5570 matches found
(0Day) WebGate eDVR Manager WESPPlayback.WESPPlaybackCtrl.1 SiteChannel Property Stack Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebGate eDVR Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
ManageEngine ServiceDesk Plus 9.0 Privilege Escalation Vulnerability
ManageEngine ServiceDesk Plus version 9.0 prior to build 9031 suffers from a remote privilege escalation vulnerability due to improper access controls. Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability Product: ServiceDesk Plus http://www.manageengine.com/ Affected...
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability
No description provided by source. ============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product:...
(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer RDP ActiveX Control Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Remo...
Oracle Document Capture BlackIceDevMode.ocx ActiveX Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Document Capture. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Recent assessments: wchen-r7 at Septembe...
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product: Yealink Easy VOIP Phone Homepage: http://www.yealink.com/ Impact: Medium Authentication: Required CVE: CVE-2012-1417 Found: 2012-02-21 Author: Narendra Shind...
Microsoft WordPerfect 5.x Converter Heap Overflow
NGSSoftware Insight Security Research Advisory Name: Microsoft WordPerfect 5.x Converter Heap Overflow Systems Affected: Microsoft Office, Microsoft FrontPage, Microsoft Publisher and Microsoft Works Suite Severity: Medium Risk Vendor URL: http://www.microsoft.com/ Author: Peter Winter-Smith...
Directory traversal in RealPlayer allows code execution
OVERVIEW ======== RealPlayer is a popular multimedia player developed by RealNetworks. One of its features are RMP files, RealJukebox Metadata Packages. These are XML formatted files which may contain e.g. playlists, references to skin files .rjs, and information about related web pages. A...
Security Bulletin MS01-053
---------------------------------------------------------------------- Title: Downloaded Applications Can Execute on Mac IE 5.1 for OS X Date: 23 October 2001 Software: Internet Explorer 5.1 for Macintosh r Impact: Run code of attacker's choice Bulletin: MS01-053 Microsoft encourages customers to...