4151 matches found
Microsoft MSN Messenger Chat Control contains a buffer overflow in "ResDLL" parameter
Overview Microsoft's MSN Chat is an ActiveX control for Microsoft Messenger, an instant messaging client. A buffer overflow exists in the ActiveX control that may permit a remote attacker to execute arbitrary code on the system with the privileges of the current user. Description A buffer overflo...
dH team & SECURITY.NNOV: A variant of "Word Mail Merge" vulnerability
Русская версия этой advisory приведена ниже. Original version of this advisory: http://www.security.nnov.ru/advisories/mailmerge.asp Title: A variant of "Word Mail Merge" vulnerability Authors: ERRor, 3APA3A Date: May, 03 2002 Affected: Office 97, 2000, XP Vendor: Microsoft Risk: Average to high...
Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service
source: https://www.securityfocus.com/bid/4564/info Microsoft Internet Explorer is vulnerable to a denial of service due to an error in handling certain self-referential definitions in HTML documents. This occurs when an object of type "text/html" is specified, with the DATA field referencing the...
Проксирование HTTP-запросов через JAVA (unauthorized access)
Через прокси сервер можно получить и отправить любые html-доументы...
Advisory CA-2002-04 Buffer Overflow in Microsoft Internet Explorer
CERT Advisory CA-2002-04 Buffer Overflow in Microsoft Internet Explorer Original release date: February 25, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Microsoft Internet Explorer Microsoft Outlook and Outlook Express...
CVE-2001-1023
CVE-2001-1023 affects Xcache 2.1. Remote attackers can disclose the server’s absolute paths by requesting a URL that Xcache has not cached; the product returns the full pathname in the Content-PageName header. The vulnerability is an information disclosure: partial confidentiality impact. Affecte...
Aladdin eSafe Gateway Filter Bypass - Updated Advisory
29 May 2001 This is the first of 3 sequential advisories we are issuing today regarding Aladdin eSafe Gateway. This advisory replaces our advisory from 16 May 2001. Status --------- The entire content of this advisory was reviewed and acknowledged by Aladdin. The vulnerability reffers to version...
Aladdin eSafe Gateway script filter bypass
Product: eSafe Gateway Vendor: Aladdin Knowledge Systems www.ealaddin.com Vesrsion: 3.0 was tested and found vulnerable, earlier versions might be vulnerable as well. Status: Vendor was informed. Background -------------------- eSafe Gateway 3.0 is an Internet Content Security product. You can...
Проблемы в Compaq Management Software (HTTP proxy)
Web-Сервис установленный на порт 2301 работает как HTTP-прокси при запросе внешнего документа...
CVE-2000-0974
CVE-2000-0974 concerns GnuPG (gpg) 1.0.3 and earlier versions, which fail to properly verify all signatures in a file containing multiple documents. The underlying flaw allows an attacker to modify the contents of all documents after the first without detection, as described in the CVE entry and ...
CVE-2000-0932
MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service...
NAV 5.0 and embedded files
Product: Norton Symantec Antivirus Platform: Win32 Versions: 5.0 Problem: Files 'embedded' in Word and Excel documents appear to evade scanning. I have noticed what appears to me to be a disturbing lapse in the scanning procedure of Norton Antivirus 5.0 Win32. I am looking for corroboration and...
CVE-2000-0932
MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service...
[SECURITY] New version of tcsh released
Package: tcsh Vulnerability: local exploit Debian-specific: no Proton reported on bugtraq that tcsh did not handle in-here documents correctly. The version of tcsh that is distributed with Debian GNU/Linux 2.2r0 also suffered from this problem. When using in-here documents using the syntax tcsh...
Очередная уязвимость в Internet Explorer (Java Object)
Через OBJECT c CLASSID="JAVA" можно обращаться к локальным документам...
Серьезная дырка в LPR (PostScript shell execution & grog)
При печати PostScript документов выполняются shell-команды содержащиеся в документах, при этом не сбрасывается egid lp, что позволяет получить gid lp, кроме того, в отдельных случаях возможно получить root используя некорректный вызов к программе pic в grog...
Дырка в SiteMinder
С помощью специально сконструированной URL можно получить доступ к закрытым документам, кроме того, можно получить исходные тексты CGI-приложений...
FreeBSD-SA-00:38.zope
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:38 Security Advisory FreeBSD, Inc. Topic: zope port allows remote modification of DTML documents Category: ports Module: zope Announced: 2000-08-14 Credits: Unknown...
Очередная дырка в IE - DHTMLED AttiveX
Элемент ActiveX позволяет редактирование документов, но не проверяет обращение к DOM, что позволяет прочитать любой локальный документ или документ из Intranet - сети...
CVE-2000-0288
Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable...