10269 matches found
Microsoft Expression Design wintab32.dll Library Loading
Added: 04/25/2012 CVE: CVE-2012-0016 BID: 52375 OSVDB: 80001 Background Microsoft Expression Design is a commercial professional illustration vector and raster graphic design tool for web images. Problem Microsoft Expression Design contains a flaw in the way it loads dynamic-link libraries DLL. T...
Apache HTTP Server 'LD_LIBRARY_PATH'不安全库装载任意代码执行漏洞
Bugtraq ID: 53046 CVE ID:CVE-2012-0883 Apache HTTP Server是一款流行的HTTP服务程序 由于不安全处理LDLIBRARYPATH,可导致在当前工作目录中搜索DSO,攻击者可以利用此漏洞以HTTPD服务上下文执行任意代码 0 Apache 2.0.x Apache 2.1.x Apache 2.2.x Apache 2.3.x 厂商解决方案 Apache ----- Apache Software Foundation Apache 2.4.2已经修复此漏洞,建议用户下载使用: http://www.apache.org/...
Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading
According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.2. It is, therefore, potentially affected by an insecure library loading issue. The utility 'apachectl' can receive a zero-length directory name in the LDLIBRARYPATH via the 'envvars' file. A local...
Fedora 16 : raptor2-2.0.7-1.fc16 (2012-4663)
new raptor2-2.0.7 release highlights : - CVE-2012-0037 fixed - Removed Expat support - Removed internal Unicode NFC code for better and optional ICU - Added options for denying file requests and XML entity loading - Added options for SSL certificate verifying - Fixed reported issues: 0000448 and...
Opera Cache History Information Disclosure Vulnerability (Linux)
The host is installed with Opera and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gboperacachehistoryinfodiscvulnlin.nasl 5999 2017-04-21 09:02:32Z teissa $ Opera Cache History Information Disclosure Vulnerability Linux Authors: Rachana Shetty Copyright:...
ALFTP Insecure Executable File Loading Vulnerability
This host is installed with ALFTP and is prone to insecure executable file loading vulnerability. OpenVAS Vulnerability Test $Id: secpodalftpinsecureexecfileloadvuln.nasl 6018 2017-04-24 09:02:24Z teissa $ ALFTP Insecure Executable File Loading Vulnerability Authors: Madhuri D Copyright: Copyrigh...
ALFTP Insecure Executable File Loading Vulnerability
ALFTP is prone to insecure executable file loading vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
http-chrono NSE Script
Measures the time a website takes to deliver a web page and returns the maximum, minimum and average time it took to fetch a page. Web pages that take longer time to load could be abused by attackers in DoS or DDoS attacks due to the fact that they are likely to consume more resources on the targ...
Microsoft Expression Design unsafe DLL loading
Unsafe DLL loading on .xpr and .design files processing...
Microsoft Visual Studio code execution
Unsafe add-in loading...
Google Chrome < 17.0.963.79 Memory Corruption Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 17.0.963.79 and is, therefore, affected by memory corruption vulnerabilities related to plugin loading and GPU processing. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Design/Logic Flaw
Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expression Design 2, 3, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .xpr or .DESIGN file, aka...
Microsoft Visual Studio Add-In Insecure Library Loading (MS12-021; CVE-2012-0008)
An elevation of privilege vulnerability has been reported in Microsoft Visual Studio...
CVE-2011-3047
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...
CVE-2011-3047
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...
CVE-2011-3047
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...
Memory corruption
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...
CVE-2011-3047
Removed by vendor...
Java Web Start initial heap size command injection
Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...
CVE-2011-3021
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...