2483 matches found
Microsoft Windows CE JPEG和GIF图形处理任意代码执行漏洞
BUGTRAQ ID: 29147 Windows CE为微软针对个人电脑以外的计算机产品所研发的嵌入式操作系统。 Windows CE的JPEG图形(GDI+)和GIF图形组件在处理恶意图形文件时存在多个安全漏洞,可能导致在用户系统上执行任意指令。 Microsoft Windows CE 5.0 Microsoft --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.microsoft.com/technet/security/...
Design/Logic Flaw
Multiple unspecified vulnerabilities in the JPEG GDI+ and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted 1 JPEG and 2 GIF images...
CVE-2008-2160
Multiple unspecified vulnerabilities in the JPEG GDI+ and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted 1 JPEG and 2 GIF images...
CVE-2008-2160
CVE-2008-2160 affects Microsoft Windows CE 5.0, specifically the JPEG (GDI+) and GIF image processing components. The vulnerability allows remote code execution via crafted JPEG/GIF images. The provided documents do not include concrete exploit details or a confirmed remediation; one source notes...
CVE-2008-2160
Multiple unspecified vulnerabilities in the JPEG GDI+ and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted 1 JPEG and 2 GIF images...
Unfixed XSS vulnerability at www.qu-est-ce-que.fr
Security researcher death-angel, has submitted on 04/10/2008 a cross-site-scripting XSS vulnerability affecting www.qu-est-ce-que.fr, which at the time of submission ranked 7623735 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2008. It ...
RAPI Manager Detection
The remote service supports the Remote Applications Programming Interfaces RAPI protocol and is used by the host to manage connections from Windows Mobile / Windows CE devices. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if descripti...
[SECURITY] Fedora 8 Update: synce-gnomevfs-0.11-1.fc8
This is a gnome-vfs module that enables access to the Windows CE or Pocket PC file system through the gnome-vfs functions...
[SECURITY] Fedora 8 Update: libsynce-0.11-2.fc8
The purpose of the SynCE project is to provide a means of communication with a Windows CE device from a computer running Linux, FreeBSD or a similar operating system...
Code injection
ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content...
CVE-2008-0701
ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content...
CVE-2008-0701
ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content...
CVE-2008-0701
CVE-2008-0701 affects Magnolia CE 3.5.x prior to 3.5.4. The ActivationHandler during import does not check permissions, allowing remote attackers to potentially activate a new item and add arbitrary content. This describes a permission-bypass in the import path with unknown exact impact. Remediat...
CORE-2007-1106: SynCE Remote Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies – CoreLabs Advisory http://www.coresecurity.com/corelabs SynCE Remote Command Injection Advisory Information Title: SynCE Remote Command Injection Advisory ID: CORE-2007-1106 Advisory URL:...
SYMSA-2007-012: Microsoft Windows CE IGMP Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2007-012 Advisory Title: Microsoft Windows CE IGMP Denial of Service Author: Ollie Whitehouse / [email protected] Release Date: 22-10-2007...
Microsoft Windows CE Internet Explorer Content-Type远程拒绝服务漏洞
Microsoft Windows CE是为各种嵌入式系统和产品设计的一种压缩的、高效的、可升级的操作系统OS)。 Microsoft Windows CE包含的Internet Explorer存在边界错误,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 当处理包含大型字符串值的Content-Type字段时存在异常错误,可导致InternetExplorer崩溃。 Microsoft Windows CE 6.0 可采用如下升级补丁: http://support.microsoft.com/kb/933679...
Microsoft Windows CE Internet Explorer SSL未明远程拒绝服务漏洞
Microsoft Windows CE是为各种嵌入式系统和产品设计的一种压缩的、高效的、可升级的操作系统OS)。 Microsoft Windows CE包含的Internet Explorer处理SSL通信存在错误,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 在通过SSL访问部分站点时由于WININET.DLL存在问题可导致Internet Explorer出现访问错误而造成拒绝服务攻击。 Microsoft Windows CE 5.0 可采用如下升级补丁: http://support.microsoft.com/kb/837392/...
Windows CE < 5.0 / 6.0 Buffer Overflow
Binary data 4096.prm...
Windows CE < 5.1 Detection
Binary data 4095.prm...
Microsoft Windows CE .NET Compact Framework Components Multiple Vulnerabilities
Description Components of the .NET Compact Framework for Microsoft Windows CE are prone to multiple vulnerabilities. Exploiting these issues may allow remote attackers to cause denial-of-service conditions, corrupt memory, or execute arbitrary machine code in the context of the affected...