CVE-2008-3066

Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file...

RealPlayer for Windows < Build 6.0.14.806 / 6.0.12.1675 Multiple Vulnerabilities

According to its build number, the installed version of RealPlayer / on the remote Windows host suffers from possibly several issues : - Heap memory corruption issues in several ActiveX controls can lead to arbitrary code execution. CVE-2008-1309 - An unspecified local resource reference...

GnuPG < 1.4.9 / 2.0.9 Key Import Duplicate ID Memory Corruption

Binary data 4451.prm...

gnupg -- memory corruption vulnerability

Secunia reports: A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system. The vulnerability is caused due to an error when importing keys with duplicated IDs. This can be exploited to cause a memory corruption when importing keys via...

CVE-2008-0112

Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...

CVE-2008-1228

Cross-site scripting XSS vulnerability in admin.php in MG2 formerly Minigal allows remote attackers to inject arbitrary web script or HTML via the list parameter in an import action...

CVE-2008-1228

CVE-2008-1228 is a cross-site scripting (XSS) flaw in MG2 (formerly Minigal) that affects the admin.php interface. The vulnerability is triggered by the list parameter during an import action, allowing remote attackers to inject arbitrary web script or HTML. Documents consistently describe this a...

Opera Web浏览器9.26修复多个安全漏洞

BUGTRAQ ID: 27901 Opera是一款流行的WEB浏览器，支持多种平台。 Opera Web浏览器的9.26之前版本中存在多个安全漏洞，可能允许恶意用户执行跨站脚本攻击、泄露敏感信息或绕过某些安全限制。 1 当用户键入文件输入时，脚本可能导致忽略一些键盘动作。如果脚本能够诱骗用户相信正在键入正常的文件输入，而不让用户看到已经忽略了键盘动作，就可能导致输入指向计算机上的文件路径，然后在未经用户交互的情况下上传文件。 2 图形属性中可能包含有自定义标注。在显示图形属性时，Opera可能将这些标注处理为脚本，导致在错误的安全环境中运行脚本。 3...

Debian Security Advisory DSA 061-1 (gnupg)

The remote host is missing an update to gnupg announced via advisory DSA 061-1. OpenVAS Vulnerability Test $Id: deb0611.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 061-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 1025-1 (dia)

The remote host is missing an update to dia announced via advisory DSA 1025-1. infamous41md discovered three buffer overflow errors in the xfig import code of dia, a diagram editor, that can lead to the execution of arbitrary code. For the old stable distribution woody these problems have been...

Debian: Security Advisory (DSA-894-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...

CVE-2007-6503

Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote authenticated users to 1 import an arbitrary plan via a request to hosting/importhostingplans.asp; or 2 change an arbitrary plan via a request to hosting/AutoSignUpPlans.asp with the a save, b 30,...

CVE-2007-6503

CVE-2007-6503 affects Hosting Controller 6.1 with Hotfix 3.3 and earlier. The issue arises from multiple unspecified vulnerabilities that allow remote authenticated users to modify plans: (1) importing an arbitrary plan via hosting/importhostingplans.asp, or (2) changing an arbitrary plan via hos...

CVE-2007-6503

Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote authenticated users to 1 import an arbitrary plan via a request to hosting/importhostingplans.asp; or 2 change an arbitrary plan via a request to hosting/AutoSignUpPlans.asp with the a save, b 30,...

[SECURITY] Fedora 7 Update: thunar-volman-0.2.0-1.fc7

The Thunar Volume Manager is an extension for the Thunar file manager, which enables automatic management of removable drives and media. For example, if thunar-volman is installed and configured properly, and you plug in your digital camera, it will automatically launch your preferred photo...

hc-multi.txt

Title: Multiple Security Bugs In Hosting Controller Critical: Extremely critical Impact: Full system administrator access Vendor: Hosting Controller Version: 6.1 Hot fix = 3.3 Vendor URL: www.hostingcontroller.com Solution: N/A From company - There is temporary solution in this report Exploit:...

Fedora 7 : koffice-1.6.3-13.fc7 (2007-3059)

This update includes fixes to pdf import filters that can cause crashes possibly execute arbitrary code. See http://www.kde.org/info/security/advisory-20071107-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

Fedora 8 : koffice-1.6.3-13.fc8 (2007-3093)

This update includes fixes to pdf import filters that can cause crashes possibly execute arbitrary code. See http://www.kde.org/info/security/advisory-20071107-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

From the Baidu space to China blog vulnerability-vulnerability warning-the black bar safety net

These days there are always friends to ask me in ten period of black anti-on introduction to ajax hacking degree of influence exactly how much, and how for this stage of the network status of the web2. 0 vulnerability testing, and use of, this time by means of black anti-for everyone to see for...