CVE-2011-1257

Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."...

Design/Logic Flaw

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service heap memory corruption or have unspecified other impact via vectors related to use of set, get, isset, and unset methods on objects...

Microsoft SharePoint Could Allow Remote Code Execution Vulnerability (2455005)

This host is missing a critical security update according to Microsoft Bulletin MS10-104 SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mozilla Crash and remote code execution in normalizeDocument (MFSA 2010-57)

The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...

Microsoft Excel Remote Code Execution Vulnerabilities (968557)

This host is missing a critical security update according to Microsoft Bulletin MS09-009. OpenVAS Vulnerability Test $Id: secpodmsexcelremotecodeexecvuln.nasl 6538 2017-07-05 11:38:27Z cfischer $ Microsoft Excel Remote Code Execution Vulnerabilities 968557 Authors: Sujit Ghosal Update description...

Microsoft Excel Remote Code Execution Vulnerabilities (968557)

This host is missing a critical security update according to Microsoft Bulletin MS09-009. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2009-0238

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a...

CVE-2009-0238

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a...

Debian Security Advisory DSA 043-1 (zope)

The remote host is missing an update to zope announced via advisory DSA 043-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple Mac OS X多个安全漏洞

Apple Mac OS X是苹果家族机器所使用的操作系统。 最新的Mac OS X更新修复了多个漏洞，具体如下： CVE-2006-1472 AFP Server中的漏洞允许在搜索结果中包含执行搜索用户无权访问的文件和文件夹。如果文件名本身就是敏感信息的话，就可能导致信息泄露；如果权限允许的话，攻击者还可以访问文件内容。 CVE-2006-1473 已认证用户可以触发AFP Server中的整数溢出漏洞，导致拒绝服务或以系统权限执行任意代码。AFP Server在Mac OS X中不是默认启用的。 CVE-2006-3495 在Mac OS X Server上，AFP...

Oracle 9iAS SOAP components allow anonymous users to deploy applications by default

Overview Oracle Application Server 9iAS installs with Simple Object Access Protocol SOAP enabled by default and allows unauthenticated remote users to deploy and undeploy SOAP services and providers. Description Oracle Application Server 9iAS supports Simple Object Access Protocol SOAP, an...

Microsoft Internet Explorer vulnerable to file disclosure via code containing GetObject() function

Overview Internet Explorer may disclose files on your computer if you visit a malicious web site or read a mail message with Active Scripting enabled. Description By design, Microsoft Internet Explorer prevents programs on web sites from reading files on your computer without authorization...

CVE-2000-0311

The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability...

Microsoft Security Bulletin (MS00-026)

Microsoft Security Bulletin MS00-026 ====================================== Patch Available for "Mixed Object Access" Vulnerability Originally Posted: April 20, 2000 Summary - ------- Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Windowsr 2000 that could,...

CVE-2000-0311

The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability...

CVE-1999-0575

CVE-1999-0575 concerns Windows NT where the user audit policy fails to log events for a wide range of activities (Logon/Logoff, File/Object Access, User Rights, Group Management, Security Policy Changes, Restart, Shutdown, System, Process Tracking). The Red Hat entry confirms this behavior withou...