6673 matches found
SMTP Server Inbound .exe Attachment Detection
Binary data 1173.prm...
Internet Security Systems BlackICE PC Protection 3.6 - Firewall.INI Local Buffer Overrun
source: https://www.securityfocus.com/bid/10915/info It is reported that BlackICE PC Protection is prone to a local buffer overrun when handling excessive input in certain configuration directives parsed from the firewall.ini file included with the software. It is reported that when the system is...
CVE-2004-0213
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context...
Mandrake Linux Security Advisory : gnupg (MDKSA-2001:053-1)
A format string vulnerability exists in gnupg 1.0.5 and previous versions which is fixed in 1.0.6. This vulnerability can be used to invoke shell commands with privileges of the currently logged-in user. Update : The /usr/bin/gpg executable was installed setuid root and setgid root. While being...
Norton AntiVirus DoS
Programs hangs with 100 on malcrafted executable file...
UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit
Exploit for unix platform in category local exploits ========================================================= UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit ========================================================= / Exploit for /bin/mkdir Unix V7 PDP-11. mkdir has a buffer overflow...
vpasp5x.txt
VP-ASP Shopping Cart Multiple Vulnerabilities Release Date: June 14, 2004 Severity: High Vendor: Virtual Programming Software: VP-ASP Shopping Cart Version 5.x Remote: Remotely executable Vulnerabilities: Cross Site Scripting SQL Injection Technical Details: Cross Site Scripting Vulnerability was...
IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method
IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method source: https://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods...
IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method
source: https://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a malicious website and may result i...
[Full-Disclosure] VP-ASP Shopping Cart Multiple Vulnerabilities
VP-ASP Shopping Cart Multiple Vulnerabilities Release Date: June 14, 2004 Severity: High Vendor: Virtual Programming Software: VP-ASP Shopping Cart Version 5.x Remote: Remotely executable Vulnerabilities: Cross Site Scripting SQL Injection Technical Details: Cross Site Scripting Vulnerability was...
CVE-2004-0503
Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format RTF message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to...
IBM EGatherer 2.0 - ActiveX Control Dangerous Method
IBM EGatherer 2.0 - ActiveX Control Dangerous Method source: https://www.securityfocus.com/bid/10562/info It is reported that the IBM eGatherer ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods ma...
IBM EGatherer 2.0 - ActiveX Control Dangerous Method
source: https://www.securityfocus.com/bid/10562/info It is reported that the IBM eGatherer ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a malicious website and may result i...
Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass
Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass source: https://www.securityfocus.com/bid/10164/info A vulnerability has been reported in Symantec Norton AntiVirus 2002 that may potentially cause deeply nested files with specific names to bypass manual scanning. This could permit...
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the ITS InfoTech Storage Protocol URI handler. It is possible to use this...
Self-Executing FOLDERS: Windows XP Explorer Part V
Sunday, January 25, 2004 The following file is a 'folder' comprising both scripting and an executable .exe. We inject scripting and an executable into the 'folder' which is designed to point back to the executable in the 'folder' and execute it. Provided the 'folder' is an html file, Windows XP...
vbox3 privilege escalation
Elevated privileges are not dropped on external executable call...
Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service
Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service // source: https://www.securityfocus.com/bid/9379/info KpyM Telnet Server has been reported to be prone to a remote denial of service vulnerability. Due to a lack of resource limitations, a remote attacker may negotiate multiple...
SGDynamo sgdynamo.exe HTNAME XSS
The remote host is running the CGI 'sgdynamo.exe'. There is a bug in some versions of this CGI which makes it vulnerable to a cross-site scripting attack. %NASLMINLEVEL 70300 This script written by Scott Shebby 12/2003 See the Nessus Scripts License for details Changes by Tenable: - Revised...
CVE-2003-0936
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe...