5353 matches found
Logitech VideoCall ActiveX Control Buffer Overflow
No description provided by source. $Id: logitechvideocallstart.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Solaris 2.6/7/8 SPARC xlock Heap Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships with Solar...
HP Compaq Insight Management Agent 5.0 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8336/info The Compaq Management Agent HTTP server is vulnerable to a format string issue. A remote attacker may be able to exploit this vulnerability in order to execute arbitrary code with Local System privileges. $ prin...
FreeBSD 3.3 gdc Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/834/info There is a buffer overflow vulnerability known to be present in the version of gdc shipped with the 3.3-RELEASE version of FreeBSD. By default, only users in group wheel have execute access to gdc. The overflow...
cfingerd 1.4 Format String Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd Configurable Finger Daemon allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of...
Borland Interbase Create-Request Buffer Overflow
No description provided by source. $Id: borlandinterbase.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
CVE-2014-4643
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service application crash and possibly execute arbitrary code via a long string in a reply to a 1 USER, 2 PASS, 3 PASV, 4 SYST, 5 PWD, or 6 CDUP command...
USN-2232-3: OpenSSL regression
USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem. Original advisory details: Jüri Aedla discovered that OpenSSL incorrectly handled invalid DTLS...
Critical: Red Hat Security Advisory: rubygem-openshift-origin-node security update
An updated rubygem-openshift-origin-node package that fixes one security issue and several bugs is now available for Red Hat OpenShift Enterprise 2.1.1. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base...
Cross site request forgery (csrf)
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted setfile request...
CVE-2014-4174
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted packet-trace file that includes a large packet...
Directory traversal
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031...
CVE-2014-4174
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted packet-trace file that includes a large packet...
Stack overflow
Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...
Stack overflow
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a HEAD request...
openSUSE Security Update : gdk-pixbuf-loader-rsvg (openSUSE-SU-2011:1090-1)
Specially crafted SVG files could make librsvg dereference a function pointer which potentially allows to execute arbitrary code CVE-2011-3146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : v8 / chromium (openSUSE-2011-53)
The Chromium update to version 17.0.945 and v8 update to version 3.7.8.0 resolve serveral bugs as well as a security bug in v8 that could potentially be exploited to execute arbitrary code CVE-2011-3900. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
CVE-2014-3911
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the 1 Start, 2 ChangeControlLocalName, 3 DeleteDeviceProfile, 4 FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control...
CVE-2010-5300
Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long file name in a zip archive...
Design/Logic Flaw
Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...