Lucene search
K

5125 matches found

CERT
CERT
added 2007/11/14 12:0 a.m.36 views

Apple Mac OS X CoreText uninitialized pointer vulnerability

Overview Apple Mac OS X CoreText contains an uninitialized pointer vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple Mac OS X CoreText is a framework for handling text on Mac OS X Tiger 10.4 and later. Mac OS X...

6.8CVSS7.8AI score0.03207EPSS
Exploits1References2
Saint
Saint
added 2007/10/19 12:0 a.m.38 views

Windows IE7 URI Handler command execution through Firefox

Added: 10/19/2007 CVE: CVE-2007-3896 BID: 25945 OSVDB: 41090 Background The shell32.dll library provides functions which handle interaction between Internet Explorer and the Windows shell. Problem The version of the shell32.dll library installed with Internet Explorer 7 does not properly validate...

9.3CVSS6.2AI score0.53831EPSS
Exploits7
Positive Technologies
Positive Technologies
added 2007/10/11 12:0 a.m.4 views

PT-2007-6420 · Viart · Viart Shopping Cart

Name of the Vulnerable Software and Affected Versions: ViArt Shopping Cart affected versions not specified Description: The issue concerns a directory traversal vulnerability in the iDEAL transaction handler, specifically in the payments/ideal process.php file. This vulnerability allows remote...

10CVSS6.7AI score0.02381EPSS
Exploits0References6
CERT
CERT
added 2007/10/08 12:0 a.m.24 views

Electronic Arts SnoopyCtrl ActiveX control and plug-in stack buffer overflows

Overview The Electronic Arts SnoopyCtrl ActiveX control and plug-in contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Electronic Arts EA.com provides an ActiveX control and Netscape-style...

6.8CVSS7.3AI score0.3089EPSS
Exploits3References4
seebug.org
seebug.org
added 2007/09/24 12:0 a.m.17 views

EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BOF Exploit

No description provided by source. !-- rgodemmsgprnheap.html EasyMail MessagePrinter Object emprint.DLL 6.0.1.0 remote heap overflow exploit ie6 / xp sp2 Mr Dormann, this should integrate this :D : http://www.kb.cert.org/vuls/id/281977 retrieved from postcast srvr, dunno other software...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/09/23 12:0 a.m.26 views

EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BOF Exploit

Exploit for unknown platform in category remote exploits ================================================================ EasyMail MessagePrinter Object emprint.DLL 6.0.1.0 BOF Exploit ================================================================ pwnin'... //add su one, user: sun pass: tzu...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/09/13 12:0 a.m.53 views

Oracle Jinitiator 1.1.8 Vulnerabilities CVE-2007-4467 - Additional Information

US-CERT released an advisory on August 28, 2007 regarding multiple stack buffer overflows in the Oracle Jinitiator product Vulnerability Note VU474433/CVE-2007-4467. Due to limited public technical information on Jinitiator, no access to the Oracle support website, and maybe lack of cooperation...

9.3CVSS0.7AI score0.21066EPSS
Exploits1
CERT
CERT
added 2007/09/12 12:0 a.m.45 views

Callisto PhotoParade Player PhPInfo ActiveX control buffer overflow

Overview The Callisto PhotoParade Player PhPInfo ActiveX control contains a buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Callisto PhotoParade Player includes an ActiveX control called PhPinfo. The ActiveX control...

9.3CVSS7AI score0.06506EPSS
Exploits0References2
CERT
CERT
added 2007/09/06 12:0 a.m.41 views

Earth Resource Mapping NCSView ActiveX control stack buffer overflows

Overview The Earth Resource Mapping NCSView ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Earth Resource Mapping NCSView ActiveX control, which is provided by...

9.3CVSS7.3AI score0.06628EPSS
Exploits0References4
CERT
CERT
added 2007/09/05 12:0 a.m.27 views

Broderbund Expressit 3DGreetings Player ActiveX control buffer overflows

Overview The Broderbund Expressit 3DGreetings Player ActiveX control contains multiple buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The 3DGreetings Player is an ActiveX control that displays 3D greeting cards...

9.3CVSS7AI score0.06628EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/08/14 12:0 a.m.94 views

CVE-2007-3385: Handling of \" in cookies

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-3385: Handling of " in cookies Severity: Low Session Hi-jacking Vendor: The Apache Software Foundation Versions Affected: 6.0.0 to 6.0.13 5.5.0 to 5.5.24 5.0.0 to 5.0.30 4.1.0 to 4.1.36 3.3 to 3.3.2 Description: Tomcat incorrectly handles the...

4.3CVSS0.16944EPSS
Exploits4
CERT
CERT
added 2007/08/14 12:0 a.m.27 views

IBM and Lenovo Access Support acpRunner ActiveX control fails to restrict access to methods

Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to restrict access to its methods, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes severa...

5.8CVSS6.7AI score0.0258EPSS
Exploits1References4
CERT
CERT
added 2007/08/14 12:0 a.m.27 views

IBM and Lenovo Access Support acpRunner ActiveX control format string vulnerability

Overview The IBM Lenovo Access Support acpRunner ActiveX control contains a format string vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...

5.8CVSS6.7AI score0.0457EPSS
Exploits1References4
CERT
CERT
added 2007/08/14 12:0 a.m.34 views

IBM and Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures

Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...

5.8CVSS6.8AI score0.0264EPSS
Exploits1References4
CERT
CERT
added 2007/08/14 12:0 a.m.32 views

Motive Communications ActiveUtils EmailData ActiveX control stack buffer overflows

Overview The Motive Communications ActiveUtils EmailData ActiveX control contains multiple stack buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description Motive Communications ActiveUtils is a software package used by multiple ISPs to provide...

6.8CVSS7.2AI score0.05576EPSS
Exploits0References3
CERT
CERT
added 2007/08/13 12:0 a.m.29 views

InterActual Player IAKey ActiveX control stack buffer overflow

Overview The InterActual Player IAKey ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

9.3CVSS7.2AI score0.0818EPSS
Exploits0References4
securityvulns
securityvulns
added 2007/08/03 12:0 a.m.97 views

CVE-2007-3384: XSS in Tomcat cookies example

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-3384: XSS in Tomcat cookies example Severity: Low Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: 3.3 to 3.3.2 Description: When reporting error messages, Tomcat does not filter user supplied data before display...

4.3CVSS0.03175EPSS
Exploits1
securityvulns
securityvulns
added 2007/08/01 12:0 a.m.93 views

Mozilla Foundation Security Advisory 2007-27

Mozilla Foundation Security Advisory 2007-27 Title: Unescaped URIs passed to external programs Impact: Critical Announced: July 30, 2007 Reporter: Jesper Johansson Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.6 Thunderbird 2.0.0.6 Thunderbird 1.5.0.13 SeaMonkey 1.1.4...

9.3CVSS0.6AI score0.05699EPSS
Exploits0
securityvulns
securityvulns
added 2007/07/23 12:0 a.m.109 views

CVE-2007-3383: XSS in Tomcat send mail example

CVE-2007-3383: XSS in Tomcat send mail example Severity: Low Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: 4.0.0 to 4.0.6 4.1.0 to 4.1.36 Description: When reporting error messages, the SendMailServlet does not filter user supplied data before display. This enable...

4.3CVSS5.3AI score0.09479EPSS
Exploits0
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.110 views

US-CERT Technical Cyber Security Alert TA07-199A -- Mozilla Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-199A Mozilla Updates for Multiple Vulnerabilities Original release date: July 18, 2007 Last revised: -- Source: US-CERT Systems Affected Mozilla Firefox Mozilla Thunderbird Other products...

0.5AI score
Exploits0
Rows per page
Query Builder