CVE-2009-2453

CVE-2009-2453 affects Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3. The issue is that an access policy is not applied when the policy is defined with the Access Gateway Advanced Edition filters, enabling bypass of intended access restrictions via unknown vectors. The conn...

Immunity Canvas: MS09_032

Name| ms09032 ---|--- CVE| CVE-2008-0015 Exploit Pack| CANVAS Description| Microsoft DirectShow msvidctl.dll Vulnerability Notes| CVE Name: CVE-2008-0015 Vendor: Microsoft Notes: Tested against a Windows XP SP2 & SP3 English, German & Simplified Chinese with IE 6. IE 7 asks for confirmation befor...

Immunity Canvas: NAGIOS_PING

Name| nagiosping ---|--- CVE| CVE-2009-2288 Exploit Pack| CANVAS Description| nagiosping Notes| CVE Name: CVE-2009-2288 VENDOR: http://www.nagios.org/ CVEUrl: https://vulners.com/cve/CVE-2009-2288 Notes: statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands vi...

Immunity Canvas: ZENCART_REMOTE

Name| zencartremote ---|--- CVE| CVE-2009-2255 Exploit Pack| CANVAS Description| zencartremote Notes| Repeatability: Infinite CVE URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2255 VENDOR: www.zen-cart.com/ CVSS: 6.8 CVE Name: CVE-2009-2255...

HT-MP3Player 1.0 (.ht3 File) Local Buffer Overflow Exploit (SEH)

No description provided by source. !/usr/bin/perl by hack4love [email protected] HT-MP3Player 1.0 .ht3 File Local buffer Overflow seh Greetz to all my friends form egypt easy :d Tested on: Windows XP Pro SP2 EN my $bof="\x41" x 4108; my $nsh="\xEB\x06\x90\x90"; my $seh="\xbe\x2e\xd1\x72"; my...

CVE-2009-0903

IBM WebSphere Application Server WAS 7.0 before 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 before 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Action, which allows remot...

Design/Logic Flaw

IBM WebSphere Application Server WAS 7.0 before 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 before 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Action, which allows remot...

Microsoft Security Bulletin MS09-027 - Critical

Microsoft Security Bulletin MS09-027 - Critical Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution 969514 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities that could allow remote...

Immunity Canvas: SAFARI_FILE_STEALING2

Name| safarifilestealing2 ---|--- CVE| CVE-2009-1699 Exploit Pack| CANVAS Description| Safari 3.2 XSL File Stealing Notes| CVE Name: CVE-2009-1699 VENDOR: Apple Reference: http://scary.beasts.org/security/CESA-2009-006.html Arugments: After you have placed your single file in the correct...

CVE-2009-0239

Cross-site scripting XSS vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script Execution in Windows Sear...

PT-2009-3206 · Microsoft · Office For Mac +4

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel versions 2000 SP3 through 2003 SP3 Microsoft Office Excel versions 2007 SP1 through SP2 Microsoft Office Excel Viewer version 2003 SP3 Microsoft Office Excel Viewer affected versions not specified Microsoft Office...

Microsoft Security Bulletin MS09-021 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)

Microsoft Security Bulletin MS09-021 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution 969462 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities that could allow...

Microsoft Windows Search Script Execution Vulnerability (963093)

This host is missing a critical security update according to Microsoft Bulletin MS09-023. OpenVAS Vulnerability Test $Id: secpodms09-023.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Search Script Execution Vulnerability 963093 Authors: Nikita MR Updated By: Antu Sanadi on 2012-03-22...

Security Update for the 2007 Microsoft Office System (KB969679)

A security vulnerability exists in the 2007 Microsoft Office System and the Microsoft Office Compatibility Pack that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Microsoft Word Record Parsing Buffer Overflow Vulnerability

Description Microsoft Word is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Office...

Microsoft Word Record Parsing Length Field Remote Stack Buffer Overflow Vulnerability

Description Microsoft Word is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...

Immunity Canvas: DOKUWIKI_EXEC2

Name| dokuwikiexec2 ---|--- CVE| CVE-2009-1960 Exploit Pack| CANVAS Description| DokuWiki 2009-02-14 Globals overwrite / Code execeution Notes| References: 'www.securityfocus.com/bid/35095' CVE Name: CVE-2009-1960 Repeatability: Infinite CVE Url:...

DSquare Exploit Pack: D2SEC_VPNJUN

Name| d2secvpnjun ---|--- CVE| CVE-2009-1943 Exploit Pack| D2ExploitPack Description| Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability Notes|...

Microsoft Windows Server 2003 win32k.sys DoS Vulnerability

This host is running Windows Server 2003 operating system and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmswin2k3dosvuln.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Server 2003 win32k.sys DoS Vulnerability Authors: Nikita MR Copyright: Copyright c 20...

IBM DB2 < 9.5 Fix Pack 4 Multiple Vulnerabilities

The IBM DB2 database server running on the remote host is prior to 9.5 Fix Pack 4. It is, therefore, affected by multiple issues : - It may be possible to connect to DB2 servers without valid passwords, provided LDAP-based authentication is used and the remote LDAP server is configured to allow...