Firefox XUL garbage collection issue (cansecwest pwn2own)

Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009...

Design/Logic Flaw

ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict pound sign references to context objects, which allows remote attackers to execute Object-Graph Navigation Language OGNL statements and...

Sql injection

SQL injection vulnerability in the Simple Random Objects mwrandomobjects extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

QuikSoft EasyMail Objects ActiveX Control BOF Vulnerability

This host is installed with QuikSoft EasyMail Objects ActiveX Control and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbquiksofteasymailobjactvxbofvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ QuikSoft EasyMail Objects ActiveX Control BOF Vulnerability Authors: Nikita M...

QuikSoft EasyMail Objects ActiveX Control BOF Vulnerability

QuikSoft EasyMail Objects ActiveX Control is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

DSA-1734-1 opensc - information disclosure

Bulletin has no description...

CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

Mozilla Seamonkey Multiple Vulnerabilities Feb-09 (Windows)

The host is installed with Mozilla Seamonkey browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodseamonkeymultvulnfeb09win.nasl 5122 2017-01-27 12:16:00Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Feb-09 Windows Authors: Sharath S Copyright: Copyright ...

ZDI-09-011: Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability

ZDI-09-011: Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-011 February 10, 2009 -- CVE ID: CVE-2009-0075 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- TippingPointTM IPS Custome...

Microsoft Visual Basic Kill Bits

Visual Basic is an event-driven programming language that was created by Microsoft for building stand alone Windows-based programs. Developers can use it for quickly building GUI applications. Several remote code execution vulnerabilities have been reported in Microsoft Visual Basic. To trigger...

Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects...

NCTVideoStudio ActiveX DLLs 1.6 Insecure Method File Creation Exploit

No description provided by source. HTML b NCTVideoStudio ActiveX DLLs Version 1.6 Insecure Method File Creation /b b br/br/ Author : Mountassif Moad a.k.a Stack br/ br/ br/ b/ RegKey Safe for Script: Falsebr/ RegKey Safe for Init: Falsebr/ Implements IObjectSafety: Truebr/ IDisp Safe: Safe for...

Microsoft Excel Malformed Object Handling Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...

CVE-2008-5353

The Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and...

CVE-2008-5353

The Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and...

CVE-2008-5353

The Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and...

Mozilla crash and remote code execution via __proto__ tampering

jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying the window.proto.proto object in a way that...

Mozilla crash and remote code execution via __proto__ tampering

jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying the window.proto.proto object in a way that...

kernel: missing boundary checks in syscall/syscall32_nopage()

arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects vDSO implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the installspecialmapping,...

XWork < 2.0.11.2 - 'ParameterInterceptor' Class OGNL Security Bypass

source: https://www.securityfocus.com/bid/32101/info XWork is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. Attackers can exploit this issue to manipulate server-side context objects with the privileges of the user running the application...