182 matches found
PT-2022-3252 · Python +11 · Python +11
Name of the Vulnerable Software and Affected Versions: Python versions prior to 3.10.8 Python versions 3.7, 3.8, 3.9 Description: The issue is related to insufficient argument validation in the mailcap module of the Python interpreter. This may allow a remote attacker to inject shell commands int...
Comodo Firewall 2.3.6 CMDMon.SYS Multiple Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22357/info Comodo Firewall is prone to multiple denial-of-service vulnerabilities because it fails to adequately validate user supplied data. Exploiting these issues may permit attackers to cause system crashes and deny...
Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability
The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR...
Java Deployment Toolkit insufficient argument validation
Overview The Sun Java Deployment Toolkit plugin and ActiveX control perform insufficient argument validation, allowing an attacker to perform several attacks, including the execution of an arbitrary JAR file. Description The Sun Java Deployment Toolkit contains an NPAPI Netscape compatible plugin...
PT-2009-3691 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the Windows kernel's failure to properly validate an argument passed to a system call, allowing local users to gain privileges via a crafted application...
PT-2009-4932 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1, 7, and 8 Description: The issue arises from improper argument validation for unspecified variables, allowing remote attackers to execute arbitrary code via a crafted HTML document. This...
Internet Explorer HTML Component Handling Remote Code Execution (MS09-054; CVE-2009-2529)
Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability exists in the way that Internet Explorer handles argument validation of a variant in specific situations. The vulnerability occurs when Internet Explorer validates arguments incorrectly und...
CVE-2008-2259
Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print preview, which allows remote attackers to execute arbitrary code via unknown vectors, aka "HTML Component Handling Vulnerability."...
Internet Explorer print preview argument validation vulnerability
Added: 08/13/2008 CVE: CVE-2008-2259 BID: 30612 OSVDB: 47414 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command...
Internet Explorer print preview argument validation vulnerability
Added: 08/13/2008 CVE: CVE-2008-2259 BID: 30612 OSVDB: 47414 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command...
KON2 Buffer Overflow Vulnerability in Command Argument Validation
Overview KON Kanji ON Linux console, provided by Linux Japan RPM Project, contains a buffer overflow vulnerability due to improper validation of command line arguments. Impact An attacker could execute arbitrary command with the root privileges. Solution Please refer to the 'Vendor Information'...
Debian: Security Advisory (DSA-1543-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1543-1 : vlc - several vulnerabilities
Luigi Auriemma, Alin Rad Pop, Remi Denis-Courmont, Quovodis, Guido Landi, Felipe Manzano, Anibal Sacco and others discovered multiple vulnerabilities in vlc, an application for playback and streaming of audio and video. In the worst case, these weaknesses permit a remote, unauthenticated attacker...
DSA-1543-1 vlc - several vulnerabilities
Bulletin has no description...
KLA10412 ACE vulnerability in ZoneAlarm
A lack of argument validation was found in ZoneAlarm. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited locally via specially designed arguments. Original advisories - Related products ZoneAlarm-Pro...
ZoneAlarm 6.1.744.0016.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
ZoneAlarm 6.1.744.0016.5.737.000 - Vsdatant.SYS Driver Local Denial of Service // source: https://www.securityfocus.com/bid/23494/info ZoneAlarm is prone to a local denial-of-service vulnerability. This issue occurs when attackers supply invalid argument values to the 'vsdatant.sys' driver. A loc...
Symantec (Multiple Products) - SPBBCDrv Driver Local Denial of Service
Symantec Multiple Products - SPBBCDrv Driver Local Denial of Service // source: https://www.securityfocus.com/bid/23241/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers supply invalid argument values to the 'SPBBCDrv.sys' drive...
Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service
// source: https://www.securityfocus.com/bid/23241/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers supply invalid argument values to the 'SPBBCDrv.sys' driver. A local attacker may exploit this issue to crash affected computer...
Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability
Hello, We would like to inform you about a vulnerability in Outpost Firewall PRO 4.0. Description: Outpost Firewall PRO hooks many functions in SSDT and in at least twelve cases it fails to validate arguments that come from user mode. User calls to NtAssignProcessToJobObject, NtCreateKey,...
Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability
Hello, I would like to inform you about a vulnerability in Sunbelt Kerio Personal Firewall. Description: Sunbelt Kerio Personal Firewall hooks many functions in SSDT and in at least six cases it fails to validate arguments that come from user mode. User calls to NtCreateFile, NtDeleteFile,...