WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 ActiveX Control Memory Misreference Vulnerability

WebGate eDVR Manager is an eDVR software manager from WebGate Korea. A memory misreference vulnerability exists in the 'Connect' function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control of WebGate eDVR Manager. A remote attacker could exploit this vulnerability to execute arbitrary code via ...

MGASA-2015-0013 Updated glibc packages fix security vulnerabilities

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context- dependent attackers to bypass the FORTIFYSOURCE format-string...

CVE-2013-4352

The cacheinvalidate function in modules/cache/cachestorage.c in the modcache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service NULL pointer dereference and daemon crash via vectors that trigger a missing hostna...

WHMCS Group Pay Plugin 1.5 (grouppay.php, hash param) - SQL Injection

No description provided by source. Tile: WHMCS grouppay plugin SQL Injection = 1.5 Author: HJauditing Employee Tim E-mail: [email protected] Web: http://hjauditing.com/ Plugin: http://kadeo.com.au/design-and-development/whmcs-dev/whmcs-modules/72-group-pay.html ============ Introduction...

CVE-2013-4143

The 1 checkPasswd and 2 checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock via vectors related to...

CVE-2012-6643

Multiple SQL injection vulnerabilities in the updatecounter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to 1 videos.php or 2 channels.php. NOTE: some of these details are obtained from third party information...

Design/Logic Flaw

Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."...

CVE-2013-0080

Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."...

CVE-2013-0080

Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."...

Design/Logic Flaw

The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allow...

Design/Logic Flaw

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a crafted applicati...

CVE-2012-0157

CVE-2012-0157 affects Windows kernel Win32k.sys, where local users can elevate privileges by crafting inputs to PostMessage. Public sources (MS12-018) and multiple vulnerability feeds confirm a kernel-mode privilege-escalation flaw exploitable via PostMessage handling in win32k.sys on affected Wi...

phpstcms (STCMS music system) to bypass the backend authentication method-vulnerability warning-the black bar safety net

Published author: the mind Vulnerability type: background verification Vulnerability analysis: a music system-0-in! Throw in the hard disk is also equal to moldy, classic white look at the code. Vulnerability exists in“common.inc.php”file, as follows. phpstcms STCMS music system to bypass the...

CVE-2010-3238

Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Negative Future Function Vulnerability."...

Buffer overflow

The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service daemon crash or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT...

php: htmlspecialchars() insufficient checking of input for multi-byte encodings

The htmlspecialchars function in PHP before 5.2.12 does not properly handle 1 overlong UTF-8 sequences, 2 invalid ShiftJIS sequences, and 3 invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting XSS attacks by placing a crafted byte sequence before a special...

SuSE 10 Security Update : libpng (ZYPP Patch Number 5945)

This update of libpng fixes the function pngcheckkeyword that allowed setting arbitrary bytes in the process memory to 0. CVE-2008-5907 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

Design/Logic Flaw

The getrandomint function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to...

CVE-2008-7002

PHP 5.2.5 does not enforce a openbasedir and b safemodeexecdir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the 1 exec, 2 system, 3 shellexec, 4 passthru, or 5 popen functions,...

Mandrake Linux Security Advisory : php (MDKSA-2007:090)

A heap-based buffer overflow vulnerability was found in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution CVE-2007-1001. A DoS flaw was found in how PHP processed a deeply nested array. A remote attacker coul...