Microsoft Word Malformed Record Value Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Confluence displays ALL attachments when the following URL is viewed

i removed the space key from the URL for the normal space attachment viewing, and it displays all the attachments for all spaces in the install of Confluence, Irrispecitve of space and page level permission restrictions. For Example:...

Confluence displays ALL attachments when the following URL is viewed

i removed the space key from the URL for the normal space attachment viewing, and it displays all the attachments for all spaces in the install of Confluence, Irrispecitve of space and page level permission restrictions. For Example:...

Confluence displays ALL attachments when the following URL is viewed

i removed the space key from the URL for the normal space attachment viewing, and it displays all the attachments for all spaces in the install of Confluence, Irrispecitve of space and page level permission restrictions. For Example:...

Simple Machines Forum (SMF) 1.1.6 Remote Code Execution Exploit

No description provided by source. ?php Simple Machines Forum SMF 1.1.6 Remote Code Execution Exploit Credits: Charles FOL charlesfolathotmail.fr URL: http://real.olympe-network.com/ Note: other versions are maybe vulnerable, not tested. SMF suffers from multiples vulnerabilities. Combining some ...

CVE-2008-4929

MyBB aka MyBulletinBoard 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames...

Design/Logic Flaw

MyBB aka MyBulletinBoard 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames...

Simple Machines Forum (SMF) 1.1.6 - Code Execution

URL: http://real.olympe-network.com/ Note: other versions are maybe vulnerable, not tested. SMF suffers from multiples vulnerabilities. Combining some of them, we can obtain a remote code execution on the remote host. I won't talk here about all of them, but I'll explain how we can execute code. ...

Adobe Reader and Acrobat util.printf() JavaScript function stack buffer overflow

Overview Adobe Reader and Acrobat contain a stack buffer overflow in the util.printf JavaScript function, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Reader is software designed to view Portable Document Format PDF files...

Simple Machines Forum (SMF) 1.1.6 - Code Execution

Simple Machines Forum SMF 1.1.6 - Code Execution URL: http://real.olympe-network.com/ Note: other versions are maybe vulnerable, not tested. SMF suffers from multiples vulnerabilities. Combining some of them, we can obtain a remote code execution on the remote host. I won't talk here about all of...

Simple Machines Forum (SMF) 1.1.6 Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================== Simple Machines Forum SMF 1.1.6 Code Execution Exploit ======================================================== URL: http://real.olympe-network.com/ Note: other versions are maybe...

Gentoo Security Advisory GLSA 200504-02 (sylpheed)

The remote host is missing updates announced in advisory GLSA 200504-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

FreeBSD Ports: thunderbird

The remote host is missing an update to the system as announced in the referenced advisory. VID da690355-1159-11d9-bc4a-000c41e2cdad OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: emil

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2008-3745

The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors...

Microsoft Office PICT Filter Parsing Remote Heap Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker could exploit this issue by enticing a victim to open a malicious PICT file. Successfully exploiting this...

Microsoft PowerPoint Picture Index Variant Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...

Microsoft Office Malformed Malformed PICT Filter Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PICT file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in...

Microsoft Office Malformed EPS Filter Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious EPS Encapsulated PostScript file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of t...

CVE-2008-3177

Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface SAVI, allows remote attackers to cause a denial of service engine crash via zero-length MIME attachments...