272 matches found
CVE-2010-0189
A certain ActiveX control in NOS Microsystems getPlus Download Manager aka DLM or Downloader 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary...
CVE-2010-0189
The CVE-2010-0189 issue targets Adobe Download Manager’s getPlus ActiveX control (NOS Microsystems) version 1.5.2.35, where insufficient domain-name validation allows an attacker to craft a download site name that, when loaded in Internet Explorer with the ActiveX control, could cause the user to...
Sun Java System Web Server Digest Authorization Buffer Overflow
Sun Microsystems' Java System Web Server is a high performance web server for medium to large business applications. A buffer overflow vulnerability has been reported in Sun Java System Web Server. The vulnerability is due to insufficient boundary checks by the Sun Java Web Server when processing...
Sun OpenOffice.org < 3.2 Multiple Vulnerabilities
The version of Sun Microsystems OpenOffice.org installed on the remote host is prior to version 3.2. It is, therefore, affected by several issues : - Signatures may not be handled properly due to a vulnerability in the libxml2 library. CVE-2006-4339 - There is an HMAC truncation authentication...
Sun MySQL mysql_log Format String (CVE-2009-2446)
A format string vulnerability exists in Sun Microsystems MySQL database server. The flaw is due to insufficient input validation when processing create and drop database commands. Remote authenticated attackers could exploit this vulnerability by sending malformed data to the MySQL process. In a...
Sun Java HsbParser.getSoundBank Stack Buffer Overflow (CVE-2009-3867)
Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java is wide...
BIND 9 DNSSEC validation code could cause fake NXDOMAIN responses
Overview A vulnerability exists in the BIND 9 DNSSEC validation code that could be used by an attacker to generate fake NXDOMAIN responses. Description BIND 9 contains a vulnerability in DNSSEC validation code. According to ISC: There was an error in the DNSSEC NSEC/NSEC3 validation code that cou...
Sun Java GIF File Handling Memory Corruption (CVE-2007-0243)
Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java is wide...
Q&A: Cloud Security with Former Sun CSO
The recent ACM Cloud Computing Security Workshop in Chicago was devoted specifically to cloud security. Speakers included Whitfield Diffie, a cryptographer and security researcher who, in 1976, helped solve a fundamental problem of cryptography: how to securely pass along the “keys” that unlock...
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability
ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-078 November 4, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability
ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-080 November 4, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection:...
ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-076 November 4, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection: TippingPoint...
ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability
ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-077 November 4, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability
ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-079 November 4, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
Security Fixes for Java, BlackBerry Desktop
Sun Microsystems and Research In Motion have issued critical bug fixes for security issues with their products. Both updates include fixes for critical security bugs that could be abused by attackers to run unauthorized software on a victim’s computer, although none of the flaws appear to have be...
Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page. The specific flaw exists in the parsing of long file:// URL arguments to...