1291 matches found
Code injection
The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to...
CVE-2011-1789
The CVE-2011-1789 entry describes an unsigned self-extracting installer in the vSphere Client Installer for VMware vCenter 4.0 (before Update 3) and 4.1 (before Update 1), as well as VMware ESXi 4.x (before 4.1 Update 1) and ESX 4.x (before 4.1 Update 1). The root cause is the lack of a digital s...
Symantec AppStream and Workspace Streaming vulnerable to arbitrary code download and execution
Overview The Symantec AppStream and Workspace Streaming clients fail to properly validate downloads, which can allow a remote, unauthenticated attacker to download and execute arbitrary code on a vulnerable system. Description Symantec Workspace Streaming is a software distribution solution that...
DSA-1729-1 gst-plugins-bad0.10 - multiple vulnerabilities
Bulletin has no description...
CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
ThinkVantage System Update < 3.14 SSL Certificate Issuer Spoofing
The remote host is running ThinkVantage System Update, a software distribution tool for Lenovo computers. The version of System Update installed on the remote host reportedly does not perform certificate chain verification when initiating an SSL connection with an update server. An attacker who...
CA DSM gui_cm_ctrls.ocx ActiveX控件远程代码执行漏洞
BUGTRAQ ID: 28809 CVECAN ID: CVE-2008-1786 CA桌面和服务器管理(DSM)产品中包含多种应用,分别用来执行软件分发、远程控制和资产管理任务。 DSM产品所提供的guicmctrls ActiveX控件没有充分的验证函数输入,如果用户受骗访问了恶意网页的话就可能导致拒绝服务或在WEB浏览器会话中执行任意代码。 Computer Associates guicmctrls.ocx 11.2.3.1896 Computer Associates guicmctrls.ocx 11.2.2000.4 Computer Associates...
security flaw
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENVUSERVAR command...
security flaw
Buffer overflow in the slcaddreply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character SLC commands...
adobe.acrobat.netbus.trojan.txt
Date:Tue, 6 Apr 1999 07:41:06 -0600 Reply-To:"Wamsley, James R" Sender:Windows NT BugTraq Mailing List From:"Wamsley, James R" Subject:Adobe put Trojan horse in Acrobat. Comments:To: "[email protected]" Comments:cc: "Samos, Randy B." We recently found an alarming problem with Adobe's...
Systems Management Server 2003 Service Pack 3
Microsoft Systems Management Server SMS 2003 with Service Pack 3 SP3 brings full Vista support to your organization beyond just OS Deployment, which is already available through the OS Deployment Feature Pack. Now, full lifecycle support of Microsofts latest platform including software...