JDK: Unspecified security fixes (July 2013)

The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call...

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

CVE-2013-3132

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application, aka...

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

CVE-2013-3171

CVE-2013-3171 : The.NET Framework serialization path does not properly check permissions of delegate objects, enabling remote code execution via a crafted XBAP or a partial-trust .NET app. Affected products include .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5. The underlying root cause...

MS13-052: Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)

The version of the .NET Framework installed on the remote host is reportedly affected by the following vulnerabilities : - A vulnerability exists in the way that affected components handle specially crafted TrueType font files that could lead to remote code execution. An attacker could leverage...

Microsoft .NET Framework Multiple Vulnerabilities (2861561)

This host is missing an important security update according to Microsoft Bulletin MS13-052. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Google Chrome multiple vulnerabilities - Dec 10(Windows)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulndec10win.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome multiple vulnerabilities - Dec 10Windows Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone Networ...

CVE-2010-1898

CVE-2010-1898 is a remote code execution vulnerability in the Microsoft .NET CLR handling delegates to virtual methods, affecting CLR-based apps and Silverlight. The issue enables arbitrary code execution via three attack scenarios: XBAPs (XAML browser applications), ASP.NET pages, or standalone ...

DeleGate DNS Message Decompression Denial of Service Vulnerability

Overview DNS implementation in DeleGate does not handle a compressed DNS packet properly, which could cause an infinite loop. Note that some other DNS packet processing systems have the issues related to this vulnerability. For more information on those systems, please refer to NISCC-589088 JVN a...

DeleGate Multiple Buffer Overflow Vulnerabilities

Overview DeleGate suffers buffer overflow when scanf, strncpy and other string handling process are set to fail with a long string sent by proxy. Impact An attacker could execute arbitrary code with the privileges of the user running DeleGate. Solution Please refer to the 'Vendor Information'...

DeleGate SSLway Filter Buffer Overflow Vulnerability

Overview Delegate SSLway Filter contains a buffer overflow vulnerability which stems from lack of memory space to handle SSL certificates. Impact An attacker could execute arbitrary code with the privileges of the user running DeleGate. Solution Please refer to the 'Vendor Information' and...

DeleGate Proxy Server < 9.7.5 Multiple Vulnerabilities

According to its banner, the remote host is running a version of the DeleGate proxy server before 9.7.5. Such versions contain several issues that could result in service disruptions when processing user input or handling malicious traffic. C Tenable Network Security, Inc. include"compat.inc"; if...

Delegate < 9.7.5 Multiple Vulnerabilities

Binary data 4260.prm...

CVE-2005-0036

CVE-2005-0036 affects DeleGate 8.10.2 and earlier. The DNS message decompression mishandles a compressed DNS packet with a label length offset, which could trigger an infinite loop and remote DoS. This is documented in NVD/SUSE/JVN entries; exploitation status and specific remediation/patch detai...

CVE-2005-0036

The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop...

CVE-2006-2072

Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause 1 a buffer over-read or 2 infinite recursion, which can trigger a segmentation fault or invalid memory access, ...

Code injection

Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause 1 a buffer over-read or 2 infinite recursion, which can trigger a segmentation fault or invalid memory access, ...

CVE-2006-2072

Affected software: DeleGate 9.x until 9.0.6 and 8.x until 8.11.6. Vulnerability: remote attacker can cause DoS by processing crafted DNS responses that trigger a buffer over-read or infinite recursion, leading to segmentation fault or invalid memory access (demonstrated by PROTOS DNS tests). Expl...

CVE-2006-2072

Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause 1 a buffer over-read or 2 infinite recursion, which can trigger a segmentation fault or invalid memory access, ...