4195 matches found
VulnCheck KEV: CVE-2012-1854
Microsoft Visual Basic for Applications VBA contains an insecure library loading vulnerability that could allow for remote code execution...
Microsoft Visual Basic for Applications Insecure Library Loading (MS12-046; CVE-2012-1854)
A remote code execution vulnerability has been reported in Microsoft Visual Basic for Applications VBA...
MS12-046: Vulnerability in Visual Basic for Applications could allow remote code execution: July 10, 2012
Describes the security update that fixes vulnerabilities in Visual Basic for Applications could allow remote code execution, that was released on June 12, 2012.INTRODUCTIONMicrosoft has released security bulletin MS12-046. To view the complete security bulletin, go to one of the following Microso...
SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass
SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass Authentication Bypass and Password disclosure. SoftPerfect Bandwidth Manager Authentication Bypass Date: 22-June-2012 Author: Gitsnik http://dracyrys.com/softperfect Vendor Homepage: http://www.softperfect.com/ Software Link:...
SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass
Authentication Bypass and Password disclosure. SoftPerfect Bandwidth Manager Authentication Bypass Date: 22-June-2012 Author: Gitsnik http://dracyrys.com/softperfect Vendor Homepage: http://www.softperfect.com/ Software Link: http://www.softperfect.com/products/bandwidth/ Version: 2.9.10 probably...
LinkedIn Confirms Millions of Account Passwords Hacked
LinkedIn Confirms Millions of Account Passwords Hacked LinkedIn Wednesday confirmed that at least some passwords compromised in a major security breach correspond to LinkedIn accounts. Norweigan IT website Dagens IT first reported the breach, noting that "Two days ago a package on the 6.5 million...
Microsoft's April Security Update : Patch MS12-027 Now !
This month Microsoft released a total of six new security bulletins, but one in particular deals with a zero-day vulnerability impacting virtually every Microsoft user, which is already being exploited in the wild. Four of the six security bulletins are rated as Critical by Microsoft, with the...
MS12-027: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
A memory corruption issue exists in Windows common controls, specifically within the MSCOMCTL.TreeView, MSCOMCTL.ListView2, MSCOMCTL.TreeView2, and MSCOMCTL.ListView controls component of MSCOMCTL.OCX, due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can...
Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
This host is missing a critical security update according to Microsoft Bulletin MS12-027. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
MS12-027: Description of the security update for Visual Basic 6: April 10, 2012
Describes the security update for Visual Basic 6 that was released on April 10, 2012.INTRODUCTIONMicrosoft has released security bulletin MS12-027. To view the complete security bulletin, visit one of the following Microsoft websites: Home...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
PT-2012-1210
Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 Office 2003 Web Components version SP3 SQL Server versions 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2 BizTalk Server version 2002 SP1 Commerce Server versions 2002...
XSS и Brute Force уязвимости в WordPress
Здравствуйте 3APA3A! Сообщаю вам о Cross-Site Scripting та Brute Force уязвимостях в WordPress. XSS WASC-08: В 2007 году я писал об редиректорах http://websecurity.com.ua/1152/ в WordPress http://websecurity.com.ua/1179/, для которых я выпустил патч в MustLive Security Pack v.1.0.5...
boost regular expression NULL dereference flaw
The getrepeattype function in basicregexcreator.hpp in the Boost regex library aka Boost.Regex in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service NULL dereference and crash via an invalid regular expression...
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_ag_main.php' Crafted Arbitrary File Upload / Arbitrary Code Execution
source: https://www.securityfocus.com/bid/51979/info BASE is prone to a security-bypass vulnerability and multiple remote file-include vulnerabilities. An attacker can exploit these issues to gain unauthorized access, obtain potentially sensitive information, or execute arbitrary script code in t...
jetVideo 8.0.2 Denial of Service
Exploit for windows platform in category dos / poc Exploit Title: jetVideo Crash Exploit Author: Senator of Pirates Email : email protected Software Link: http://www.jetaudio.com/download/jetvideo.html Version: 8.0.2 Basic Tested on: Windows XP PS3 En header = "http://" junk = "A" 20000 payload =...
CVE-2012-1017
Multiple SQL injection vulnerabilities in baseqrymain.php in Basic Analysis and Security Engine BASE 1.4.5 allow remote attackers to execute arbitrary SQL commands via the 1 ipaddr01, 2 ipaddr02, or 3 ipaddr09 parameters...
SSL Certificate Chain Analysis
This plugin examines the chain of X.509 certificates used by this service. TRUSTED...
OpenSSL 0.9.6 CA Basic Constraints Validation Vulnerability
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7. Such versions do not verify the Basic Constraint for some certificates. A remote attacker could perform a man-in-the-middle attack. Details on this weakness are missing. It is related to...