4747 matches found
OptiPNG: User-assisted execution of arbitrary code
Background OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. Description A use-after-free vulnerability exists in the palette reduction functionality of OptiPNG. Impact A remote attacker could entice a user to open a specially crafted imag...
Hewlett-Packard Application Information Optimizer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Application Information Optimizer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ability to access configuration pages without authentication...
HP AIO Archive Query Server oasoa.exe Stack Buffer Overflow (CVE-2013-6189)
A stack buffer overflow vulnerability exists in HP Application Information Optimizer. The vulnerability is due to insufficient sanitization on the range of the opcode value. A remote unauthenticated attacker can leverage this vulnerability by sending crafted messages to the server...
HP Application Information Optimizer security vulnerabilities
Code execution, information disclosure...
[security bulletin] HPSBMU02971 rev.1 - HP Application Information Optimizer, Remote Execution of Code, Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04140965 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04140965 Version: 1 HPSBMU02971 rev....
HP Application Information Optimizer任意代码执行漏洞
Bugtraq ID:65766 CVE ID:CVE-2013-6203 HP Application Information Optimizer数据库软件可用智能数据管理和存储将结构化数据占用空间降至最低,并实现应用信息价值最大化。 HP Application Information Optimizer WEB控制台组件存在未明漏洞,允许远程攻击者利用漏洞执行任意代码。 0 HP Application Information Optimizer 7.1 HP Application Information Optimizer 7.0 HP Application...
HP Application Information Optimizer敏感信息泄漏漏洞
Bugtraq ID:65764 CVE ID:CVE-2013-6204 HP Application Information Optimizer数据库软件可用智能数据管理和存储将结构化数据占用空间降至最低,并实现应用信息价值最大化。 HP Application Information Optimizer WEB控制台组件存在未明漏洞,允许远程攻击者利用漏洞获取部分敏感数据。 0 HP Application Information Optimizer 7.1 HP Application Information Optimizer 7.0 HP Application...
CVE-2013-6204
The Web Console in HP Application Information Optimizer formerly HP Database Archiving 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004...
CVE-2013-6203
The Web Console in HP Application Information Optimizer formerly HP Database Archiving 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656...
Code injection
The Web Console in HP Application Information Optimizer formerly HP Database Archiving 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656...
CVE-2013-6203
The CVE-2013-6203 issue affects HP Application Information Optimizer Web Console (HP AI Optimizer, formerly HP Database Archiving) versions 6.2, 6.3, 6.4, 7.0, and 7.1. The vulnerability allows remote code execution or information disclosure via unspecified vectors, and is exploitable without aut...
CVE-2013-6204
HP Application Information Optimizer Web Console (versions 6.2–7.1) contains a vulnerability that allows remote attackers to execute arbitrary code and disclose information. ZDI-14-041 attributes the flaw to the password reset functionality, enabling an attacker to reset a random account’s passwo...
CVE-2013-6204
The Web Console in HP Application Information Optimizer formerly HP Database Archiving 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004...
mysql: unspecified DoS related to Optimizer (CPU October 2013)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...
mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...
mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...
mysql: unspecified DoS related to Optimizer (CPU October 2013)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...
mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...
mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...
Mandriva Linux Security Advisory : mariadb (MDVSA-2014:028)
Multiple vulnerabilities has been discovered and corrected in mariadb : Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service crash and possibly execute arbitrary code via a long server version string CVE-2014-0001...