674 matches found
Microsoft Windows Internet打印服务整数溢出漏洞(MS08-062)
BUGTRAQ ID: 31682 CVECAN ID: CVE-2008-1446 Microsoft Windows是微软发布的非常流行的操作系统。 IIS的Internet打印协议ISAPI扩展在处理特制的IPP响应时存在整数溢出漏洞。如果Windows系统上在运行IIS且启用了Internet打印服务的话,远程攻击者可以通过特制的HTTP POST请求诱骗受影响的服务器连接到恶意的IPP服务器来触发这个溢出,导致执行任意指令。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP1...
Skype does not properly filter input from external websites
Overview The Skype client does not properly filter user-supplied input from websites that provide video content to Skype users. Description Skype is a peer-to-peer application that provides Voice over IP VoIP and Instant Messaging services. The Skype client is available for the Microsoft Windows,...
SOL2232 - checktrap.pl script may be vulnerable to remote command execution
The checktrap.pl script may be vulnerable to remote command execution. F5 Networks Product Development tracked this issue as CR35371 and CR35372, and it was fixed in BIG-IP and 3-DNS version 4.5.12 for the 4.5 software branches and in version 4.6.3 for the 4.6 software branches. Obtaining and...
CVE-2006-2587
Buffer overflow in the WebTool HTTP server component in 1 PunkBuster before 1.229, as used by multiple products including 2 America's Army 1.228 and earlier, 3 Battlefield 1942 1.158 and earlier, 4 Battlefield 2 1.184 and earlier, 5 Battlefield Vietnam 1.150 and earlier, 6 Call of Duty 1.173 and...
Buffer-overflow in the WebTool service of PunkBuster for servers (minor than v1.229)
Luigi Auriemma Application: PunkBuster http://www.punkbuster.com Versions: PunkBuster for servers, versions minor than v1.229: America's Army = v1.228 Battlefield 1942 = v1.158 Battlefield 2 = v1.184 Battlefield Vietnam = v1.150 Call of Duty = v1.173 Call of Duty 2 = v1.108 DOOM 3 = v1.159 Enemy...
PunkBuster 1.229 - WebTool Service Remote Buffer Overflow (Denial of Service) (PoC)
PunkBuster 1.229 - WebTool Service Remote Buffer Overflow Denial of Service PoC Luigi Auriemma Application: PunkBuster http://www.punkbuster.com Versions: PunkBuster for servers, versions minor than v1.229: America's Army = v1.228 Battlefield 1942 = v1.158 Battlefield 2 = v1.184 Battlefield Vietn...
Microsoft Internet Explorer contains a Channel Definition Format (CDF) cross-domain vulnerability
Overview Microsoft Internet Explorer contains a vulnerability that may allow unintended information disclosure or remote code execution due to a flaw in handling Channel Definition Format CDF files. Description From the Microsoft Channel Definition Format description:Channel Definition Format CDF...
Microsoft Internet Explorer contains URL decoding cross-domain vulnerability
Overview A URL decoding vulnerability in Microsoft Internet Explorer may allow remote attackers to bypass zone security restrictions and execute arbitrary code on affected systems. Description IE uses a cross-domain security model to maintain separation between browser frames from different...
BRS WebWeaver: Ftpd Lockdown via RETR cmd
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: BRS WebWeaver: Ftpd Lockdown via RETR cmd product: BRS WebWeaver 1.04 and prior vendor: http://www.brswebweaver.com risk: high date: 04/23/2k3 tested platform: Windows 98 Second Edition discovered by: euronymous /F0KP advisory urls:...
HM Software S to Infinity 3.0 - Multiple Vulnerabilities
HM Software S to Infinity 3.0 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/1368/info A number of vulnerabilities exist in HM Software S to Infinity, a security access control, desktop lockdown and transparent encryption application. Intended features include restriction of...
DoS против Lockdown
Программа использует внутренний буфер для хранения диагностических сообщений. При переполнении буфера, которое может быть вызвано большим числом попыток соединения на порт, программа начинает запускать обльшое количество внешних приложений, приводя к утечке ресурсов...
LockDown 2000
Official LockDown Corp. Release Systems Affected: All Windows based machines running LockDown 2000. The Problem: LockDown 2000 main text display limited the amount of text that could be entered in the main display window. If an attacker made over 200 connections to a logged port, error messages o...
Lockdown vulnerability - All versions
Release Date: May 4, 2000 Systems Affected: All machines running Lockdown Corporation's Lockdown AntiTrojan program ALL VERSIONS. Tested under Windows98. Results may vary under different operating systems, but all are vulnerable to the same problem. THE PROBLEM Lockdowns main display textbox can...
Embedded Lockdown Manager
Embedded Lockdown Manager...