Lucene search
+L

648 matches found

securityvulns
securityvulns
added 2010/03/11 12:0 a.m.70 views

iDefense Security Advisory 03.09.10: Microsoft Excel MDXTUPLE Record Heap Overflow Vulnerability

iDefense Security Advisory 03.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 09, 2010 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...

9.3CVSS0.5AI score0.23095EPSS
Exploits1
securityvulns
securityvulns
added 2010/03/11 12:0 a.m.61 views

iDefense Security Advisory 03.09.10: Microsoft Excel MDXSET Record Heap Overflow Vulnerability

iDefense Security Advisory 03.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 09, 2010 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...

9.3CVSS0.4AI score0.23095EPSS
Exploits1
Metasploit
Metasploit
added 2010/03/04 5:41 p.m.28 views

WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow

This module exploits a stack-based buffer overflow in WebEx's WebexUCFObject ActiveX Control. If a long string is passed to the 'NewObject' method, a stack- based buffer overflow will occur when copying attacker-supplied data using the sprintf function. It is noteworthy that this vulnerability wa...

9.3CVSS7.6AI score0.65391EPSS
Exploits8
Packet Storm
Packet Storm
added 2010/03/04 12:0 a.m.47 views

WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow

$Id: webexucfnewobject.rb 8712 2010-03-04 17:41:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS0.8AI score0.65391EPSS
Exploits8
securityvulns
securityvulns
added 2010/02/25 12:0 a.m.53 views

iDefense Security Advisory 02.23.10: Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability

iDefense Security Advisory 02.23.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 23, 2010 I. BACKGROUND The getPlus Downloader is an application download and installation manager, distributed in the form of an ActiveX control. This control is used by Adobe Systems Inc. to install...

9.3CVSS6.2AI score0.05179EPSS
Exploits1
seebug.org
seebug.org
added 2010/02/13 12:0 a.m.38 views

Microsoft PowerPoint "OEPlaceholderAtom" record vulnerability

No description provided by source. iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see...

9.3CVSS6.5AI score0.21221EPSS
Exploits6
securityvulns
securityvulns
added 2010/02/12 12:0 a.m.46 views

iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability

iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...

9.3CVSS5.7AI score0.21221EPSS
Exploits6
securityvulns
securityvulns
added 2010/02/12 12:0 a.m.57 views

iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Use-After-Free Vulnerability

iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...

9.3CVSS6.4AI score0.21221EPSS
Exploits1
securityvulns
securityvulns
added 2010/02/02 12:0 a.m.35 views

Remote Vulnerability in AIX RPC.cmsd released by iDefense

Hey guys, Just now I saw that iDefense did not include in their advisory the triggering code for this http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825. I believe it's very important to test your systems and verify the released patch. So here we go:...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2010/02/02 12:0 a.m.48 views

iDefense Security Advisory 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability

iDefense Security Advisory 02.01.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 01, 2010 I. BACKGROUND RealPlayer is an application for playing various media formats, developed by RealNetworks Inc. Since late 2003, Real Player has been based on the open-source Helix Player. More...

9.3CVSS0.1AI score0.06835EPSS
Exploits1
securityvulns
securityvulns
added 2010/01/17 12:0 a.m.54 views

iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability

iDefense Security Advisory 01.12.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2010 I. BACKGROUND Adobe Reader and Acrobat are Portable Document Format PDF reader and processors. For more information, please visit following pages: http://www.adobe.com/products/reader/...

10CVSS0.15809EPSS
Exploits0
Exploit DB
Exploit DB
added 2009/12/26 12:0 a.m.49 views

AWStats 6.1 < 6.2 - 'configdir' Remote Command Execution (Metasploit)

$Id: awstatsconfigdirexec.rb 7970 2009-12-26 03:31:20Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS6.6AI score0.74941EPSS
Exploits11
securityvulns
securityvulns
added 2009/12/10 12:0 a.m.44 views

iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability

iDefense Security Advisory 12.08.09 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 08, 2009 I. BACKGROUND Indeo Video is a video codec developed by Intel and included in Microsoft Windows. For more information about Indeo codec, please the visit following website:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2009/12/10 12:0 a.m.57 views

iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability

iDefense Security Advisory 12.08.09 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 08, 2009 I. BACKGROUND WordPad is the default text editing application included with nearly all Windows versions since Windows 95. The Word97 converter is used to convert Word documents into the format...

9.3CVSS0.3AI score0.31232EPSS
Exploits1
Packet Storm
Packet Storm
added 2009/12/04 12:0 a.m.49 views

Jasc Paint Shop Pro 8 Buffer Overflow

/ Software: Jasc Paint Shop Pro v8 Local Buffer Overflow Exploit UNIVERSAL Bug type: Local buffer overflow Exploitation method: SEH handler overwrite Description: When a crafted .PNG file is oppened a stack buffer overflow occurs because of DEP a SEH handler is overwriten and I overwriten his...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2009/11/11 12:0 a.m.63 views

iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 11.10.09 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 10, 2009 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is availabl...

9.3CVSS0.85731EPSS
Exploits10
securityvulns
securityvulns
added 2009/11/11 12:0 a.m.52 views

iDefense Security Advisory 11.10.09: Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 11.10.09 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 10, 2009 I. BACKGROUND Microsoft Word is a word processing application that is part of the Microsoft Office suite of products. For more information about...

9.3CVSS0.5AI score0.35792EPSS
Exploits1
Prion
Prion
added 2009/11/04 5:30 p.m.16 views

Design/Logic Flaw

Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...

5.8CVSS7.5AI score0.01834EPSS
Exploits1References3
NVD
NVD
added 2009/11/04 5:30 p.m.19 views

CVE-2009-3860

Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...

5.8CVSS6.9AI score0.01834EPSS
Exploits1References3
Cvelist
Cvelist
added 2009/11/04 5:0 p.m.27 views

CVE-2009-3860

Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...

6.9AI score0.01834EPSS
Exploits1References3
Rows per page
Query Builder