Microsoft Internet Explorer CSelectedControlAdorner Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

objects

This plugin greps every page for applets and other types of objects. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood: Plug...

Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)

This host is installed with Apple iTunes and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbappleitunesmultvulnjun13macosx.nasl 6104 2017-05-11 09:03:48Z teissa $ Apple iTunes Multiple Vulnerabilities - June13 Mac OS X Authors: Thanga Prakash S Copyright: Copyright c 2013...

Apache Struts - OGNL Expression Injection

Apache Struts - OGNL Expression Injection source: https://www.securityfocus.com/bid/60345/info Apache Struts is prone to a remote OGNL expression injection vulnerability. Remote attackers can exploit this issue to manipulate server-side objects and execute arbitrary commands within the context of...

Apple Safari Array Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JSArray...

[SECURITY] Fedora 19 Update: python3-3.3.2-2.fc19

Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especi ally how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been remov...

CVE-2013-1333

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overflow Vulnerability."...

CVE-2013-1334

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain...

PT-2013-3087 · Microsoft · Directx +7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows RT Description: The issue arises from the improper handling of objects in...

CVE-2013-0410

Unspecified vulnerability in the Agile EDM component in Oracle Supply Chain Products Suite 6.1.1.0, 6.1.2.0, and 6.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Base Component - Common Objects...

CVE-2013-1284

Race condition in the kernel in Microsoft Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability."...

Race condition

Race condition in the kernel in Microsoft Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability."...

CVE-2013-1292

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling ...

otrs -- Information disclosure and Data manipulation

The OTRS Project reports: An attacker with a valid agent login could manipulate URLs in the object linking mechanism to see titles of tickets and other objects that are not obliged to be seen. Furthermore, links to objects without permission can be placed and removed...

[SECURITY] Fedora 18 Update: rubygem-activerecord-3.2.8-5.fc18

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

Microsoft Internet Explorer removeChild Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2013-1285

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to...

CVE-2013-1287

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to...

Microsoft Filter Pack Remote Code Execution Vulnerability (2801261)

This host is missing a critical security update according to Microsoft Bulletin MS13-023. OpenVAS Vulnerability Test $Id: secpodfilterpackms13-023.nasl 5365 2017-02-20 13:46:09Z cfi $ Microsoft Filter Pack Remote Code Execution Vulnerability 2801261 Authors: Antu Sanadi Copyright: Copyright c 201...

Microsoft Visio Viewer Remote Code Execution Vulnerability (2801261)

This host is missing a critical security update according to Microsoft Bulletin MS13-023. OpenVAS Vulnerability Test $Id: secpodvisioviewerms13-023.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Visio Viewer Remote Code Execution Vulnerability 2801261 Authors: Antu Sanadi Copyright: Copyright ...