CVE-2011-4055

Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 aka 6.6 SP1, 7.5.217 aka 7.5 SP2, and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL...

Microsoft PowerPoint DLL加载远程代码执行漏洞(MS11-094)

BUGTRAQ ID: 50967 CVE ID: CVE-2011-3396 PowerPoint是一个由Microsoft公司开发的演示文稿程序，是Microsoft Office系统中的其中一个组件。它支持Microsoft WindowsApple的Mac OS X操作系统。 PowerPoint处理特制.ppt文件的方式中存在不安全加载DLL文件漏洞，成功利用后可允许攻击者以当前用户权限执行任意代码。 Microsoft Office 2008 for Mac Microsoft Office 2007 Microsoft PowerPoint 2007 临时解决方法：...

Microsoft PowerPoint OfficeArt远程代码执行漏洞(MS11-094)

BUGTRAQ ID: 50964 CVE ID: CVE-2011-3413 PowerPoint是一个由Microsoft公司开发的演示文稿程序，是Microsoft Office系统中的其中一个组件。它支持Microsoft WindowsApple的Mac OS X操作系统。 PowerPoint处理特制.ppt文件的方式中存在远程代码执行漏洞，成功利用后可允许攻击者以当前用户权限执行任意代码。 Microsoft Office 2008 for Mac Microsoft Office 2007 Microsoft PowerPoint 2007 临时解决方法：...

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

DEBIAN-CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

Microsoft Office共享组件DLL加载任意代码执行漏洞(MS11-023)

BUGTRAQ ID: 47246 CVE ID: CVE-2011-0107 Microsoft Office是一套由微软公司开发的办公软件，它为Microsoft Windows和Apple Macintosh操作系统而开发。 Microsoft Office在实现上存在共享组件DLL加载任意代码执行，远程攻击者可利用此漏洞以当前用户权限执行任意代码。 Microsoft...

UltraEdit Insecure Library Loading Vulnerability

This host is installed with UltraEdit and is prone to insecure library loading vulnerability. OpenVAS Vulnerability Test $Id: secpodultraeditinsecurelibraryloadingvuln.nasl 5401 2017-02-23 09:46:07Z teissa $ UltraEdit Insecure Library Loading Vulnerability Authors: Madhuri D Copyright: Copyright ...

Sun Java - Web Start Plugin Command Line Argument Injection (Metasploit)

$Id: javawsarginjectaltjvm.rb 10404 2010-09-21 00:13:30Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2010-1507

Vulnerability CVE-2010-1507 affects WebYaST in the yast2-webclient of SUSE Linux Enterprise 11 on the WebYaST appliance. The root cause is a fixed secret key embedded in the appliance image, which enables remote attackers to spoof session cookies by exploiting knowledge of this key. Publicly know...

CVE-2009-4824

Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."...

CVE-2009-4824

Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."...

Design/Logic Flaw

Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."...

CVE-2009-4824

CVE-2009-4824 affects Kolab Webclient <= 1.1.x (before 1.2.0) and Kolab Server

CVE-2009-4824

Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."...

Sun Java Web Start Plugin Command Line Argument Injection

$Id: javawsarginjectaltjvm.rb 9097 2010-04-16 08:08:40Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...