8671 matches found
CVE-2011-2503
The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score,...
PHP 5.3.x < 5.3.14 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is 5.3.x earlier than 5.3.14, and is, therefore, potentially affected the following vulnerabilities : - An integer overflow error exists in the function 'pharparsetarfile' in the file 'ext/phar/tar.c'. This error can lead to...
CVE-2012-1873
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability."...
CVE-2012-1873
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability."...
RedHat Update for tomcat6 RHSA-2011:0791-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RedHat Update for kernel RHSA-2011:0007-01
Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2011:0007-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
MDM Mobile Device Settings Setup
Binary data mdminitialize.nbin...
Race condition
Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file...
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 Code Execution
Exploit for windows platform in category remote exploits McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject Security Bypass Remote Code Execution Vulnerability tested against: Microsoft Windows Vista sp2 Microsoft Windows 2003 r2 sp2 Internet Explorer 7/8/9 product...
Quest Toad For Oracle Explain Plan Display File Creation / Overwrite
try obj.SaveToFile"c:\windows\win.ini"; catche try obj.SaveToFile"../../../../../../../../../../windows/win.ini"; catche original url: http://retrogod.altervista.org/9sgquesttoadpoc.htm...
Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control pnllmcli.dll 7.5.304.547 SaveMiniLaunchFile() Method Remote File Creation Overwrite
Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control pnllmcli.dll 7.5.304.547 SaveMiniLaunchFile Method Remote File Creation Overwrite var obj = new ActiveXObject"PNLLM.Client.1"; obj.SaveMiniLaunchFile"","c:\windows\win.ini";...
Quest vWorkspace 7.5 Connection Broker Client ActiveX SaveMiniLaunchFile()
Exploit for windows platform in category remote exploits var obj = new ActiveXObject"PNLLM.Client.1"; obj.SaveMiniLaunchFile"","c:\windows\win.ini"; 0day.today 2018-02-19...
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability
!-- Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability when viewing the device web interface it asks to install an ActiveX control with the following settings: ProductName: PlayerPT ActiveX Control Module File...
Dell Webcam Software Bundled - ActiveX Remote Buffer Overflow
Dell Webcam Software Bundled - ActiveX Remote Buffer Overflow Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll sprintf Remote Buffer Overflow Vulnerability Tested against: Microsoft Windows Vista SP2 Microsoft Windows XP SP3 Microsoft Windows 2003 R2 SP2 Internet Explorer 7/8/9...
Dell Webcam Software Bundled ActiveX Remote Buffer Overflow
Exploit for windows platform in category remote exploits Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll sprintf Remote Buffer Overflow Vulnerability Tested against: Microsoft Windows Vista SP2 Microsoft Windows XP SP3 Microsoft Windows 2003 R2 SP2 Internet Explorer 7/8/9 downlo...
VMware ESXi scan initialization
This VT initiates an authenticated scan against the VMware ESXi SOAP API via HTTP. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Design/Logic Flaw
The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service daemon crash via a SELECT statement with a redundant WHERE condition...
ghostscript: gs_init.ps searched in current directory despite -P-
Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gsinit.ps, a different...
Moderate: Red Hat Security Advisory: ghostscript security update
Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...