CVE-2009-0217

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

CVE-2009-1976

Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...

CVE-2009-0217

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

CVE-2009-1976

Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...

CVE-2009-0217

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

CVE-2009-1976

CVE-2009-1976 is an Oracle Application Server HTTP Server vulnerability. The connected CPU advisory (July 2009) fixes multiple vulnerabilities, including CVE-2009-1976, in Oracle Application Server 10g Release 2 (10.1.2.x) with affected build 10.1.2.3.0. The CVSS base score shown in the risk matr...

CVE-2009-0217

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

Oracle将发布2009 7月重要补丁更新修复多个安全漏洞

Bugraq ID: 35618 Oracle Database是一款商业性质大型数据库系统。 racle发布了2009年7月的紧急补丁更新公告，补丁修复了跨越100多个Oracle产品中33个安全漏洞，受影响的软件包括如下： Oracle Database Oracle Application Server Oracle Identity Management Oracle E-Business Suite Release Oracle Enterprise Manager Database Control Oracle Enterprise Manager Grid Control...

CVE-2009-0904

The CVE-2009-0904 issue affects IBM WebSphere Application Server 6.1 before 6.1.0.25, specifically the Stax XMLStreamWriter in the Web Services component. The root cause is improper XML encoding handling, which can allow remote attackers to bypass access controls and potentially modify data via X...

CVE-2009-0903

IBM WebSphere Application Server WAS 7.0 before 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 before 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Action, which allows remot...

CVE-2009-0903

The CVE affects IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.3 and the Web Services Feature Pack for WAS 6.1 prior to 6.1.0.25. When a WS-Security policy is set at the operation level, inbound requests that lack a SOAPAction or WS-Addressing Action are not handled correctly, enabling...

IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 25 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - An error in Single Sign-on SSO with SPNEGO implementation could allow a remote...

Microsoft Internet Explorer 'onreadystatechange' Corrupt Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...

Microsoft Active Directory Memory Leak Denial Of Service Vulnerability

Description Microsoft Active Directory is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the server, denying access to legitimate users. Technologies Affected Avaya Messaging Application Server Avaya Messaging Application Server MM 1.1 Avaya Messaging...

Microsoft Windows Argument Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

Microsoft Internet Explorer Malformed Row Property Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...

Microsoft Internet Explorer 'setCapture()' Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...

Microsoft Windows Print Spooler Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler service. A remote authenticated attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, which can result in the complete compromise of affected computers...

Microsoft Internet Explorer (CVE-2009-1141) Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...

Microsoft Windows Pointer Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...