CVE-2009-3737

The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2009-3737

The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2009-3737

CVE-2009-3737 concerns Oracle Siebel Option Pack for IE ActiveX control. The vulnerability stems from improper memory initialization in the NewBusObj method, enabling remote code execution via a crafted HTML document. CERT and Red Hat entries corroborate remote execution potential and provide mit...

Oracle Siebel Option Pack for IE ActiveX control memory initialization vulnerability

Overview The Oracle Siebel Option Pack for IE ActiveX control fails to properly initialize memory, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Siebel Option Pack for IE is an ActiveX control that is provided by Oracle Siebel...

Microsoft IE未初始化内存远程代码执行漏洞（MS10-018）

BUGTRAQ ID: 39023,39031 CVE ID: CVE-2010-0267,CVE-2010-0490 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer访问尚未正确初始化或已被删除的对象的方式中存在多个远程执行代码漏洞。攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 8.0 Microsoft Internet Explorer 7.0...

Ubuntu Update for libpng vulnerabilities USN-913-1

Ubuntu Update for Linux kernel vulnerabilities USN-913-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9131.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libpng vulnerabilities USN-913-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-913-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-913-1: libpng vulnerabilities

It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only...

CVE-2010-0663

The ParamTraits::Read function in common/commonparamtraits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data,...

CVE-2010-0663

CVE-2010-0663 refers to Google Chrome prior to 4.0.249.78, where the ParamTraits::Read function in common/common_param_traits.cc does not initialize memory for bitmap data. This could allow remote attackers to obtain potentially sensitive information from process memory, related to use of a thumb...

CentOS 5 : kernel (CESA-2007:0347)

Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...

Mandrake Security Advisory MDVSA-2009:281 (cups)

The remote host is missing an update to cups announced via advisory MDVSA-2009:281. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Hardcoded credentials

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document...

CVE-2009-1711

CVE-2009-1711 affects WebKit-based components (notably in Apple Safari before 4.0) where WebKit’s Attr DOM memory is not properly initialized. This can allow remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document that exercises Attr DOM memory handling...

CVE-2009-1711

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document...

CVE-2009-1711

Removed by vendor...

CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...

DEBIAN-CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...

cups: IPP_TAG_UNSUPPORTED handling NULL pointer dereference DoS

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...

CVE-2009-1436

The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file...