154 matches found
Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The flaw exists within the NFRAgent.exe component which listens by default on TCP port 3037. When handling...
IBM DB2 db2dasrrm validateUser Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM DB2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the db2dasrrm process responsible for handling queries to the com.ibm.db2.das.core.DasSysCmd...
Oracle Business Intelligence emagent.exe nmehl_getURIParams Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Business Intelligence One. Authentication is not required to exploit this vulnerability. The flaw exists within the emagent.exe component which listens by default on TCP port 3938. When...
Hewlett-Packard Network Node Manager OVutil.dll Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovutil.dll component which is loaded by the webserver listeni...
Novell iPrint Client Netscape/ActiveX printer-state-reasons Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the both the Netscap...
Novell ZENworks Handheld Management ZfHIPCND.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Handheld Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within module ZfHIPCND.exe. This process is responsible for handling the...
EDItran Communications Platform (editcp) 4.1 - Remote Buffer Overflow
EDItran Communications Platform editcp 4.1 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/41342/info EDItran Communications Platform editcp is prone to a remote buffer-overflow vulnerability because it fails to properly validate user-supplied input before copying it into a...
EDItran Communications Platform (editcp) 4.1 - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/41342/info EDItran Communications Platform editcp is prone to a remote buffer-overflow vulnerability because it fails to properly validate user-supplied input before copying it into a fixed-length buffer. Attackers can exploit this issue to execute...
CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability
TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-13 December 9, 2009 -- CVE ID: CVE-2009-4180 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...
Debian DSA-1684-1 : lcms - multiple vulnerabilities
Two vulnerabilities have been found in lcms, a library and set of commandline utilities for image color management. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-5316 Inadequate enforcement of fixed-length buffer limits allows an attacker to...
findutils -- GNU locate heap buffer overrun
James Youngman reports: When GNU locate reads filenames from an old-format locate database, they are read into a fixed-length buffer allocated on the heap. Filenames longer than the 1026-byte buffer can cause a buffer overrun. The overrunning data can be chosen by any person able to control the...
Microsoft Word Macro Buffer Overflow
Topic: Buffer overflow on Macro structure processing Vulnerable: Microsoft Office 97, Microsoft Office 2000 any service pack Not Vulnerable: Microsoft Office XP Description: During processing of document with embedded macros Microsoft Office family products are vulnerable to buffer overflow...
Linux Kernel 2.2.x/2.3/2.4.x - 'd_path()' Path Truncation
/ source: https://www.securityfocus.com/bid/4367/info The Linux kernel dpath function converts a dentry structure into an ASCII path name. The full path to the specified dentry is returned in a fixed length buffer of size PAGESIZE bytes. Reportedly, if a dentry structure is passed with a path whi...