74 matches found
Hewlett-Packard Virtual User Generator EmulationAdmin Service Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Virtual User Generator. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exposed EmulationAdminSoapBinding web service. The issue lies in the...
iStArtApp FileXChange 6.2 Command Injection / LFI / File Upload
Document Title: =============== iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1237 Release Date: ============= 2014-03-26 Vulnerability Laboratory ID VL-ID:...
Win32 Codecs: User-assisted execution of arbitrary code
Background Win32 Codecs is a set of Windows audio and video playback codecs. Description A heap-based buffer overflow exists when handling Shockwave Flash files. Impact A remote attacker could entice a user to open a specially crafted Flash file using a package linked against Win32 Codecs, possib...
CVE-2012-3979
Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the androidlogprint function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function...
Symantec IM Manager IMAdminLDAPConfig.asp SQL injection
Added: 10/31/2011 CVE: CVE-2011-0553 BID: 49738 OSVDB: 75984 Background Symantec IM Manager is a solution for managing and securing instant-messaging traffic in an enterprise. Problem An SQL injection vulnerability in IMAdminLDAPConfig.asp allows remote, authenticated attackers to execute arbitra...
EUVD-2011-0516
Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD2, as used in Appeon, Replication Server Messaging Edition RSME, and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."...
DNET Live-Stats LFI Vulnerability
Exploit for php platform in category web applications ================================= DNET Live-Stats LFI Vulnerability ================================= Date: 10-04-10 Author: Blake Software Link: http://sourceforge.net/projects/dnetlivestats/files/0.8/dnet-live-stats-0.8-rc8.zip/download...
ProWizard 4 PC 1.62 - Multiple Remote Stack Buffer Overflow Vulnerabilities
ProWizard 4 PC 1.62 - Multiple Remote Stack Buffer Overflow Vulnerabilities // source: https://www.securityfocus.com/bid/26953/info ProWizard 4 PC is prone to multiple stack-based buffer-overflow issues because it fails to perform adequate boundary checks on user-supplied data. Successfully...
USN-524-1: OpenOffice.org vulnerability
An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges...
mono -- "System.CodeDom.Compiler" Insecure Temporary Creation
Sebastian Krahmer reports: Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program...
GLSA-200503-01 : Qt: Untrusted library search path
The remote host is affected by the vulnerability described in GLSA-200503-01 Qt: Untrusted library search path Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered that Qt searches for shared libraries in an untrusted, world-writable directory. Impact : A local attacker could crea...
CVE-2004-0561
Format string vulnerability in the log routine for gopher daemon gopherd 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code...
Microsoft BizTalk Server Multiple Remote Vulnerabilities
The remote host seems to be running Microsoft BizTalk server. There are two flaws in this software that could allow an attacker to issue a SQL insertion attack or to execute arbitrary code on the remote host. Note that Nessus solely relied on the presence of a Biztalk DLL to issue this alert so i...
Libc locale - Local Privilege Escalation (2)
Libc locale - Local Privilege Escalation 2 / source: https://www.securityfocus.com/bid/1634/info ectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...