Microsoft VBScript And JScript Scripting Engines Integer Overflow Code Execution Vulnerability

Description Microsoft VBScript and JScript scripting engines are prone to a remote code-execution vulnerability due to an integer-overflow error. Attackers can leverage this issue by enticing unsuspecting users to view a malicious webpage. Successful exploits would allow arbitrary code to run wit...

DEBIAN-CVE-2012-3866

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for lastrunreport.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file...

http-slowloris NSE Script

Tests a web server for vulnerability to the Slowloris DoS attack by launching a Slowloris attack. Slowloris was described at Defcon 17 by RSnake see . This script opens and maintains numerous 'half-HTTP' connections until the server runs out of resources, leading to a denial of service. When a...

Siemens Simatic S7-1200 CPU START/STOP Module

Exploit Title: Siemens Simatic S7 1200 CPU command module Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1200 PLC CVE : None require 'msf/core' class Metasploit3 'Siemens Simatic S7-1200 CPU START/STOP Module', 'Description'...

Siemens Simatic S7-300/400 CPU START/STOP Module

Exploit for hardware platform in category remote exploits Exploit Title: Siemens Simatic S7 300/400 CPU command module Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-300 PLC CVE : None require 'msf/core' class Metasploit3...

Siemens Simatic S7-1200 CPU START/STOP Module

Exploit for hardware platform in category remote exploits Exploit Title: Siemens Simatic S7 1200 CPU command module Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1200 PLC CVE : None require 'msf/core' class Metasploit3...

ACDSee Pro < 5.2 Multiple Memory Corruption Vulnerabilities

ACDSee, an image editing application, is installed on the remote host. The installed version of ACDSee is earlier than 5.2 and thus is potentially affected by multiple vulnerabilities : - Insufficient validation in IDICO.apl when copying colors from cursors in .CUR files can be exploited to cause...

Design/Logic Flaw

Use-after-free vulnerability in the Cascading Style Sheets CSS implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes...

CVE-2011-3068

Use-after-free vulnerability in the Cascading Style Sheets CSS implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes...

CVE-2011-3068

Removed by vendor...

CVE-2011-3068

Use-after-free vulnerability in the Cascading Style Sheets CSS implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes...

Apache 2.4 Comes Out, Major update after 6 years

Apache 2.4 Comes Out, Major update after 6 years The Apache Software Foundation officially released the Apache 2.4 today as the first major update to this leading open-source web-server in more than a half-decade. Apache 2.4 is slated to deliver superior performance to its 2.2 predecessor and...

Microsoft Windows C Run-Time Library Remote Code Execution Vulnerability (2654428)

This host is missing a critical security update according to Microsoft Bulletin MS12-013. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fedora 15 : polipo-1.0.4.1-6.fc15 (2012-0849)

add daily cache cleanup - fix missing creation of /var/run directory bz 755198 - make sure log directory context is set correctly bz 741779 - fix denial of service vulnerability CVE-2011-3596 bz 742897 Note that Tenable Network Security has extracted the preceding description block directly from...

CVE-2011-5057

Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an...

Design/Logic Flaw

Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an...

CVE-2011-3339

The CVE-2011-3339 entry describes an XSS vulnerability in the Admin Control Center of SafeNet Sentinel HASP/SRM, affecting HASP Run-time Environment 5.95 and earlier, with installers before 6.x and SDKs before 5.11. The issue arises from inadequate input validation in the web application, which c...

Privilege escalation

Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)

This host is missing an important security update according to Microsoft Bulletin MS11-097. OpenVAS Vulnerability Test $Id: secpodms11-097.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2620712 Authors: Rachana Shetty Copyright:...

How to Edit Multiple Alarms at the Same Time

Purpose This article provides supplemental information regarding batch alarm editing. As documented in the Veeam ONE Monitoring Guide, in batch editing mode, you can only change the Assignment, Notifications, Actions, and Suppression alarm settings. Solution For information about modifying multip...