34 matches found
IBM Notes runs arbitrary JAVA and Javascript in emails
Overview IBM Notes parses arbitrary JAVA and Javascript code by default when viewing emails. Description The n.runs AG security advisory states:Notes 8.5.3 does not filter tags inside HTML emails. This can be used to load arbitrary Java applets from remote sources making it an information...
n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.004 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom H.323 Format String Vulnerability Risk: HIGH Overview: For every received H.323 SETUP...
n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.001 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom Command Shell Grants System-Level Access Risk: LOW Overview: The Polycom Command Shell ...
n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.002 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom Firmware Update Command Injection Risk: MEDIUM Overview: Polycom HDX systems can be...
Polycom H.323 Format String
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.004 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom H.323 Format String Vulnerability Risk: HIGH Overview: For every received H.323 SETUP...
Polycom H.323 CDR Database SQL Injection
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.003 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom H.323 CDR Database SQL Injection Risk: HIGH Overview: For every received H.323 SETUP...
Splunk 4.3.x Denial Of Service
Splunk version 4.3.x suffers from a denial of service hash table vulnerability. Vendors: Splunk Inc., http://www.splunk.com Product: Splunk 4.3.x + possibly earlier versions Vulnerability: Unauth. remote denial of service against splunkweb Tracking IDs: CVE-2012-1150 SPL-53249 Vendor communicatio...
HP LaserJet PJL Interface Directory Traversal
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory Traversal in PJL interface Risk: HIGH Vendor...
HP LaserJet Directory Traversal in PJL Interface
Exploit for hardware platform in category remote exploits ================================================ HP LaserJet Directory Traversal in PJL Interface ================================================ Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP device...
HP LaserJet - Directory Traversal in PJL Interface
HP LaserJet - Directory Traversal in PJL Interface n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory...
HP LaserJet - Directory Traversal in PJL Interface
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory Traversal in PJL interface Risk: HIGH Vendor...
n.runs-SA-2009.007 - Adobe Acrobat - Invalid pointer write could lead to arbitrary code execution
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2009.007 15-Oct-2009 Vendor: Adobe Systems Incorporated, http://www.adobe.com Affected Products: Adobe Acrobat Reader/Acrobat Version: 8.1.3 - 8.1.6 Platform: Windows Vulnerability: Invalid pointer write could lead to arbitrary code...
n.runs-SA-2009.005 - Apple Safari - Information disclosure
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2009.005 23-Jun-2009 Vendor: Apple Inc., http://www.apple.com Affected Products: Safari Browser 3.2.3 all platforms Vulnerability: Information disclosure to Denial of Service Risk: MEDIUM Vendor communication: 2009/06/07 Bug found...
n.runs-SA-2009.001 - OS X CFNetwork advisory
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2009.001 15-May-2009 Vendor: Apple Inc., http://www.apple.com Affected Products: Mac OS X 10.5.6 Vulnerability: Heap-based buffer overflow in CFNetwork component remote Risk: HIGH Vendor communication: 2009/04/17 Initial notification o...
n.runs-SA-2008.009 - Eaton MGE OPS Network Shutdown Module - authentication bypass vulnerability and remote code execution
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2008.009 27-October-2008 Vendor: Eaton MGE office protection systems Affected Products: Network Shutdown Module version 3.10 Vulnerability: authentication bypass vulnerability and remote code execution Risk: High Vendor communication:...
n.runs-SA-2008.008 - Internet Explorer HTML Object Memory Corruption and Remote Code Execution
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2008.008 21-October-2008 Vendor: Microsoft Affected Products: Internet Explorer 6 Internet Explorer 7 Windows XP SP2 & SP3 Windows 2000 SP4 Windows 2003 SP1 Vulnerability: Remote Code execution Risk: High Overview -------- A remote cod...
n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbitrary Code Execution (remote)
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2008.005 01-Aug-2008 Vendor: Apple Inc., http://www.apple.com Affected Products: CoreServices Framework’s CarbonCore Framework Used by: i.e. Safari, Mail Affected Platforms: Mac OS X v10.4.11 Mac OS X Server v10.4.11 Mac OS X v10.5.4 M...
[Full-disclosure] n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote)
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2008.004 28-Jul-2008 Vendor: Grisoft Inc., http://grisoft.com Product: AVG Anti-Virus Vulnerability: Divide by Zero - DoS remote Risk: HIGH Vendor communication: 2008-07-10 n.runs contacted AVG 2008-07-10 AVG response 2008-07-10 n.runs...
n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2007.026 24-Aug-2007 Vendor: Sophos, http://www.sophos.com Affected Products: Sophos Anti-Virus for Windows Sophos Anti-Virus for Unix/Linux Vulnerability: Infinite Loop DoS remote Risk: MEDIUM Vendor communication: 2007/05/07 initial...
n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2007.027 24-Aug-2007 Vendor: Sophos, http://www.sophos.com Affected Products: Sophos Anti-Virus for Windows Sophos Anti-Virus for Unix/Linux Vulnerability: Arbitrary Code Execution remote Risk: HIGH Vendor communication: 2007/05/07...