129 matches found
EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messag...
EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messag...
HP Diagnostics Server magentservice.exe Integer Wrap
Added: 01/26/2012 CVE: CVE-2011-4789 BID: 51398 OSVDB: 78309 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem A vulnerability exists in the way the magentservice.exe service handles network requests. Subtraction...
HP Diagnostics Server magentservice.exe Integer Wrap
Added: 01/26/2012 CVE: CVE-2011-4789 BID: 51398 OSVDB: 78309 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem A vulnerability exists in the way the magentservice.exe service handles network requests. Subtraction...
HP Diagnostics Server magentservice.exe Integer Wrap
Added: 01/26/2012 CVE: CVE-2011-4789 BID: 51398 OSVDB: 78309 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem A vulnerability exists in the way the magentservice.exe service handles network requests. Subtraction...
HP Diagnostics Server magentservice.exe Integer Wrap
Added: 01/26/2012 CVE: CVE-2011-4789 BID: 51398 OSVDB: 78309 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem A vulnerability exists in the way the magentservice.exe service handles network requests. Subtraction...
ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability
ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-275 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart --...
EMC AutoStart ftAgent Multiple Remote Code Execution Vulnerabilities
The version of EMC AutoStart on the remote host reportedly contains multiple remote code execution vulnerabilities : - When creating error messages to be written to logs, a user controlled string from the packet is used as an argument to a function containing a format string. The result of that...
EMC Autostart ftAgent Opcode 0x140 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service ftAgent.exe. The Agent Service listens on TCP port 8045 for communications...
ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability
ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-208 June 14, 2011 -- CVE ID: CVE-2011-2109 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...
ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability
ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-201 June 14, 2011 -- CVE ID: CVE-2011-2120 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player -...
ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability
ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-209 June 14, 2011 -- CVE ID: CVE-2011-0335 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player ...
Oracle Java Soundbank Decompression Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java parses...
Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within AudioMixer.x32...
Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime running on OSX or Linux. This vulnerability does not affect java running on Windows. User interaction is required to exploit this vulnerability in that the target must visit...
Nortel CS1000 Communications Server Remote Denial of Service Vulnerability
This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of Nortel CS1000 Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process listening on UDP port 5100. When parsing ...
CVE-2011-0027
Microsoft Data Access Components MDAC 2.8 SP1 and SP2, and Windows Data Access Components WDAC 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer...
wireshark: unsigned integer wrap vulnerability in ERF reader (VU#676492)
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted erf file, related to an "unsigned integer wrap vulnerability."...
Apache Win32 Chunked Encoding
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apache Win32...
DEBIAN-CVE-2009-3829
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted erf file, related to an "unsigned integer wrap vulnerability."...