Microsoft Excel fails to properly process malformed STYLE records

Overview Microsoft Excel contains a vulnerability in the handling of malformed STYLE records, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel contains a vulnerability that could be exploited when Excel opens a...

Microsoft PowerPoint fails to properly handle malformed records

Overview Microsoft PowerPoint contains a vulnerability in the handling of malformed records, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoint opens...

Hacking quest dove gray is not on-line analysis summary-vulnerability warning-the black bar safety net

Not automatically on-line of reason: 1. You do not have public IP or you are within the network did not do the appropriate port mapping; 2. You opened the firewall closes the Dove gray to use to the port; 3. You do not have to update the IP to your domain name; 4. Your service-side configuration...

TSRT-06-05: Computer Associates eTrust AntiVirus WebScan Automatic Update Code Execution Vulnerability

TSRT-06-05: Computer Associates eTrust AntiVirus WebScan Automatic Update Code Execution Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-05.html August 7, 2006 -- CVE ID: CVE-2006-3976 CVE-2006-3977 -- Affected Vendor: Computer Associates -- Affected Products: eTrust AntiVir...

CVE-2006-3457

Symantec On-Demand Agent SODA before 2.5 MR2 Build 2157, and the Virtual Desktop module in Symantec On-Demand Protection SODP before 2.6 Build 2233, do not properly encrypt files that are subject to policy-based automatic encryption, which might allow local users to read sensitive data via an...

DSA-1143-1 dhcp - programming error

Bulletin has no description...

Apple Mac OS X Bom vulnerable to memory corruption via specially crafted ZIP file

Overview A memory corruption vulnerability in the Mac OS X Bom could allow a remote attacker to execute arbitrary code on an affected system. Description Apple's Bom is the archive file handler in the Mac OS X operating system. It features the ability to handle file archives in a number of...

How to access blocked sites-bug warning-the black bar safety net

The following methods can also access other blocked website,, so please privately transmitted, is after all public, the more the more dangerous, after providing these services the site also been blocked, the more harm than good. 1, recommended method: use the P2P CDN network access Coral is a P2P...

CVE-2006-3324

The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine ioquake3 before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory fshomepath cvar via a long string of filenames, as contained in the neededpaks buffer...

DEBIAN-CVE-2006-3324

The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine ioquake3 before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory fshomepath cvar via a long string of filenames, as contained in the neededpaks buffer...

CVE-2006-3324

The CVE-2006-3324 entry describes a remote arbitrary-file overwrite vulnerability in the id3 Quake 3 Engine and ioquake3 (ioquake3) before revision 804, exploitable via the Automatic Downloading option by sending a long string of filenames contained in the neededpaks buffer. The underlying issue ...

CVE-2006-3324

The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine ioquake3 before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory fshomepath cvar via a long string of filenames, as contained in the neededpaks buffer...

Win XP how to automatically terminate the Blackice firewall-vulnerability warning-the black bar safety net

Currently using Blackice firewall a lot of friends, it is a powerful, easy to use and durable, it is home protection, settle down essential firewall! In using the Blackice Firewall the process there is an interesting little find, here to share with you about discussion. This fun little discovery...

Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...)

Luigi Auriemma Application: Quake 3 engine http://www.idsoftware.com http://www.icculus.org/quake3/ Versions: Quake 3 = 1.32c Icculus.org Quake 3 = revision 803 other derived projects Games: exist many games which use the Quake 3 engine and probably they are all vulnerable but I'm not able and ha...

[SA19589] Debian mnogosearch Insecure Password Storage Security Issue

TITLE: Debian mnogosearch Insecure Password Storage Security Issue SECUNIA ADVISORY ID: SA19589 VERIFY ADVISORY: http://secunia.com/advisories/19589/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux 3.1...

Safari archive metadata command execution

Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...

Safari archive metadata command execution

Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...

Safari archive metadata command execution

Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...

Ubuntu 4.10 / 5.04 / 5.10 : fetchmail vulnerability (USN-233-1)

Steve Fosdick discovered a remote Denial of Service vulnerability in fetchmail. When using fetchmail in 'multidrop' mode, a malicious email server could cause a crash by sending an email without any headers. Since fetchmail is commonly called automatically with cron, for example, this crash could...

Ubuntu 4.10 / 5.04 / 5.10 : cpio vulnerability (USN-234-1)

Richard Harms discovered that cpio did not sufficiently validate file properties when creating archives. Files with e. g. a very large size caused a buffer overflow. By tricking a user or an automatic backup system into putting a specially crafted file into a cpio archive, a local attacker could...