Avaya IP Office one-X Portal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Avaya IP Office one-X Portal. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UserConfigurationService and UploadFromLocalDriveServlet servlets. Th...

Cisco Fixes Three Bugs in Secure ACS Platform

Cisco has released patches for three vulnerabilities in its Secure Access Control System, including two flaws that could enable a remote attacker to take complete control of an affected system. Cisco’s Secure ACS is part of the company’s TrustSec solution, which the company says “supports the...

Novell Client nwspool.dll EnumPrinters Function Stack Buffer Overflow - Ver2 (CVE-2008-0639)

There exists a buffer overflow vulnerability in the way Novel Client for Windows handles RPC requests. The vulnerability is due to lack of boundary protection while processing RPC requests. A remote unauthenticated attacker may exploit this vulnerability to cause a denial of service condition or...

CVE-2013-5424

IBM Flex System Manager FSM 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account...

CVE-2013-5424

The IBM Security Bulletin confirms CVE-2013-5424 affects IBM Flex System Manager (FSM) 1.3.0, where an expired password for the system-level USERID lets an attacker bypass access controls and create rogue accounts or execute tasks. Affected product/version: FSM 1.3.0. Root cause: expired system-l...

Websense Triton 7.1.x < 7.1.3 / 7.5.x < 7.5.3 / 7.6.0 < 7.6.1 / 7.6.2 < 7.6.3 Remote Command Execution

The remote application is running Websense Triton, a commercial suite of web filtering products. The remote instance of Websense Triton fails to sanitize user-supplied input specifically affecting the 'explorerwse/wsirpt.exe' file. An attacker can exploit this issue to execute arbitrary commands...

Microsoft Office Pinyin IME 2010 CVE-2013-3859 Local Privilege Escalation Vulnerability

Description Microsoft Office is prone to a local privilege-escalation vulnerability that exists in the Pinyin Input Method Editor IME. A local attacker can exploit this issue to execute arbitrary code with system-level privileges, resulting in a complete compromise of the affected computer...

Microsoft Windows Print Spooler Service CVE-2013-1339 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that affects the Print Spooler Service. A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers...

n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.001 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom Command Shell Grants System-Level Access Risk: LOW Overview: The Polycom Command Shell ...

Polycom HDX Privilege Escalation

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.001 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: setenv othbootargs "devboot=bogus" - reboot reboot, are you sure? y This wil...

Microsoft Windows CVE-2013-1287 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

Microsoft Windows CVE-2013-1285 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

Microsoft Windows CVE-2013-1286 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2778344)

This host is missing an important security update according to Microsoft Bulletin MS13-016. OpenVAS Vulnerability Test $Id: secpodms13-016.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2778344 Authors: Antu Sanadi Copyright: Copyrig...

Microsoft Windows CSRSS CVE-2013-0076 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies...

Microsoft Windows Print Spooler Service CVE-2013-0011 Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler Service. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems Microsoft Windows 7 for...

Microsoft Windows CVE-2013-0008 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

Microsoft Windows File Handling Component Remote Code Execution Vulnerability (2758857)

This host is missing a critical security update according to Microsoft Bulletin MS12-081. OpenVAS Vulnerability Test $Id: secpodms12-081.nasl 5351 2017-02-20 08:03:12Z mwiegand $ Microsoft Windows File Handling Component Remote Code Execution Vulnerability 2758857 Authors: Sharath S Copyright:...

IBM System Director Remote System Level Exploit &#40;CVE-2009-0880 extended zeroday&#41;

IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely from a WebDAV share. The following exploit will loa...

Safend Data Protector Multiple Vulnerabilities

Safend Data Protector Multiple Vulnerabilities Client software 3.4.5586.9772: Advisory Link: http://www.reactionpenetrationtesting.co.uk/safend-private-key-log-file.html Details CVE number: CVE-2012-4767 The private key data is in the securitylayer.log file in a directory called "logs.9772". This...