow vulnerabilities present in the PHP Hypertext Preprocessor scripting language. PHP is a popular server-sid...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/01/05 12:0 a.m.34 views

More reading of local files in MSIE

More reading of local files in MSIE Description There is a security vulnerability in IE 5.5 and 6 probably other versions as well which allows reading and sending of local files. The problem lies in the fact that you are able to access a local file's dom by calling the execScript function on a...

0.1AI score
Exploits0
NVD
NVD
added 2001/12/31 5:0 a.m.15 views

CVE-2001-1513

Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' slash, as demonstrated using ctx...

7.5CVSS6.6AI score0.01532EPSS
Exploits0References3
CERT
CERT
added 2001/12/21 12:0 a.m.20 views

Microsoft Internet Explorer does not properly handle document.open()

Overview Microsoft Internet Explorer contains a vulnerability in which a script from one source is permitted to access files on the client's file system. An attacker may be able to read cookies and other files on a target system, and spoof Internet sites by creating believable window titles...

7.5CVSS7AI score0.1932EPSS
Exploits1References5
securityvulns
securityvulns
added 2001/12/17 12:0 a.m.32 views

MSIE6 can read local files

Description There is a bug in the Microsoft.XMLHTTP component shipped with Internet Explorer 6 which allows reading and sending local files. This component doesn't handle http redirects to local files properly In order for this exploit to work the file name must be known. The exploit doesn't...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2001/11/09 12:0 a.m.45 views

Security Bulletin MS01-055

---------------------------------------------------------------------- Title: Cookie Data in IE Can Be Exposed or Altered Through Script Injection Date: 08 November 2001 Software: Internet Explorer Impact: Exposure and altering of data in cookies Max Risk: High Bulletin: MS01-055 Microsoft...

Exploits0
CVE
CVE
added 2001/09/12 4:0 a.m.68 views

CVE-1999-1375

CVE-1999-1375 concerns FileSystemObject (FSO) used by showfile.asp (ASP); remote attackers can read arbitrary files by specifying the file parameter. Affected: showfile.asp with FSO operations. Root cause and full impact are described as arbitrary file reads in the provided documents. No remediat...

5CVSS7.1AI score0.30548EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.25 views

CVE-1999-1375

FileSystemObject FSO in the showfile.asp Active Server Page ASP allows remote attackers to read arbitrary files by specifying the name in the file parameter...

6.7AI score0.30548EPSS
Exploits1References2
exploitpack
exploitpack
added 2001/07/18 12:0 a.m.48 views

Solaris 2.x7.08 IRIX 6.5.x OpenBSD 2.x NetBSD 1.x Debian 3 HP-UX 10 - TelnetD Remote Buffer Overflow

Solaris 2.x7.08 IRIX 6.5.x OpenBSD 2.x NetBSD 1.x Debian 3 HP-UX 10 - TelnetD Remote Buffer Overflow // source: https://www.securityfocus.com/bid/3064/info A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2001/07/18 12:0 a.m.12371 views

Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/3064/info A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can occur when a combination of telnet protocol options are received by the daemon. The function...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/06/29 12:0 a.m.50 views

Несанкционированный доступ в Active Web Classifieds (unauthorized access)

Ко многим конфигурационным функциям можно обратиться в обход защиты паролем...

2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/06/29 12:0 a.m.24 views

Active Web Classifieds failure to authenticate leads to arbitrary code execution

Active Classifieds Free Edition from Active Web Suite Technologies http://www.activewebsuite.com fails to authenticate administrators, which allows unauthorized modification of configuration files, which in turn, allows remote arbitrary code execution. Tested on: Program: Active Classifieds Free...

0.1AI score
Exploits0
NVD
NVD
added 2001/06/28 4:0 a.m.12 views

CVE-2001-1290

admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the tablewidth parameter...

5CVSS7.7AI score0.06488EPSS
Exploits0References4
exploitpack
exploitpack
added 2001/06/28 12:0 a.m.32 views

Active Classifieds 1.0 - Arbitrary Code Execution

Active Classifieds 1.0 - Arbitrary Code Execution source: https://www.securityfocus.com/bid/2942/info Active Classifieds is a CGI package that provides an online classified advertisement listing and management system. An origin validation error exists in the Free Edition of Active Classifieds tha...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2001/06/28 12:0 a.m.49 views

Active Classifieds 1.0 - Arbitrary Code Execution

source: https://www.securityfocus.com/bid/2942/info Active Classifieds is a CGI package that provides an online classified advertisement listing and management system. An origin validation error exists in the Free Edition of Active Classifieds that may allow remote users to perform some...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/05/24 12:0 a.m.58 views

Security Bulletin MS01-029

---------------------------------------------------------------------- Title: Windows Media Player .ASX Processor Contains Unchecked Buffer Date: 23 May 2001 Software: Windows Media Player 6.4 and 7 Impact: Potentially run code of attacker's choice. Bulletin: MS01-029 Microsoft encourages...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2001/04/21 12:0 a.m.26 views

iexslt.txt

[email protected] Georgi Guninski security advisory 43, 2001 XML scripting in IE, Outlook Express Systems affected: Internet Explorer 5.x - including full patched up to now though Microsoft cannot reproduce the problem on fully patched IE 5.x ,Outlook Express probably Outlook have not tested...

7.4AI score
Exploits0
NVD
NVD
added 2001/04/20 4:0 a.m.24 views

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets XSL that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host WSH...

7.5CVSS6.6AI score0.27292EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2001/04/20 12:0 a.m.34 views

Microsoft Internet Explorer 5.0/5.5 / OE 5.5 - XML Stylesheets Active Scripting

source: https://www.securityfocus.com/bid/2633/info A vulnerability exists in the handling of XML stylesheets in Internet Explorer and Outlook Express. If active scripting is disabled in all security zones, IE and OE will still allow script to run if it is contained in the stylesheet of an XML...

7.4AI score
Exploits0
CERT
CERT
added 2000/12/14 12:0 a.m.13 views

Microsoft Internet Explorer vulnerable to file disclosure via code containing GetObject() function

Overview Internet Explorer may disclose files on your computer if you visit a malicious web site or read a mail message with Active Scripting enabled. Description By design, Microsoft Internet Explorer prevents programs on web sites from reading files on your computer without authorization...

5.9AI score
Exploits0References1
Rows per page
Query Builder