Lucene search
K

2946 matches found

Metasploit
Metasploit
added 2006/12/03 11:35 p.m.25 views

Microsoft Plug and Play Service Registry Overflow

This module triggers a stack buffer overflow in the Windows Plug and Play service. This vulnerability can be exploited on Windows 2000 without a valid user account. Since the PnP service runs inside the service.exe process, this module will result in a forced reboot on Windows 2000. Obtaining cod...

6.5CVSS7.9AI score0.63062EPSS
Exploits3
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.32 views

IBM多个产品未明信任书伪造漏洞

IBM包含多系列产品,如IBM Tivoli,IBM WebSphere等。 IBM多个产品存在信任书伪造问题,远程攻击者可以利用这个漏洞访问资源和数据或可能控制应用程序。 目前报告此问题可以使攻击者利用COOKIE或伪造其他信任用户未授权访问资源,目前没有详细漏洞细节提供。 IBM Tivoli Access Manager for e-business 5.1 IBM Tivoli Access Manager for e-business 4.1 IBM Tivoli Access Manager for e-business 3.9 IBM Tivoli Access Manag...

6.8AI score
Exploits0
myhack58
myhack58
added 2006/09/23 12:0 a.m.15 views

Malware and anti-malware technical analysis-vulnerability warning-the black bar safety net

Malware technology of all kinds, of any one function are likely to become a rogue technology, just like weapons, with the good may justice, with a crooked but become evil accomplice. First of all, I From win32 under some rogue bus analysis start: 1. I want to be a malware, the first thing to do i...

0.1AI score
Exploits0
NVD
NVD
added 2006/08/23 1:4 a.m.13 views

CVE-2006-4302

The Java Plug-in J2SE 1.3.002 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities...

5CVSS6.9AI score0.03946EPSS
Exploits0References10
Cvelist
Cvelist
added 2006/08/23 1:0 a.m.24 views

CVE-2006-4302

The Java Plug-in J2SE 1.3.002 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities...

6.9AI score0.03946EPSS
Exploits0References10
CVE
CVE
added 2006/08/23 1:0 a.m.55 views

CVE-2006-4302

CVE-2006-4302 affects the Java Plug-in J2SE 1.3.0_02–5.0 Update 5, and Java Web Start 1.0–1.2 and J2SE 1.4.2–5.0 Update 5. Remote attackers could exploit vulnerabilities by specifying a JRE version that contains vulnerable components. The available documents do not provide concrete exploit detail...

5CVSS7AI score0.03946EPSS
Exploits0References10Affected Software2
myhack58
myhack58
added 2006/08/10 12:0 a.m.17 views

Several home malicious code-vulnerability warning-the black bar safety net

Here to say a few page malicious code:"not is to let everybody put these code into your homepage! Just want everyone to be able to understand the malicious code, play a better protective effect!" A, The Loop code: "Put the following code added to the page, you can achieve the above effects" img...

7AI score
Exploits0
securityvulns
securityvulns
added 2006/08/02 12:0 a.m.74 views

Netscape/K-Meleon/Flock JavaScript navigator Vulnerability

Description: The newest versions of Netscape, K-Meleon and Flock browsers are affected to JavaScript navigator vulnerability described in http://browserfun.blogspot.com/2006/07/mobb-28-mozilla-navigator-object.html and Mozilla Foundation Security Advisory 2006-45. When method used in a web page...

7.5CVSS5.7AI score0.78359EPSS
Exploits11
securityvulns
securityvulns
added 2006/07/22 12:0 a.m.115 views

D-Link Router UPNP Stack Overflow

D-Link Router UPNP Stack Overflow Release Date: July 13, 2006 Date Reported: February 27, 2006 Patch Development Time In Days: 136 Severity: High Remote Code Execution Vendor: D-Link Routers Affected: DI-524 Rev A DI-524 Rev C DI-524 Rev D DI-604 Rev E DI-624 Rev C DI-624 Rev D DI-784 Rev A...

