Heap overflow

Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434...

Apple Releases Safari 5.1 and 5.0.6

Apple has released Safari 5.1 and 5.0.6 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, perform a cross-site scripting attack, or disclose sensitive information. US-CERT encourages users and administrators to review Apple Support Article...

Mozilla Crash caused by corrupted JPEG image (MFSA 2011-21)

Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a multipart/x-mixed-replace image...

CVE-2011-2098

CVE-2011-2098 affects Adobe Reader and Acrobat on Windows and macOS, with the vulnerability stemming from memory corruption in multiple versions. Specifically, affected are Adobe Reader/Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1; exploitation could lead to arbitrary code execu...

Google Chrome Releases 12.0.742.91

Google has released Chrome 12.0.742.91 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...

FestOS <= 2.3c TinyBrowser File Upload Code Execution

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

OPEN IT OverLook 'title.php' Cross Site Scripting Vulnerability

This host is running OverLook and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodoverlookxssvuln.nasl 5668 2017-03-21 14:16:34Z cfi $ OPEN IT OverLook 'title.php' Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

Design/Logic Flaw

The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and...

UBUNTU-CVE-2011-0129

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in...

UBUNTU-CVE-2011-0139

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in...

CVE-2011-0346

Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the DOM implementation and the BreakAASpecial and...

CVE-2010-0114

fwcharts.php in the reporting module in the Manager aka SEPM component in Symantec Endpoint Protection SEP 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request...

CVE-2010-1676

Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via unspecified vectors...

Exim alternate configuration privilege escalation vulnerability

Overview A vulnerability in the way that the Exim mail server handles configuration files may allow a local attacker to gain escalated privileges on an affected system. Description Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to t...

Ubuntu: Security Advisory (USN-1015-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for libxml2 vulnerability USN-1016-1

Ubuntu Update for Linux kernel vulnerabilities USN-1016-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10161.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libxml2 vulnerability USN-1016-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : libxml2 vulnerability (USN-1016-1)

Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program. Note that Tenable Network...

FreeBSD 'pseudofs' NULL Pointer Dereference Local Privilege Escalation Vulnerability

No description provided by source. / Source: http://www.securityfocus.com/bid/43060/info 18.08.2010, babcia padlina FreeBSD 7.0 - 7.2 pseudofs null ptr dereference exploit to obtain SYSENT8SYCALLADDR, run: $ kgdb /boot/kernel/kernel kgdb print &sysent8.sycall / define SYSENT8SYCALLADDR 0xc0c4afa4...

CVE-2010-3069

Stack-based buffer overflow in the 1 sidparse and 2 domsidparse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Windows Security ID SID on a file share...

CVE-2010-2213

Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216...