7490 matches found
[SECURITY] [DSA 1227-1] New Mozilla Thunderbird packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1227-1 [email protected] http://www.debian.org/security/ Martin Schulze December 4th, 2006 http://www.debian.org/security/faq -...
Debian DSA-1227-1 : mozilla-thunderbird - several vulnerabilities
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-4310 Tomas Kempinsky discovered that malformed FTP server responses could lead...
DSA-1227-1 mozilla-thunderbird
Bulletin has no description...
CVE-2006-4412
The CVE-2006-4412 issue affects WebKit in Apple Mac OS X 10.3.x (up to 10.3.9) and 10.4.x (up to 10.4.8). A crafted HTML file could access previously deallocated objects, allowing remote attackers to execute arbitrary code. Apple released Security Update 2006-007 to address this and related vulne...
CVE-2006-4412
WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects...
CVE-2006-4099
Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values...
CVE-2006-4099
Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values...
CVE-2006-4099
CVE-2006-4099 concerns Business Objects Crystal Enterprise 9 and 10, where the system generates predictable session identifiers, allowing remote attackers to hijack other users’ sessions through the WCSID cookie. The connected documents confirm the vulnerable component and the impact (session hij...
Crystal Reports .RPT文件处理堆栈溢出漏洞
Crystal Reports是一种报表工具包,允许用户迅速创建灵活、特性丰富的报表,并集成到Web和Windows应用程序中。 Crystal Reports XI Professional在处理畸形的.RPT文件时存在栈溢出漏洞,攻击者可能利用此漏洞通过诱骗用户打开恶意文件在机器上执行任意指令。 Business Objects Crystal Reports XI Professional 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.businessobjects.com...
Business Objects Crystal Reports XI Professional文件处理缓冲区溢出漏洞
Business Objects Crystal Reports XI Professional是专业的水晶报表系列。 Business Objects Crystal Reports XI Professional处理.RPT文件存在问题,远程攻击者可以利用漏洞进行缓冲区溢出攻击,可能以进程权限执行任意指令。 目前没有详细漏洞细节提供。 Business Objects Crystal Reports XI Professional http://www.businessobjects.com/...
Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow
Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow source: https://www.securityfocus.com/bid/21261/info Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied...
Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow
source: https://www.securityfocus.com/bid/21261/info Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. An atacker may...
PT-2006-6664 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 2.0.5 Description: The issue allows remote authenticated users to cause a denial of service, resulting in an application crash. This occurs when a string representation of a serialized object is not properly stored...
GLSA-200611-10 : WordPress: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200611-10 WordPress: Multiple vulnerabilities 'random' discovered that users can enter serialized objects as strings in their profiles that will be harmful when unserialized. 'adapter' found out that user-edit.php fails to...
WordPress: Multiple vulnerabilities
Background WordPress is a PHP and MySQL based multiuser blogging system. Description "random" discovered that users can enter serialized objects as strings in their profiles that will be harmful when unserialized. "adapter" found out that user-edit.php fails to effectively deny non-permitted user...
Update Protection against Microsoft Internet Explorer Memory Corruption Vulnerabilities (MS06-042)
Microsoft Internet Explorer is prone to multiple memory corruption vulnerabilities. The application fails to properly handle un-initialized COM objects and chained Cascading Style Sheets CSS. This flaw allows attackers to cause denial of service and possibly to execute arbitrary code by convincin...
CVE-2005-4813
CVE-2005-4813 : Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certai...
faceStones personal <= v2.0.42 (objpath) Remote File Inclusion Exploit
============================================================================================== faceStones personal = v2.0.42 objpath Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor sit...
faceStones personal <= 2.0.42 (fs_form_links.php) File Include Vuln
No description provided by source. ============================================================================================== faceStones personal = v2.0.42 objpath Remote File Inclusion Exploit ===============================================================================================...
CVE-2006-4495
Microsoft Internet Explorer allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including 1 ciodm.dll, 2 myinfo.dll, 3 msdxm.ocx, and 4 creator.dll...