Microsoft Word Record RTF Parsing Engine Remote Heap Buffer Overflow Vulnerability

Description Microsoft Word is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed...

Microsoft Word 'sprmCMajority' Record Parsing Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

seamonkey/thunderbird: crash when indexing certain messages with attachments

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted message,...

Critical: Red Hat Security Advisory: seamonkey security update

Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

phpBazar 2.1.1 Remote File Inclusion

Title: phpBazar V2.1.1 stable rfi Vulnerability Author: Sid3^effects Published: 2010-06-03 Verison: 2.1.1 stable vendor: SmartISoft ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 888 888. .8888. .8' 888 888 888 .8'888. .8' 888 888 888.8' 888.8' 888 88b ooo 888' 888' o888o...

phpBazar 2.1.1 stable - Remote File Inclusion

phpBazar 2.1.1 stable - Remote File Inclusion Title: phpBazar V2.1.1 stable rfi Vulnerability Author: Sid3^effects Published: 2010-06-03 Verison: 2.1.1 stable vendor: SmartISoft ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 888 888. .8888. .8' 888 888 888 .8'888. .8' 888 888...

VulnCheck KEV: CVE-2010-1165

Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the 1 attachment aka attachments, 2 index aka indexing, or 3 backup path and then uploading a file, as exploited in the wild in April 2010...

Microsoft Publisher File Conversion Textbox Remote Buffer Overflow Vulnerability

Description Microsoft Publisher is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious Publisher file. Successfully exploiting this issue would allow an attacker to execute arbitrary code in the context of the currently...

Mozilla Products Denial Of Service Vulnerability (Windows)

The host is installed with Thunderbird/Seamonkey and is prone to Denial Of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodmozillaprdtsdosvulnwinmar10.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Denial Of Service Vulnerability Windows Authors: Antu Sanadi Copyright:...

Copyright Infringement Lawsuit Email Scam

US-CERT is aware of public reports of an active email scam. These emails, which appear to come from seemingly legitimate law firms, indicate that someone has filed a copyright lawsuit against the message recipient. The messages may contain malicious attachments or web links. If a user opens the...

Code injection

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted message,...

seamonkey/thunderbird: crash when indexing certain messages with attachments

No description is available for this CVE...

seamonkey/thunderbird: crash when indexing certain messages with attachments

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted message,...

Multiple File Attachments Mail Form Pro 2.0 - Arbitrary File Upload

Multiple File Attachments Mail Form Pro 2.0 - Arbitrary File Upload Exploit Title: Multiple File Attachments Mail Form Pro v2 - WebShell upload Date: 16/02/2010 Author: EgoPL Mail: [email protected] Software Link: http://activeden.net/item/multiple-file-attachments-mail-form-prov2/31262 17$ but It...

Multiple File Attachments Mail Form Pro v2 - WebShell upload

Exploit for unknown platform in category web applications ============================================================ Multiple File Attachments Mail Form Pro v2 - WebShell upload ============================================================ Exploit Title: Multiple File Attachments Mail Form Pro v...

Mail Form Pro 2 Shell Upload

Exploit Title: Multiple File Attachments Mail Form Pro v2 - WebShell upload Date: 16/02/2010 Author: EgoPL Mail: [email protected] Software Link: http://activeden.net/item/multiple-file-attachments-mail-form-prov2/31262 Version: Pro V2 Tested on: Arch Linux + Apache but it's OS independent. Exploi...

Microsoft PowerPoint 'OEPlaceholderAtom' Record Invalid Index Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently...

Microsoft PowerPoint File Path Handling Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently logged-in user...

Microsoft Office 'OfficeArtSpgr' Container Pointer Overwrite Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently logged-in user...

I Have Only One Security Prediction for 2010

Instead of the usual top ten lists that are all-too-common with predictions for the new year, I have just one: 2010 will be the year of desktop applications handling untrusted data in sandboxed processes, and it will be about time. Since the release of Windows XP SP2, there have been significantl...