1331 matches found
CVE-2006-2708
CVE-2006-2708 affects Secure Elements Class 5 AVR client (C5 EVM) prior to version 2.8.1. Affected component: EM_GET_CE_PARAMETER and EM_SET_CE_PARAMETER message handling. Root cause: remote attackers can alter the size parameter, causing a buffer over-read/read of process memory. Impact (per sou...
Secure Elements Class 5 AVR client fails to properly validate the size of EM_GET_CE_PARAMETER messages
Overview The Secure Elements Class 5 AVR client fails to properly handle the size of EMGETCEPARAMETER messages. This may allow an attacker to cause a buffer overflow and reveal process memory. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security...
Windows limited service account privilege escalation
By using security tokens located in process memory it's possible to escalate privileges from limited service account, such as Network Service or Microsoft SQL Service account...
CVE-2005-2762
Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user's credentials...
CVE-2005-2762
Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user's credentials...
Novell Groupwise Client 6.5.3 - Local Integer Overflow
Novell Groupwise Client 6.5.3 - Local Integer Overflow source: https://www.securityfocus.com/bid/14952/info Novell GroupWise Client is prone to a local integer overflow vulnerability. The attacker may leverage this issue to corrupt process memory, which may lead to a crash or arbitrary code...
Whisper passwords manager cleartext password
Passwords are visible in cleartext in process memory. Password for password store is not used in ecnryption, allowing to restore passwords from password file...
Vuln: Password Disclosure in Whisper32
Password Disclosure in Whisper32 Vendor: Shaun Ivory http://www.ivory.org Download Location: http://www.ivory.org/whisper.html Versions affected: Whisper32 1.16 and may be prior Date: 13th August 2005 Type of Vulnerability: Information Disclosure in Memory of Process Severity: Medium Solution...
Nortel VPN Client Issue: Clear-text password stored in memory
Nortel VPN Client Issue: Clear-text password stored in memory Summary: NTA Monitor have discovered a password disclosure issue in the Nortel Windows VPN client: The Nortel client stores the password in an obfuscated form in the Windows registry, but it also stores the unencrypted password in...
PHP 4.x/5.0 Shared Memory Module - Offset Memory Corruption
source: https://www.securityfocus.com/bid/12045/info PHP shared memory module shmop is reported prone to an integer handling vulnerability. The issue exists in the PHPFUNCTIONshmopwrite function and is as a result of a lack of sufficient sanitization performed on 'offset' data. This vulnerability...
squid information leak
Reply to malformed request may contain random data from process memory...
Monolith Lithtech Game Engine - Multiple Remote Format String Vulnerabilities
// source: https://www.securityfocus.com/bid/11610/info Lithtech game engine is prone to multiple remote format-string vulnerabilities because of incorrect usage of 'printf'-type functions. Format specifiers can be supplied directly to vulnerable functions from external data. A denial-of-service...
PHP 4.x/5.0.1 - PHP_Variables Remote Memory Disclosure
source: https://www.securityfocus.com/bid/11334/info A vulnerability is reported to present itself in the array parsing functions of the 'phpvariables.c' PHP source file. The vulnerability occurs when a PHP script is being used to print URI parameters or data, that are supplied by a third party,...
MacOS X ppd format string bug
It's possible to read process memory...
LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities
/ source: https://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected application. A malicious user may...
PSOProxy 0.91 - Remote Buffer Overflow (3)
// source: https://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially corrupt sensitive process memory in the...
PSOProxy 0.91 - Remote Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially corrupt sensitive process memory in the...
PSOProxy 0.91 - Remote Buffer Overflow (3)
PSOProxy 0.91 - Remote Buffer Overflow 3 // source: https://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially...
Freeform Interactive Purge 1.4.7Purge Jihad 2.0.1 Game Client - Remote Buffer Overflow
Freeform Interactive Purge 1.4.7Purge Jihad 2.0.1 Game Client - Remote Buffer Overflow source: https://www.securityfocus.com/bid/9671/info Freeform Interactive Purge and Purge Jihad game clients have been reported prone to a remotely exploitable buffer overflow condition. The issue presents itsel...
methane IRCd 0.1.1 - Remote Format String
methane IRCd 0.1.1 - Remote Format String // source: https://www.securityfocus.com/bid/8038/info Behamut IRCd has been reported prone to remotely exploitable format string vulnerability. The issue presents itself when Behamut is compiled with DEBUGMODE defined. Reportedly a remote attacker may se...