475 matches found
Web page content may overlap the address field – Opera Security Advisories
The browser’s user interface contains several pieces of security information. To preserve this information correctly, web page content should not be able to display over the user interface. Certain styling can cause Opera to allow the content to be displayed outside the page, over the address...
Directory traversal
Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server RLKS 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related t...
CVE-2010-3761
Unspecified vulnerability in IBM Tivoli Storage Manager TSM FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-700. NOTE: this might overlap CVE-2010-3058 or CVE-2010-3059...
kernel: mm: keep a guard page below a grow-down stack segment
The doanonymouspage function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to t...
CVE-2010-2302
Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE:...
xpdf: multiple integer overflows
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PDF file that trigger...
CVE-2009-2438
Cross-site scripting XSS vulnerability in index.php in the search module in ClanSphere 2009.0 and 2009.0.2 allows remote attackers to inject arbitrary web script or HTML via the text parameter in a list action. NOTE: this might overlap CVE-2008-1399...
CVE-2008-3398
Multiple cross-site scripting XSS vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to unspecified components, possibly including login.php. NOTE: this may overlap CVE-2008-1129...
CVE-2008-1910
Stack-based buffer overflow in the database service ibserver.exe in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244...
CVE-1999-1592
Technical details about CVE-1999-1592 are not publicly provided in the supplied documents; no explicit affected products, vulnerable components, root cause, or remediation are present. Monitor for updates.
CVE-2007-3269
Multiple cross-site scripting XSS vulnerabilities in Papoo Light 3.6 before 20070611 allow remote attackers to inject arbitrary web script or HTML via 1 the URI in a GET request or 2 the Title field of a visitor comment, and 3 allow remote authenticated users to inject arbitrary web script or HTM...
CVE-2007-1195
Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728...
CVE-2006-5524
Cross-site scripting XSS vulnerability in index.php in phplist 2.10.2 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: This issue might overlap CVE-2006-5321...
Security Vulnerability in IPFilter 3.3.15 and 3.4.3
Obfuscation Research Laboratories Security Advisory ORL-2000-05-19-01 IPFILTER FIREWALLS SYNOPSIS A weakness exists in the IPFilter firewalling package in all versions up to and including 3.3.15 and 3.4.3 that allows an attacker to penetrate the firewall when a common, yet admittedly flawed,...
CVE-1999-1592
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129...