9091 matches found
MOPS-2010-016: PHP ZEND_SR Opcode Interruption Address Information Leak Vulnerability
MOPS-2010-016: PHP ZENDSR Opcode Interruption Address Information Leak Vulnerability May 8th, 2010 PHP’s ZENDSR opcode can be abused for address information leak attacks by an userspace error handler interruption attack. Affected versions Affected is PHP 5.2 = 5.2.13 Affected is PHP 5.3 = 5.3.2...
kernel security update
CentOS Errata and Security Advisory CESA-2010:0394 Updated kernel packages that fix multiple security issues, several bugs, and add three enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact...
CVE-2010-1689
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and...
CVE-2010-1690
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and...
Code injection
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and...
Buffer overflow
Multiple buffer overflows in Deliantra Server before 2.82 allow remote attackers to execute arbitrary code via vectors related to 1 the commandgsay function in server/cparty.C and 2 the book implementation...
CVE-2010-1689
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and...
CVE-2010-1451
The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain PAGEEXEC4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent...
CVE-2010-1690
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix multiple security issues, several bugs, and add three enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...
Hardcoded credentials
The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service filesystem corruption via a crafted application that calls the mkdir a...
CVE-2010-0105
The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service filesystem corruption via a crafted application that calls the mkdir a...
The current CAPTCHA implementation may not be secure
The current CAPTCHA implementation displays a different message if the CAPTCHA is being displayed and the captcha is entered correctly but the password for the user is not, than if the CAPTCHA is entered incorrectly. This is giving away more information than a login screen should. The error messa...
The current CAPTCHA implementation may not be secure
The current CAPTCHA implementation displays a different message if the CAPTCHA is being displayed and the captcha is entered correctly but the password for the user is not, than if the CAPTCHA is entered incorrectly. This is giving away more information than a login screen should. The error messa...
The current CAPTCHA implementation may not be secure
The current CAPTCHA implementation displays a different message if the CAPTCHA is being displayed and the captcha is entered correctly but the password for the user is not, than if the CAPTCHA is entered incorrectly. This is giving away more information than a login screen should. The error messa...
ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-074 April 13, 2010 -- CVE ID: CVE-2010-0897 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Directory Server -...
Sun Java System Web Server Multiple Vulnerabilities
This host has Sun Java Web Server running which is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservmultvuln.nasl 6637 2017-07-10 09:58:13Z teissa $ Sun Java System Web Server Multiple Vulnerabilities Authors: Michael Meyer Copyright: Copyright c 2010 Greenbon...
[SECURITY] [DSA 2026-1] New netpbm-free packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2026-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano April 02, 2010 http://www.debian.org/security/faq -...
OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March...
SeaMonkey < 2.0.4 Multiple Vulnerabilities
Binary data 5495.prm...