Ctek SkyRouter 4200 and 4300 Series Routers Remote Arbitrary Command Execution Vulnerability

Ctek SkyRouter 4200 and 4300 series routers are prone to a remote arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright...

MSCOMCTL.OCX Killbit: bdd1f04b-858b-11d1-b16a-00c0f0283628 (MS12-027; CVE-2012-0158)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in an ActiveX control. To trigger this issue, an attacker can create a malicious web page that initiates the vulnerable ActiveX control. Successful exploitation of this...

Vulnerability in Google Earth Software exposed by longrifle0x

Vulnerability in Google Earth Software exposed by longrifle0x Ucha Gobejishvili, Security researcher also known as Longrifle0x, found another Interesting Security issue in one of the most famous software called, Google Earth. He found a critical code execution vulnerability on google earth softwa...

Executable File Embedded in JPEG File Vulnerabilities

An arbitrary file execution vulnerability has been reported in JPEG files...

Microsoft Expression Design Insecure Library Loading (MS12-022; CVE-2012-0016)

A remote code execution vulnerability has been reported in Microsoft Expression Design...

PT-2012-3148 · Dolibarr · Dolibarr Cms

Name of the Vulnerable Software and Affected Versions: Dolibarr CMS versions 3.2.0 Alpha and earlier Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the memberslist parameter in list.php or the rowid parameter in...

Scientific Toolworks Understand 'wintab32.dll' DLL Loading Arbitrary Code Execution

The version of Scientific Toolworks Understand installed on the remote Windows host is earlier than 2.6 Build 600. As such, it insecurely looks in its current working directory when resolving DLL dependencies, such as for 'wintab32.dll'. Attackers may exploit this issue by placing a specially...

Plone Zope SAXutils Command Execution

Added: 01/13/2012 CVE: CVE-2011-3587 BID: 49857 OSVDB: 76105 Background Plone is a free and open source content management system built on top of the Zope application server. Plone can be used for any kind of website, including blogs, internet sites, webshops and internal websites. Problem Plone...

Design/Logic Flaw

Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted ClickOnce...

Mozilla Products Multiple Vulnerabilities - Dec 11 (MAC OS X)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillaprdtsmultvulnmacosxdec11.nasl 7044 2017-09-01 11:50:59Z teissa $ Mozilla Products Multiple Vulnerabilities - Dec 11 MAC OS X Authors: Madhuri D...

MPlayer SAMI Subtitle sub_read_line_sami Buffer Overflow

MPlayer is an open source multimedia player that runs on numerous operating systems including Linux, Windows and Mac OS X. Ports also exist for Amazon's Kindle, and the Nintendo Wii. It can play many audio and video formats MPEG, DivX, Ogg, etc. and handle various streaming protocols. A code...

Microsoft Windows TCP/IP Stack Reference Counter Overflow (MS11-083; CVE-2011-2013)

A remote code execution vulnerability has been reported in Microsoft Windows TCP/IP stack...

ProFTPD < 1.3.3g / 1.3.4 Response Pool Use-After-Free Code Execution

The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is earlier than 1.3.3g or 1.3.4. As such, it is potentially affected by a code execution vulnerability due to how the server manages the response po...

Embedthis GoAhead 2.18 Multiple Stored XSS Vulnerabilities - Active Check

Embedthis GoAhead is prone to multiple stored cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2011-3161

HP Data Protector Notebook Extension contains a remote code execution vulnerability in the dpnepolicyservice component (LogBackupLocationStatus method) that accepts unsafely validated input. This flaw is exploitable without authentication via the DPNECentral Web Service on TCP port 80, enabling a...

Remote code execution

Microsoft Forefront Unified Access Gateway UAG 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution...

CVE-2011-1572

Directory traversal vulnerability in the Admin Defined Commands ADC feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. dot dot sequences in admin-defined commands...

CVE-2011-2660

The CVE-2011-2660 vulnerability affects the vpnc package prior to version 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1, where the modify_resolvconf_suse script may allow remote attackers to execute arbitrary commands via a crafted DNS domain name. Affected product/component: vpnc, vulner...

XnView may insecurely load executable files

Overview XnView may use unsafe methods for determining how to load executables .exe XnView is a software for viewing and converting graphic files. XnView loads certain executables when using the "Open containing folder" function. XnView contains an issue with the file search path, which may...

Mozilla Firefox - &#039;nsTreeRange&#039; Dangling Pointer (2)

Advisory : Abysssec Public Exploit : This module exploits a code execution vulnerability in Mozilla Firefox = 3.6.16 caused by nsTreeSelection element. The specific flaw exists within the way Firefox handles user defined functions of a nsTreeSelection element. When executing the function...