CVE-2010-1880

Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability."...

CVE-2010-1250

Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with malformed 1 EDG 0x88 and 2 Publisher 0x89 records, aka "Excel EDG Memory...

Memory corruption

Dameng DM Database Server allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors related to the SPDELBAKEXPIRED procedure in wdmdll.dll, which triggers memory corruption...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Open Education System OES 0.1 beta allow remote attackers to execute arbitrary PHP code via a URL in the CONFINCLUDEPATH parameter to 1 forum/admin.php and 2 plotgraph/index.php in admin/modules/modules/, and 3 adminuser/modadmuser.php and 4...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfgadminpath parameter to 1 index.php, 2 view.php, 3 image.php, 4 search.php, 5 admin/index.php, 6 admin/gallery/index.php, 7 admin/gallery/view.php, 8...

CVE-2010-1938

Off-by-one error in the opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long username, as...

Mandriva Update for postgresql MDVSA-2010:103 (postgresql)

Check for the Version of postgresql OpenVAS Vulnerability Test Mandriva Update for postgresql MDVSA-2010:103 postgresql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

CVE-2010-1938

Off-by-one error in the opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long username, as...

CVE-2009-4873

Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service server crash or execute arbitrary code via a long Session cookie...

CVE-2009-4873

Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service server crash or execute arbitrary code via a long Session cookie...

Buffer overflow

Buffer overflow in k23productions TFTPUtil GUI aka TFTPGUI 1.4.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long transport mode...

Format string

Format string vulnerability in the msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.3109 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 action.class.php, 2 architecte.class.php, 3 avis.class.php, 4 bible.class.php, and 5...

CVE-2010-1286

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291...

Memory corruption

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291...

CVE-2010-1284

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291...

CVE-2010-0986

Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted Shockwave file...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in openMairie openPlanning 1.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 categorie.class.php, 2 profil.class.php, 3 collectivite.class.php, 4 ressource.class.php...

CVE-2010-1934

Multiple PHP remote file inclusion vulnerabilities in openMairie openPlanning 1.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 categorie.class.php, 2 profil.class.php, 3 collectivite.class.php, 4 ressource.class.php...

CVE-2010-1909

Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to execute arbitrary code via vectors involving "CreateProcess params." NOTE: some of these details are obtained...