CVE-2010-4302

/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing UVC System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the 1 administrator and 2 operator passwords, which makes it easier for local users to obtain sensitive...

OpenJDK JPEG writeImage remote code execution (6963023)

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...

Microsoft Word Unchecked Index Value Remote Code Execution (MS10-079; CVE-2010-2750)

Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in the way that Microsoft Word handles index values inside a specially crafted Word file. The vulnerability is due to an error in Microsoft Word that fails to properly parse specially...

Fedora 12 : freetype-2.3.11-6.fc12 (2010-15785)

Mon Oct 4 2010 Marek Kasik 2.3.11-6 - Add freetype-2.3.11-CVE-2010-2805.patch Fix comparison. - Add freetype-2.3.11-CVE-2010-2806.patch Protect against negative stringsize. Fix comparison. - Add freetype-2.3.11-CVE-2010-2808.patch Check the total length of collected POST segments. - Add...

CVE-2010-2584

The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an ht...

Buffer overflow

Multiple buffer overflows in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls allow remote attackers to execute arbitrary code via a long 1 DestURL or 2 SourceFile property value...

VUPEN Security Research - Microsoft Office Word Return Value Handling Vulnerability (CVE-2010-3215)

VUPEN Security Research - Microsoft Office Word Return Value Handling Vulnerability CVE-2010-3215 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Word, included in the Microsoft Office suite, is a powerful authoring program that gives the ability to...

CVE-2010-3886

The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory...

CVE-2010-3886

The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory...

Mozilla Products nsCSSValue Array Index Integer Overflow (CVE-2010-2752)

Mozilla Firefox and Seamonkey are popular open source web browsers from Mozilla Foundation. An integer overflow vulnerability exists in Mozilla products including Firefox, Thunderbird, and SeaMonkey. The vulnerability is due to a 16-bit integer value used in allocating the size of the array class...

FreeBSD -- Integer overflow in bzip2 decompression

Problem Description: When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow...

CVE-2010-3254

Technical details for CVE-2010-3254 are not publicly detailed in the provided connected documents. The set includes references and mappings to the CVE across OpenVAS, Ubuntu advisories, and NVD, but no concrete exploit vectors, affected versions beyond Chrome before 6.0.472.53, or remediation spe...

CVE-2010-3254

The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

UBUNTU-CVE-2010-3254

The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2010-2935

simpress.bin in the Impress module in OpenOffice.org OOo 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PowerPoi...

Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

DEBIAN-CVE-2010-2806

Array index error in the t42parsesfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based...

PT-2010-3520 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions Gold, SP2, and R2 Microsoft Windows 7 Description: The issue arises from t...

Microsoft Windows MPEG Layer-3 Audio Decoder Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the codec responsible for parsing layer ...

tomcat handling of cookie values

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the " character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks...