Wireshark DECT Dissector Stack Buffer Overflow (CVE-2011-1591)

A stack buffer overflow vulnerability has been reported in Wireshark DECT dissector. The vulnerability is caused due to improper bounds checking. A remote attacker can exploit this vulnerability by enticing a user to read a specially crafted packet trace file. Successful exploitation would allow ...

Symantec Products CAB Files Memory Corruption Vulnerability

This host is installed with Symantec Product and is prone to memory corruption vulnerability. OpenVAS Vulnerability Test $Id: gbsymantecprdtscabfilesmemcorrvuln.nasl 6517 2017-07-04 13:34:20Z cfischer $ Symantec Products CAB Files Memory Corruption Vulnerability Authors: Rachana Shetty Copyright:...

Symantec Products CAB Files Memory Corruption Vulnerability

Symantec Product is prone to a memory corruption vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MODX CMS 1.x - 2.x Brute Force and Path Disclosure Vulnerabilities - Active Check

MODX CMS is prone to brute force and path disclosure vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NFR Agent Heap Overflow Vulnerability

This module exploits a heap overflow in NFRAgent.exe, a component of Novell File Reporter NFR. The vulnerability occurs when handling requests of name "SRS", where NFRAgent.exe fails to generate a response in a secure way, copying user controlled data into a fixed-length buffer in the heap withou...

Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)

This host is missing a critical security update according to Microsoft Bulletin MS12-074. OpenVAS Vulnerability Test $Id: secpodms12-074.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2745030 Authors: Antu Sanadi Copyright: Copyright c 2012 SecPo...

Opera < 12.10 Multiple Vulnerabilities

Binary data 6618.prm...

APPLE-SA-2012-11-07-1 QuickTime 7.7.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-11-07-1 QuickTime 7.7.3 QuickTime 7.7.3 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted PICT file may lead to an unexpected application...

Symantec Legacy Decomposer CAB File Issues

SUMMARY Symantec's legacy Decomposer engine fails to proper handle bounds checking when parsing files from some versions of CAB archives. This could result in the probability of an application crash in the majority of cases. A successfully crafted malicious CAB file could potentially result in...

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

FreeBSD : RT -- Multiple Vulnerabilities (4b738d54-2427-11e2-9817-c8600054b392)

BestPractical report : All versions of RT are vulnerable to an email header injection attack. Users with ModifySelf or AdminUser can cause RT to add arbitrary headers or content to outgoing mail. Depending on the scrips that are configured, this may be be leveraged for information leakage or...

java-1_7_0-openjdk: Update to icedtea-2.3.3 (important)

java-170-opendjk was updated to icedtea-2.3.3 bnc785814 Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking - S7093490: adjust package access in rmiregistry - S7143535, CVE-2012-5068: ScriptEngine corrected permissions - S7158796, CVE-2012-5070: Tighten properties...

Zoho ManageEngine Support Center Plus Multiple Vulnerabilities

This host is running Zoho ManageEngine Support Center Plus and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmanageenginesupportcenterplusmultvuln.nasl 5988 2017-04-20 09:02:29Z teissa $ Zoho ManageEngine Support Center Plus Multiple Vulnerabilities Authors: Antu Sanadi...

Mozilla Thunderbird < 16.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 16.0 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-3983 - '' elements can be abused t...

Mozilla Firefox ESR Multiple Vulnerabilities - 01 - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple QuickTime Plugin SetLanguage Buffer Overflow (CVE-2012-0666)

A stack buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to insufficient bounds checking when parsing parameters to a certain method inside the QuickTime plugin. A remote attacker can exploit this issue by enticing a target user to open a specially...

GetProperty function can bypass security checks — Mozilla

Mozilla community member Alice White reported that when the GetProperty function is invoked through JSAPI, security checking can be bypassed when getting cross-origin properties. This potentially allowed for arbitrary code execution...

CVE-2012-5197

Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."...

CVE-2012-5197

Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."...

Code injection

Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."...