166 matches found
CVE-2012-6359
IBM TFIM and TFIMBG are affected by CVE-2012-6359: versions 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 do not verify that OpenID attributes are signed in SREG/AX, allowing unsigned attributes to be inserted and potentially spoofed by an attacker. The issue can be exploi...
Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : tomcat6 vulnerabilities (USN-1252-1)
It was discovered that Tomcat incorrectly implemented HTTP DIGEST authentication. An attacker could use this flaw to perform a variety of authentication attacks. CVE-2011-1184 Polina Genova discovered that Tomcat incorrectly created log entries with passwords when encountering errors during JMX...
CVE-2010-0254
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability."...
Memory corruption
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability."...
CVE-2010-0254
CVE-2010-0254 is a Visio memory‑corruption vulnerability in Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1/SP2. The flaw arises from improper validation of Visio file attributes, allowing a remote attacker to execute arbitrary code by opening a crafted Visio file. The issue is part of a ...
Microsoft Visio Attribute Validation Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Visio is prone to a remote code-execution vulnerability. This issue arises when the application processes a malicious file. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a...