JVN#44392991: Security File Manager vulnerable to directory traversal

Security File Manager provided by CGENE Inc contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has...

CVE-2013-2444

CVE-2013-2444 is listed in MiracleLinux AXSA advisories as an unspecified vulnerability in the Java Runtime Environment, with the description noting an issue in the JRE related to resources handling in AWT that could affect availability (potential font processing/temporary files). The MiracleLinu...

CentOS Update for thunderbird CESA-2013:0697 centos6

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2013:0697 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

DEBIAN-CVE-2012-0248

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service infinite loop and hang via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF...

OpenJDK JAXP untrusted component state manipulation (6927050)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the Februar...

CVE-2010-3819

WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets CSS boxes, which allows remote attackers to execute arbitrary code or cause a...

eIQNetworks ESA - Topology DELETEDEVICE Overflow (Metasploit)

$Id: eiqnetworksesatopology.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2010-2362

The CVE-2010-2362 issue affects Winny 2.0b7.1 and earlier. It is a vulnerability in the processing of node information, which can be exploited by a remote attacker to have the infected host participate in Distributed Denial of Service (DDoS) activity. As described in JVN sources, affected users m...

Lexmark Multiple Laser printers - Remote Stack Overflow

Application: Lexmark Multiple Laser printer Remote Stack Overflow Platforms: Lexmark Multiple Laser printer Exploitation: Remote Exploitable CVE Number: CVE-2010-0619 Discover Date: 2010-01-06 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com 1 Introductio...

Microsoft Windows AVI Processing Malformed Header Code Execution (MS09-038; CVE-2009-1545)

Audio Video Interleave AVI is a special case of Resource Interchange File Format RIFF. This file type used with applications that capture, edit, and play back audio-video sequences. A remote code execution vulnerability has been discovered in the way Microsoft Windows handles specially crafted AV...

bluez-libs and bluez-utils security update

bluez-libs: 3.7-1.1 - Fix CVE-2008-2374 Resolves: 452880 bluez-utils: 3.7-2.2 - Add explicit versioned Requires and BuildRequires for new bluez-libs 3.7-2.1 - Fix CVE-2008-2374 452715 SDP payload processing vulnerability...

CVE-2008-1937

The user form processing userform.py in MoinMoin before 1.6.3, when using ACLs or a non-empty superusers list, does not properly manage users, which allows remote attackers to gain privileges...

FreeBSD : opera -- JPEG processing integer overflow vulnerability (799) (deprecated)

The remote host is missing an update to the system The following package is affected: linux-opera This plugin has been deprecated since the advisory has been canceled. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the VuXML entry has been cancelled. Disabled on 2011/10/02. ...

CVE-2004-1244

Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large 1 width or 2 height values, aka the "PNG Processing Vulnerability."...

DSA-212 mysql - multiple problems

Bulletin has no description...