CVE-2010-2125

Multiple cross-site scripting XSS vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with "create rotor item" or "edit any rotor item" privileges, to inject arbitrary web script or HTML via the 1 srs, 2 title, or 3 alt...

Google Chrome 'IFRAME' Denial Of Service Vulnerability

This host is installed with Google Chrome and is prone to Denial Of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromeiframedosvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome 'IFRAME' Denial Of Service Vulnerability Authors: Antu Sanadi Updated By: Madhuri D on...

Code injection

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via a malformed session attribute, aka Bug ID CSCsk40030...

CVE-2010-0603

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via a malformed session attribute, aka Bug ID CSCsk40030...

ReGet Deluxe .wjr file SaveTo attribute buffer overflow

Added: 05/14/2010 BID: 37511 Background ReGet Deluxe is a download manager for Windows. Problem A buffer overflow vulnerability allows command execution when a user opens a .wjr file containing a Download tag with a specially crafted SaveTo attribute. Resolution Do not open untrusted .wjr files...

ReGet Deluxe .wjr file SaveTo attribute buffer overflow

Added: 05/14/2010 BID: 37511 Background ReGet Deluxe is a download manager for Windows. Problem A buffer overflow vulnerability allows command execution when a user opens a .wjr file containing a Download tag with a specially crafted SaveTo attribute. Resolution Do not open untrusted .wjr files...

CVE-2010-1481

Cross-site scripting XSS vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute...

Cross site scripting

Cross-site scripting XSS vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute...

CVE-2010-1481

Cross-site scripting XSS vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute...

ESET Smart Security 4.2 / NOD32 Antivirus 4.2 (x32-x64) LZH parsing PoC

Exploit for windows platform in category dos / poc ======================================================================= ESET Smart Security 4.2 / NOD32 Antivirus 4.2 x32-x64 LZH parsing PoC ======================================================================= ESET Smart Security 4.2 and NOD3...

CVE-2010-0254

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability."...

Memory corruption

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability."...

CVE-2010-0254

CVE-2010-0254 is a Visio memory‑corruption vulnerability in Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1/SP2. The flaw arises from improper validation of Visio file attributes, allowing a remote attacker to execute arbitrary code by opening a crafted Visio file. The issue is part of a ...

Microsoft Visio Attribute Validation Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability. This issue arises when the application processes a malicious file. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a...

Mozilla Firefox浏览器图形src标签启动外部邮件客户端漏洞

CVECAN ID: CVE-2010-0181 Firefox是一款流行的开源WEB浏览器。 如果网页的IMG元素中SRC属性设置为到mailto: URL的重新定向，则Firefox在打开这样的网页时会加载外部的邮件客户端程序。尽管这不会造成安全威胁，但启动过多的应用程序也是一种拒绝服务的情况。 Mozilla Firefox 3.6 Mozilla Firefox 3.5.x Mozilla SeaMonkey 2.0.4 厂商补丁： Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.mozilla.org/...

TCPDF 4.5.0364.9.5 - params Attribute Remote Code Execution

TCPDF 4.5.0364.9.5 - params Attribute Remote Code Execution source: https://www.securityfocus.com/bid/39315/info TCPDF is prone to a security weakness that may allow attackers to execute arbitrary code. An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute...

Microsoft Internet Explorer Unspecified vulnerability

This host is installed with Microsoft Internet Explorer and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbmsieunspecifiedvuln.nasl 5656 2017-03-21 11:03:12Z cfi $ Microsoft Internet Explorer Unspecified vulnerability Authors: Madhuri D Copyright: Copyright c 2010...

CVE-2010-1227

Cross-site scripting XSS vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site...

OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)

Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to have an unspecified impact via a certain XML document that references a crafted web site in the SRC attribute of an image element, related to a "0day Vulnerability."...