Lucene search
+L

2170 matches found

nvd
nvd
added 2007/03/07 9:19 p.m.25 views

CVE-2007-1330

Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...

4.4CVSS6.2AI score0.00692EPSS
Exploits0References6
prion
prion
added 2007/03/07 9:19 p.m.28 views

Open redirect

Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...

4.4CVSS6.8AI score0.00692EPSS
Exploits0References6Affected Software1
cve
cve
added 2007/03/07 9:0 p.m.46 views

CVE-2007-1330

CVE-2007-1330 affects Comodo Firewall Pro (CFP) versions 2.4.18.184 and earlier. The issue is a local privilege bypass in which an attacker can bypass driver protections for the registry key HKLM\SYSTEM\Software\Comodo\Personal Firewall by guessing the name of a Named Pipe under \Device\NamedPipe...

4.4CVSS6.3AI score0.00692EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2007/03/07 9:0 p.m.28 views

CVE-2007-1330

Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...

6.2AI score0.00692EPSS
Exploits0References6
securityvulns
securityvulns
added 2007/03/02 12:0 a.m.26 views

Comodo Bypassing settings protection using magic pipe Vulnerability

Hello, We would like to inform you about a vulnerability in Comodo Firewall Pro. Description: Comodo Firewall Pro former Comodo Personal Firewall stores some of its internal settings in the registry key HKLMSYSTEMSoftwareComodoPersonal Firewall. This key is protected by Comodo drivers such that...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2007/03/02 12:0 a.m.47 views

Comodo Firewall protection bypass

Application uses named pipe with changing, but predictable name which allows to manipulate protection settings...

4.4CVSS2.8AI score0.00692EPSS
Exploits0References1Affected Software2
nvd
nvd
added 2007/01/30 6:28 p.m.21 views

CVE-2007-0603

PGP Desktop before 9.5.1 does not validate data objects received over the 1 \pipe\pgpserv named pipe for PGPServ.exe or the 2 \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which...

7.1CVSS7AI score0.05133EPSS
Exploits0References11
prion
prion
added 2007/01/30 6:28 p.m.23 views

Design/Logic Flaw

PGP Desktop before 9.5.1 does not validate data objects received over the 1 \pipe\pgpserv named pipe for PGPServ.exe or the 2 \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which...

7.1CVSS7.5AI score0.05133EPSS
Exploits0References11Affected Software1
cve
cve
added 2007/01/30 6:0 p.m.52 views

CVE-2007-0603

Summary: CVE-2007-0603 affects PGP Desktop before 9.5.1. The PGP Desktop service (PGPServ.exe/PGPsdkServ.exe) fails to validate data objects sent via named pipes “\pipe\pgpserv” and “\pipe\pgpsdkserv,” enabling a remote, authenticated attacker to cause code execution by sending a crafted data obj...

7.1CVSS7AI score0.05133EPSS
Exploits0References11Affected Software1
securityvulns
securityvulns
added 2007/01/28 12:0 a.m.154 views

Medium Risk Vulnerability in PGP Desktop

Peter Winter-Smith of NGSSoftware has discovered a medium risk vulnerability in PGP Desktop which can allow a remote authenticated attacker to execute arbitrary code on a system on which PGP Desktop is installed. The vulnerability resides within the Windows Service which PGP Desktop installs whic...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/01/28 12:0 a.m.54 views

PGP Desktop code execution

PGPServ.exe/PGPsdkServ.exe Service doesn't validate data received through named pipe pipepgpserv or pipepgpsdkser...

7.1CVSS2.6AI score0.05133EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2007/01/26 12:0 a.m.56 views

PGP Desktop PGPserv Crafted Data Object Arbitrary Code Execution

The version of PGP Desktop installed on the remote host reportedly can allow a remote, authenticated user to execute arbitrary code on the affected host with LOCAL SYSTEM privileges. The issue arises because the software operates a service named 'PGPServ' or 'PGPsdkServ' that exposes a named pipe...

7.1CVSS6.2AI score0.05133EPSS
Exploits0References3
seebug
seebug
added 2006/12/06 12:0 a.m.21 views

Microsoft Windows SMB PIPE远程拒绝服务漏洞

Microsoft Windows是一款流行的操作系统。 Microsoft Windows srv.sys驱动存在NULL指针引用问题,远程攻击者可以利用漏洞对操作系统进行拒绝服务攻击。 发送特殊构建的网络包可导致服务驱动srv.sys引用NULL指针,而导致系统崩溃。ISS发现一个错误利用Windows Mailslot漏洞MS06-035的攻击代码已经流传开来,不过此利用代码恰好利用了一个不同的漏洞,并且没有补丁,其通过NULL指针引用来触发,目前没有详细漏洞细节提供。 Microsoft Windows XP Professional x64 Edition Microsoft...

7AI score
Exploits0
checkpoint_advisories
checkpoint_advisories
added 2006/11/23 12:0 a.m.51 views

Microsoft Windows Workstation Service Buffer Overflow (MS06-070; CVE-2006-4691)

The Server Service SRVSVC is one of the network services supplied by Microsoft. It supports file, print, and named-pipe sharing over Windows-based networks, and allows named pipe communication between applications running on distributed systems. By supplying malformed parameters to some of the AP...

10CVSS6.4AI score0.80214EPSS
Exploits8
zdt
zdt
added 2006/11/18 12:0 a.m.21 views

MS Windows NetpManageIPCConnect Stack Overflow Exploit (py)

Exploit for unknown platform in category remote exploits =========================================================== MS Windows NetpManageIPCConnect Stack Overflow Exploit py =========================================================== !/usr/bin/python MS06-070 Windows WorkStation...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/11/18 12:0 a.m.8 views

Microsoft Windows - NetpManageIPCConnect Remote Stack Overflow (MS06-070) (Python)

Microsoft Windows - NetpManageIPCConnect Remote Stack Overflow MS06-070 Python !/usr/bin/python MS06-070 Windows WorkStation NetpManageIPCConnect Vulnerability Exploit Tested on windows 2000 server SP4 Usage: python NetAPI-NetrJoinDomain2.py Requires a domain controller on the network configure...

0.7AI score
Exploits0
nvd
nvd
added 2006/11/07 11:7 p.m.23 views

CVE-2006-5784

Unspecified vulnerability in enserver.exe in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote attackers to read arbitrary files via crafted data on a "3200+SYSNR" TCP port, as demonstrated by port 3201. NOTE: this issue can be leveraged by local users to...

4.6CVSS6.5AI score0.02918EPSS
Exploits0References9
nessus
nessus
added 2006/10/14 12:0 a.m.32 views

Debian DSA-1049-1 : ethereal - several vulnerabilities

Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1932 The OID printing routine is susceptible to an off-by-one error. - CVE-2006-1933 The UMA and BER...

10CVSS7.8AI score0.05028EPSS
Exploits0References19
ubuntucve
ubuntucve
added 2006/05/26 1:6 a.m.40 views

CVE-2006-2611

Cross-site scripting XSS vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | pipe character...

4.3CVSS6.1AI score0.01848EPSS
Exploits1References1
nessus
nessus
added 2006/04/26 12:0 a.m.21 views

Fedora Core 5 : ethereal-0.99.0-fc5.1 (2006-456)

Many security vulnerabilities have been fixed since the previous release. - The H.248 dissector could crash. Versions affected: 0.10.14. CVE: CVE-2006-1937 - The UMA dissector could go into an infinite loop. Versions affected: 0.10.12 - 0.10.14. CVE: CVE-2006-1933 - The X.509if dissector could...

10CVSS7.6AI score0.05028EPSS
Exploits0References10
Rows per page
Query Builder