Microsoft Internet Explorer 'OnPropertyChange_Src()' Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

Apache Struts2 XWork ParameterInterceptor security bypass

Added: 08/05/2010 CVE: CVE-2010-1870 BID: 41592 OSVDB: 66280 Background Apache Struts is a Java web application framework. Apache Struts version 2 is based on WebWork 2. WebWork 2 uses XWork to invoke actions based on HTTP parameter names. The ParameterInterceptor component of XWork runs the...

CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execu...

Gmail Checker Plus Chrome Extension Cross Site Scripting

Gmail Checker plus Chrome extension XSS extension: https://chrome.google.com/extensions/detail/mihcahmgecmbnbcchbopgniflfhgnkff advisore:http://lostmon.blogspot.com/2010/06/gmail-checker-plus-chrome-extension-xss.html Exploit available:yes So in this case "Google Mail Checker Plus" version 1.1.7...

Mozilla Firefox Code Execution Vulnerability (Windows) - May10

The host is installed with Mozilla Firefox browser and is prone to code execution vulnerability OpenVAS Vulnerability Test $Id: gbfirefoxcodeexevulnwinmay10.nasl 5306 2017-02-16 09:00:16Z teissa $ Mozilla Firefox Code Execution Vulnerability Windows - May10 Authors: Antu Sanadi Copyright: Copyrig...

ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability

ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-051 April 5, 2010 -- CVE ID: CVE-2010-0094 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime --...

Zabbix node_process_command() Function Crafted Request Arbitrary Command Execution

The version of Zabbix server running on the remote host has a command execution vulnerability in the 'processnodecommand' function of 'nodehistory.c'. A remote attacker could exploit this by sending a specially crafted request, resulting in the execution of operating system commands. C Tenable...

JDownloader concept included execution vulnerability

Exploit for unknown platform in category web applications ==================================================== JDownloader concept included execution vulnerability ==================================================== - -- Product JDownloader1 is an open source download manager for One-Click-...

Critical Flaws Haunt Adobe Shockwave Player

Adobe’s run on the patching treadmill continued this week with a “critical” update to fix a pair of code execution holes in its Shockwave Player. The vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions, on the Windows and Mac operating systems. According to an Adobe...

libtool security update

1.5.22-7 - add fix for CVE-2009-3736, libltdl may load and execute code from a library in the current directory...

Blender .blend File Command Execution Vulnerability

This host is installed with blender and is prone to Remote Command Execution Vulnerability. OpenVAS Vulnerability Test $Id: secpodblendercmdexeclin.nasl 5660 2017-03-21 11:29:28Z cfi $ Blender .blend File Command Execution Vulnerability Authors: Maneesh KB Copyright: Copyright c 2009 SecPod,...

Microsoft Office Excel Field Sanitization Remote Code Execution (MS09-067; CVE-2009-3134)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...

Microsoft .NET Framework Type Verification Error (MS09-061; CVE-2009-0090; CVE-2009-0091)

The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. A remote code execution vulnerability exists in the Microsoft...

HP OpenView OmniBack II Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP OpenView...

Security Update for Microsoft Visio 2002 (KB975365)

A security vulnerability exists in Microsoft Visio 2002 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

OpenOffice EMF File Parser Remote Command Execution Vulnerability (Linux)

The host has OpenOffice installed and is prone to Remote Command Execution Vulnerability OpenVAS Vulnerability Test $Id: secpodopenofficeemffileparservulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenOffice EMF File Parser Remote Command Execution Vulnerability Linux Authors: Antu Sanadi...

OpenOffice EMF File Parser Remote Command Execution Vulnerability (Windows)

The host has OpenOffice installed and is prone to Remote Command Execution Vulnerability OpenVAS Vulnerability Test $Id: secpodopenofficeemffileparservulnwin.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenOffice EMF File Parser Remote Command Execution Vulnerability Windows Authors: Antu Sanadi...

Design/Logic Flaw

pphoto in Ariadne before 2.6 allows remote authenticated users with certain privileges to execute arbitrary shell commands via vectors related to PINP programs and the annotate command. NOTE: some of these details are obtained from third party information...

CVE-2008-7088

Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in a certain path. NOTE:...

RedHat Security Advisory RHSA-2009:1136

The remote host is missing updates announced in advisory RHSA-2009:1136. The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address...