6 matches found
Possible exploit vulnerability in Zoho ManageEngine
A vulnerability has been fixed in several Zoho ManageEngine products. The vulnerability is located in an underlying third-party product: Apache Santuario. The vulnerability allows a malicious party to execute arbitrary code on the vulnerable system with system privileges. Researchers at Horizon3 ...
Oracle extproc buffer overflow (#NISR23122004A)
NGSSoftware Insight Security Research Advisory Name: Oracle 10g extproc buffer overflow Systems Affected: Oracle 10g on all operating systems Severity: High Risk Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...
ISMAIL (All Versions) Remote Buffer Overrun
NGSSoftware Insight Security Research Advisory Name: ISMAIL v 1.25 & v 1.4.3 Remote Buffer Overrun Systems Affected: WinNT, Win2K, XP Severity: High Risk Category: Remote Buffer Overrun Vendor URL: http://instantservers.com/ismail.html Author: Mark Litchfield [email protected] Date: 27th...
Buffer Overrun in Talentsoft's Web+ (3) (#NISR17042002B)
NGSSoftware Insight Security Research Advisory Name: Web+ Cookie Buffer Overflow Systems Affected: IIS and Web+ 4.6/5.0 on Windows NT/2000 Severity: High Risk Vendor URL: http://www.talentsoft.com Author: David Litchfield [email protected] Date: 17th April 2002 Advisory number: NISR17042002B...
Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root
Georgi Guninski security advisory 36, 2001 Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root Systems affected: Oracle JSP/SQLJSP handlers, installed by default Oracle 8.1.7 Windows 2000 Have not tested on other versions but they may be vulnerable Risk: High Dat...
IE 5.5/Outlook Express security vulnerability - GetObject() expose user's files
Georgi Guninski security advisory 22, 2000 IE 5.5/Outlook Express security vulnerability - GetObject expose user's files Systems affected: IE 5.5, Outlook Express,probably Outlook - Win98/2000. Probably other versions - have not tested. Risk: High Date: 26 September 2000 Legal Notice: This Adviso...