0.3AI score
Exploits0
NVD
NVD
added 2006/07/21 2:3 p.m.27 views

CVE-2006-3687

Stack-based buffer overflow in the Universal Plug and Play UPnP service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long...

7.5CVSS8.1AI score0.19134EPSS
Exploits0References11
Cvelist
Cvelist
added 2006/07/18 9:0 p.m.27 views

CVE-2006-3687

Stack-based buffer overflow in the Universal Plug and Play UPnP service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long...

8.1AI score0.19134EPSS
Exploits0References11
CVE
CVE
added 2006/07/18 9:0 p.m.75 views

CVE-2006-3687

The CVE-2006-3687 issue is a stack-based buffer overflow in the UPnP service of several D-Link routers (DI-524, DI-604, DI-624, DI-784, WBR-1310, WBR-2310, EBR-2310) triggered by an oversized M-SEARCH UDP 1900 request. The CERT document notes this could allow a remote attacker to execute arbitrar...

7.5CVSS8.1AI score0.19134EPSS
Exploits0References11Affected Software7
Tenable Nessus
Tenable Nessus
added 2006/07/05 12:0 a.m.36 views

CentOS 3 : mozilla (CESA-2005:384)

Updated Mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bu...

7.5CVSS6.9AI score0.20398EPSS
Exploits10References28
Positive Technologies
Positive Technologies
added 2006/07/03 12:0 a.m.5 views

PT-2006-4236 · None +1 · Upnp +1

Name of the Vulnerable Software and Affected Versions: Siemens Speedstream Wireless Router version 2624 Description: The issue allows local users to bypass authentication and access protected files by utilizing the Universal Plug and Play UPnP/1.0 component. Recommendations: For Siemens Speedstre...

7.5CVSS6.6AI score0.01524EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2006/05/24 12:0 a.m.4 views

PT-2006-3507 · Edimax · Edimax Br-6104K

Name of the Vulnerable Software and Affected Versions: Edimax BR-6104K router affected versions not specified Description: The issue allows remote attackers to bypass access restrictions and conduct unauthorized operations. This is achieved via a UPnP request with a modified InternalClient...

7.5CVSS6.6AI score0.01548EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2006/05/24 12:0 a.m.2 views

PT-2006-3506 · Sitecom · Sitecom Wl-153

Name of the Vulnerable Software and Affected Versions: Sitecom WL-153 router firmware versions prior to 1.38 Description: The issue allows remote attackers to bypass access restrictions and conduct unauthorized operations. This is achieved via a UPnP request with a modified InternalClient...

7.5CVSS6.8AI score0.01548EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2006/05/22 12:0 a.m.23 views

Sun Java Runtime Environment 1.3/1.4/1.5 - Nested Array Objects Denial of Service

source: https://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. This issue is reported to affect Java Runtime Environment versions up to 1.4.211...

7AI score
Exploits0
myhack58
myhack58
added 2006/05/14 12:0 a.m.16 views

ASP database plug horse small conference-vulnerability warning-the black bar safety net

With the development of technology, ASP database plug horse also is not what fresh stuff, believe you played this. Oh, and that you have not met insert the asp code is spaces apart case? i.e. insertion of each of the characters between the There are spaces for? Now, let us to solve this problem...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2006/05/05 12:0 a.m.44 views

Vulnerability in the way [email protected] handles MS-Logon Authentication.

AGR IT Advisory May 2, 2006 AGR-ADV-2006-01 TITLE: Vulnerability in the way [email protected] handles MS-Logon Authentication. Overview Deon Force discovered a vulnerability in Ultr@VNC 1.0.1 and earlier versions with MS-Logon I and MS-Logon II authentication that may allow attackers to crack the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/04/11 12:0 a.m.98 views

Microsoft Windows system services privilege escalation

There are several local services SSDP Discovery service, Universal Plug and Play Host service allow any authenticated user to configure service. It makes it possible to specify executable file and elevate privilege to Local System. Also vulnerable: HP Software: "Pml Driver HPZ12" HP Printer...

3AI score
Exploits0References4
Rows per page
Query Builder