Lucene search
+L

4503 matches found

nvd
nvd
added 2006/11/28 1:7 a.m.18 views

CVE-2006-6133

Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 formerly Business Objects Crystal Reports XI Professional allows user-assisted remote attackers to execute arbitrary code via a crafted RP...

7.6CVSS7.8AI score0.5202EPSS
Exploits0References12
cve
cve
added 2006/11/28 1:0 a.m.59 views

CVE-2006-6133

CVE-2006-6133 is a remote-code-execution flaw in Crystal Reports for Visual Studio, affecting Visual Studio 2002/2003/2005 variants that bundle Crystal Reports. The vulnerability lies in how RPT files are parsed, allowing a crafted RPT file to execute arbitrary code with the caller’s privileges w...

7.6CVSS7.8AI score0.5202EPSS
Exploits0References12Affected Software2
cvelist
cvelist
added 2006/11/28 1:0 a.m.19 views

CVE-2006-6133

Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 formerly Business Objects Crystal Reports XI Professional allows user-assisted remote attackers to execute arbitrary code via a crafted RP...

7.8AI score0.5202EPSS
Exploits0References12
seebug
seebug
added 2006/11/28 12:0 a.m.13 views

Business Objects Crystal Reports XI Professional文件处理缓冲区溢出漏洞

Business Objects Crystal Reports XI Professional是专业的水晶报表系列。 Business Objects Crystal Reports XI Professional处理.RPT文件存在问题,远程攻击者可以利用漏洞进行缓冲区溢出攻击,可能以进程权限执行任意指令。 目前没有详细漏洞细节提供。 Business Objects Crystal Reports XI Professional http://www.businessobjects.com/...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/11/23 12:0 a.m.23 views

Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow

Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow source: https://www.securityfocus.com/bid/21261/info Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/11/23 12:0 a.m.19 views

Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow

source: https://www.securityfocus.com/bid/21261/info Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. An atacker may...

7.4AI score
Exploits0
seebug
seebug
added 2006/11/07 12:0 a.m.57 views

LibRPM查询报告任意代码执行漏洞

RPM软件包管理器(RPM)是一款功能强大的命令行软件包管理系统,可用于安装、卸载、核实、查询和更新计算机软件包。 RPM库在处理查询报告时存在漏洞,某些畸形RPM软件包可能导致函数库崩溃或导致执行恶意指令。 如果用户受骗查询了特制的RPM软件包的话,就可能导致以用户的权限执行任意指令。 RPM RPM Package Manager = 4.4.9 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.rpm.org/...

7.1AI score
Exploits0
ubuntu
ubuntu
added 2006/11/04 3:12 a.m.49 views

USN-378-1: RPM vulnerability

An error was found in the RPM library's handling of query reports. In some locales, certain RPM packages would cause the library to crash. If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user's privileges...

5.4CVSS6AI score0.03581EPSS
Exploits1
ubuntucve
ubuntucve
added 2006/10/23 5:7 p.m.22 views

CVE-2006-5455

Cross-site request forgery CSRF vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL...

2.6CVSS6AI score0.01573EPSS
Exploits0References1
cvelist
cvelist
added 2006/10/23 5:0 p.m.35 views

CVE-2006-5455

Cross-site request forgery CSRF vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL...

6.7AI score0.01573EPSS
Exploits0References11
nvd
nvd
added 2006/10/18 1:7 a.m.25 views

CVE-2006-5359

Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle E-Business Suite and Applications 11.5.10CU2, have unknown impact and remote attack vectors, aka Vuln 1 REP01 and 2 REP02. NOTE: as of 20061027, Oracle has no...

10CVSS6.6AI score0.02782EPSS
Exploits0References10
cvelist
cvelist
added 2006/10/18 1:0 a.m.25 views

CVE-2006-5359

Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle E-Business Suite and Applications 11.5.10CU2, have unknown impact and remote attack vectors, aka Vuln 1 REP01 and 2 REP02. NOTE: as of 20061027, Oracle has no...

9.3AI score0.02782EPSS
Exploits0References10
cve
cve
added 2006/10/18 1:0 a.m.66 views

CVE-2006-5359

Technical details about CVE-2006-5359 are not publicly available in the provided documents. Monitor for updates from official advisories; current sources only reference generic vulnerabilities in Oracle Reports Developer without specifics.

10CVSS9.3AI score0.02782EPSS
Exploits0References10Affected Software2
cve
cve
added 2006/10/09 9:0 p.m.46 views

CVE-2005-4813

CVE-2005-4813 : Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certai...

5CVSS7.1AI score0.01816EPSS
Exploits0References8Affected Software4
nvd
nvd
added 2006/10/05 4:4 a.m.11 views

CVE-2006-5150

SQL injection vulnerability in the reports system in OpenBiblio before 0.5.2 allows remote attackers with report privileges to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS8.3AI score0.00995EPSS
Exploits0References5
cvelist
cvelist
added 2006/10/02 11:0 p.m.19 views

CVE-2006-5150

SQL injection vulnerability in the reports system in OpenBiblio before 0.5.2 allows remote attackers with report privileges to execute arbitrary SQL commands via unspecified vectors...

8.3AI score0.00995EPSS
Exploits0References5
nvd
nvd
added 2006/07/06 8:5 p.m.21 views

CVE-2006-3383

Cross-site scripting XSS vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover within a URL. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports...

5.8CVSS5.5AI score0.01146EPSS
Exploits0References3
cvelist
cvelist
added 2006/07/06 8:0 p.m.23 views

CVE-2006-3383

Cross-site scripting XSS vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover within a URL. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports...

5.5AI score0.01146EPSS
Exploits0References3
seebug
seebug
added 2006/06/19 12:0 a.m.37 views

ASP Stats Generator <= 2.1.1 SQL Injection Vulnerabilities

No description provided by source. /------------------------------------------------ IHS Public advisory -------------------------------------------------/ ASP Stats Generator SQL-ASP injection - Code Excution ASP Stats Generator is a powerful website counter, completely written in ASP programmin...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/06/18 12:0 a.m.49 views

RE: Cisco Secure ACS Cross Site Scripting Vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is Cisco PSIRT response to the statements made by Thomas Liam Romanis of Fujitsu Services Limited in their posting to BugTraq on the 15th June 2006, regarding Cisco Secure ACS LoginProxy.CGI Cross-Site Scripting Vulnerability, located at...

6.6AI score
Exploits0
Rows per page
Query Builder