CVE-2002-2341

CVE-2002-2341 affects SonicWALL SOHO3 version 6.3.0.0 and is described as a cross-site scripting (XSS) vulnerability in content blocking. The issue allows remote attackers to inject arbitrary web script or HTML by supplying a specially crafted blocked URL, enabling potential session or credential...

CVE-2002-2337

CVE-2002-2337 affects Kaspersky Anti-Hacker 1.0. When configured to automatically block attacks, the product allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. The provided sources describe the affected product and impact but do not offer concrete rem...

[Full-disclosure] Miranda IM Multiple Buffer Overflow Vulnerabilities

Miranda IM Multiple Buffer Overflow Vulnerabilities Summary Multiple buffer overflow vulnerabilities exist in Miranda IM, a popular open source instant messaging client. Scope These vulnerabilities have been verified in the following Miranda IM versions: 0.6.8 0.7.0 Note: one vulnerability in...

CVE-2007-5640

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager BCM, Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server...

CVE-2002-2234

NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests...

CVE-2002-2234

NetScreen ScreenOS pre-4.0.1 is affected: remote attackers can bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests. The available documents confirm the vulnerability and affected version, but do not provide remediation steps or exploit details.

CVE-2004-2733

Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to 1 block arbitrary IP addresses via popupipblocking.asp or 2 modify topics via popuptopicadmin.asp...

Multiple vulnerabilities in rFactor 1.250

Luigi Auriemma Application: rFactor http://www.rfactor.net Versions: = 1.250 Platforms: Windows Bugs: A buffer-overflow B "Connection lost" crash C crash/possible code execution D port 34397 blocked Exploitation: remote, versus server Date: 18 Aug 2007 Author: Luigi Auriemma e-mail:...

Information disclosure

The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information...

CVE-2007-3038

The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information...

CVE-2007-3038

The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information...

Security Update for Excel 2003 (KB933666)

A security vulnerability exists in Microsoft Office Excel 2003 that could allow remote code execution. This update resolves that vulnerability. This update also includes changes that enable blocking of specific file formats in Excel 2003...

Netrek format string vulnerability

Format string vulnerability on blocking player with malformed nickname...

Microsoft Windows OLE Dialog内存破坏漏洞（MS07-011）

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows提供的OLE Dialog组件中存在一个远程执行代码漏洞。当用户与RTF文件中的畸形嵌入OLE对象进行交互时，就可能导致内存破坏，在用户系统上执行任意代码。 成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。要利用此漏洞，需要进行用大量的户交互。 Microsoft Windows XP SP2 Microsoft Windows...

WebRoot SpySweeper protection bypass

Content is blocked only by filename. Multiple archive formats are not supported...

Multiple mobile phones bluetooth DoS

Flood with ussp-push messages causes user interface blocking by multiple download prompt messages...

Microsoft Windows Workstation服务NetpManageIPCConnect远程栈溢出漏洞（MS06-070)

Microsoft Windows是微软发布的非常流行的操作系统。 Windows的Workstation服务组件中存在栈溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 在Workstation服务名为wkssvc.dll的模块中，NetpManageIPCConnect函数以未经检查的缓冲区数据调用了swprintf，而输入缓冲区是远程攻击者可控的。 .text:76781D67 mov edi, ebp+arg0 ... .text:76781D90 lea eax, ebp+var2CC ... .text:76781DA0 push edi .text:76781DA...

mwchat-rfi.txt

MWChat pro V 7.0 Class = Remote File Inclusion URL : http://www.appindex.net/products/download/?product=mwchat&version=7.0 Found by = Mr.3FReeT .. code in :. about.php , buddy.php , chat.php , dialog.php , head.php , help.php , index.php , license.php ..... nearly all :D...

MWChat pro V 7.0 <= (CONFIG[MWCHAT_Libs]) Remote File Include Vulnerability

MWChat pro V 7.0 Class = Remote File Inclusion URL : http://www.appindex.net/products/download/?product=mwchat&version=7.0 Found by = Mr.3FReeT .. code in :. about.php , buddy.php , chat.php , dialog.php , head.php , help.php , index.php , license.php ..... nearly all :D...

Debian DSA-1157-1 : ruby1.8 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1931 It was discovered that the use of...