551 matches found
Microsoft Office WPG图形文件处理堆溢出漏洞(MS08-044)
BUGTRAQ ID: 30598 CVECAN ID: CVE-2008-3021 Microsoft Office是非常流行的办公软件套件。 Office的WPGIMP32.FLT模块没有正确地处理office文档中的PICT图形,如果PICT图形文件中包含有超长的bitsperpixel字段的话,则打开该文件就可能触发堆溢出,导致执行任意代码。 Microsoft Office XP SP3 Microsoft Office Converter Pack Microsoft Office 2003 Service Pack 2 Microsoft Office 2000 SP3...
CVE-2007-5574
PHP remote file inclusion vulnerability in djpage.php in PHPDJ 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...
CVE-2007-5313
PHP remote file inclusion vulnerability in install/config.php in Picturesolution 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...
Microsoft Windows Media Player Remote Skin Header Code Execution Vulnerability
Description Microsoft Windows Media Player is prone to a remote code-execution vulnerability when handling specially crafted skin files. Attackers exploit this issue by coercing unsuspecting users to download and open Windows Media Player skin files WMZ or WMD files. Note that users must attempt ...
Microsoft Agent ActiveX Control Remote Code Execution Vulnerability
Description The Microsoft Agent ActiveX control is prone to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page. Technologies Affected Avaya S8100 Media Servers Avaya S8100 Media Servers R10 Avaya S8100 Media Servers...
UPB_0-day.txt
"; $ikey = ordsubstr$key, $i, 1; // print $i."ikey:".$ikey.""; $itext = ordsubstr$text, $i, 1; // p...
Infoseek / Verity Ultraseek < 5.3.3 XSS Vulnerability
Infoseek / Verity Ultraseek formerly Inktomi Search is vulnerable to cross-site scripting XSS and remote script injection due to a lack of sanitization of user-supplied data. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are...
GLSA-200412-27 : PHProjekt: Remote code execution vulnerability
The remote host is affected by the vulnerability described in GLSA-200412-27 PHProjekt: Remote code execution vulnerability cYon discovered that the authform.inc.php script allows a remote user to define the global variable $pathpre. Impact : A remote attacker can exploit this vulnerability to...
CVE-2020-0579
...
Security Update for Excel 2007 (KB934670)
A security vulnerability exists in Microsoft Excel 2007 that could allow remote code execution. This update resolves that vulnerability...
Security Update For Exchange Server 2016 CU10 (KB4459266)
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs;...