669 matches found
CVE-2013-0006
Microsoft XML Core Services aka MSXML 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."...
CVE-2013-0006
Microsoft XML Core Services aka MSXML 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."...
CVE-2013-0006
CVE-2013-0006 is associated with OSIsoft PI Interface for OPC XML-DA (ICS advisory ICSA-20-315-01) and Microsoft MSXML/MS13-002 context. Connected documents identify the affected product as PI Interface for OPC XML-DA versions prior to 1.7.3.x, where the vulnerability stems from numeric errors/st...
CVE-2013-0006
Microsoft XML Core Services aka MSXML 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."...
CVE-2013-0006
Microsoft XML Core Services aka MSXML 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."...
Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)
This host is missing a critical security update according to Microsoft Bulletin MS13-002. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)
This host is missing a critical security update according to Microsoft Bulletin MS13-002. OpenVAS Vulnerability Test $Id: secpodms13-002.nasl 4922 2017-01-02 16:28:42Z cfi $ Microsoft XML Core Services Remote Code Execution Vulnerabilities 2756145 Authors: Rachana Shetty Copyright: Copyright c 20...
Microsoft XML Core Services整数截断漏洞(MS13-002)
CVECAN ID: CVE-2013-0006 Microsoft Windows是微软公司推出的一系列操作系统。 Microsoft XML Core Services在解析XML内容时存在整数溢出错误,可被利用远程执行任意代码。 0 Microsoft Office 2007 Microsoft Office Office 2003 Professional Edi Microsoft Office 2003 Student and Teacher Edi Microsoft Office 2003 Standard Edition Microsoft Office 2003...
Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability. The flaw exists within the libsecuritycdsaplugin which implements routines defined in libsecuritycssm. The library defin...
Scientific Linux Security Update : openoffice.org on SL4.x i386/x86_64
An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when...
Scientific Linux Security Update : openoffice.org on SL3.x i386/x86_64
An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when...
Scientific Linux Security Update : openoffice.org2 on SL4.x i386/x86_64
An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when...
XnView < 1.99.0 Multiple Buffer Overflow Vulnerabilities
The version of XnView installed on the remote Windows host is earlier than 1.99.0. It therefore is reportedly affected by the following heap-based buffer overflow vulnerabilities : - An integer truncation issue exists related to the handling of the depth value in 'Sun Raster' RAS image files. - A...
Google Fixes 13 Flaws in Chrome
Just a few days after releasing a fairly large set of patches for its Chrome browser, Google has pushed out another update, fixing 13 vulnerabilities, more than half of them being high-severity bugs. The newest version of Chrome also includes an updated version of Adobe Flash that has a fix for a...
Heap overflow
Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to a...
Secunia Research: Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability
====================================================================== Secunia Research 27/09/2011 - Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability - ====================================================================== Table of Contents Affected...
ruby: memory corruption in BigDecimal on 64bit platforms
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...
CVE-2011-0183
Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service lockd, statd, mountd, or portmap outage via a crafted packet, related to an "integer truncation issue."...
Integer overflow
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...
CVE-2011-0188
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...