(0Day) IBM Lotus Notes cai URI Handler Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of malformed strings within cai:// URIs. The '--launcher.library' switch ca...

ReOS Local File Include and SQL Injection Vulnerabilities

ReOS is prone to a local file-include vulnerability and multiple SQL- injection vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

[SECURITY] Fedora 13 Update: perl-CGI-3.51-1.fc13

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

CVE-2010-3840

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

Code injection

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

samba: mount.cifs improper device name and mountpoint strings sanitization

client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the 1 device name and 2 mountpoint strings are composed of valid characters, which allows local users to cause a denial of service mtab corruption via a crafted string...

PT-2011-1615 · Eclipse +1 · Eclipse Ide +1

Name of the Vulnerable Software and Affected Versions: Eclipse IDE versions prior to 3.6.2 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the Help Contents web application of the Eclipse IDE. These vulnerabilities allow remote attackers to inject arbitrary we...

Windows Gather SNMP Settings

This module will enumerate the SNMP service configuration. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather SNMP Settings', 'Description' = %q This module will enumerate the SNMP...

MonoMoonlight Generic Type Argument - Privilege Escalation

MonoMoonlight Generic Type Argument - Privilege Escalation Sources: https://www.chrishowie.com/2010/11/24/mutable-strings-in-mono/ https://www.securityfocus.com/bid/45051/info Mono and Moonlight is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to...

Mono/Moonlight Generic Type Argument - Privilege Escalation

Sources: https://www.chrishowie.com/2010/11/24/mutable-strings-in-mono/ https://www.securityfocus.com/bid/45051/info Mono and Moonlight is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges. Successful...

PYSEC-2011-28

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...

Fedora Update for libHX FEDORA-2010-12950

Check for the Version of libHX OpenVAS Vulnerability Test Fedora Update for libHX FEDORA-2010-12950 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

MySQL: crash when loading data into geometry function PolyFromWKB() (MySQL Bug#51875)

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

FreeType: Heap-based buffer overflow by processing FontType42 fonts with negative length of SFNT strings (FT bug #30656)

Array index error in the t42parsesfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based...

Tiki Wiki CMS Groupware 5.2 Multiple Vulnerabilities

Exploit for php platform in category web applications ==================================================== Tiki Wiki CMS Groupware 5.2 Multiple Vulnerabilities ==================================================== Tiki Wiki CMS Groupware is prone to a local file-include vulnerability and a...

[SECURITY] Fedora 13 Update: libHX-3.6-1.fc13

A library for: - rbtree with key-value pair extension - deques double-ended queues Stacks LIFO / Queues FIFOs - platform independent opendir-style directory access - platform independent dlopen-style shared library access - auto-storage strings with direct access - command line option argv parser...

Cisco IOS Software Multiple SNMP Community String Vulnerabilities - Cisco Systems

Multiple Cisco IOS Software and CatOS software releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices. ...

CentOS Update for freetype CESA-2010:0607 centos3 i386

Check for the Version of freetype OpenVAS Vulnerability Test CentOS Update for freetype CESA-2010:0607 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks

Microsoft Windows win32k!xxxRealDrawMenuItem missing HBITMAP bounds checks ---------------------------------------------------------------------------- Microsoft produce two builds of each of thier supported operating system, a checked build and a free build. The free build is intended for end...

Ubuntu Update for OpenLDAP vulnerabilities USN-965-1

Ubuntu Update for Linux kernel vulnerabilities USN-965-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9651.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for OpenLDAP vulnerabilities USN-965-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...