164 matches found
Microsoft Visual Basic ActiveX Controls Remote Code Execution (MS08-070; CVE-2008-3704; CVE-2008-4252; CVE-2008-4253; CVE-2008-4254; CVE-2008-4255; CVE-2008-4256)
Visual Basic is an event-driven programming language that was created by Microsoft for building stand alone Windows-based programs. Developers can use it for quickly building GUI applications. Several remote code execution vulnerabilities have been reported in Microsoft Visual Basic: CVE-2008-425...
CA Products That Embed Ingres Multiple Vulnerabilities
Title: CA Products That Embed Ingres Multiple Vulnerabilities CA Advisory Date: 2008-08-01 Reported By: iDefense Labs Impact: A remote attacker can execute arbitrary code, gain privileges, or cause a denial of service condition. Summary: CA products that embed Ingres contain multiple...
CGI::Session CGISESSID Cookie值目录遍历漏洞
BUGTRAQ ID: 30267 CGI::Session是一个Perl5库,可提供可靠易用的模块化会话管理系统。 CGI::Session没有充分的过滤CGISESSID cookie值便将其用在了File驱动中创建会话数据文件的文件名。如果远程攻击者在cookie值中注入了目录遍历序列,就会导致File驱动从配置的会话数据目录以外的任意文件读取会话数据。 仅在满足了所有以下条件的情况下才可以利用这个漏洞: 1 Web应用使用了CGI::Session中的File驱动管理会话。 2 Web应用部署于基于Windows的系统。 3...
VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2008-0009 Synopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX,...
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
a. VMware Tools Local Privilege Escalation on Windows-based guest OS The VMware Tools Package provides support required for shared folders HGFS and other features. An input validation error is present in the Windows-based VMware HGFS.sys driver. Exploitation of this flaw might result in arbitrary...
Microsoft Active Directory LDAP Request Denial of Service (MS08-035; CVE-2008-1445)
Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode ADAM is a Lightweight Directory Access Protocol LDAP directory service that runs as a user service.A denial of service vulnerability has been reported in...
Security Update for Flash Player (KB923789)
Security issues have been identified in Macromedia Flash Player from Adobe that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart yo...
Directory traversal
Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\ dot dot backslash sequence in the filename, as stor...
Trend Micro ServerProtect SpntSvc buffer overflow vulnerability
Overview Trend Micro ServerProtect contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Trend Micro ServerProtect is an anti-virus application that is designed to run on Windows-based servers. The...
VMSA-2007-0004 Multiple Denial-of-Service issues fixed
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2007-0004 Synopsis: Multiple Denial-of-Service issues fixed Issue date: 2007-05-04 Updated on: 2007-05-04 CVE numbers: CVE-2007-1069...
Firewall security risks-vulnerability warning-the black bar safety net
By KenshinB. C. T Published in the manual hacker 0 6. 6 Reproduced please indicate:http://www. loveshell. net Potatoes Amnesty let me out of here,we respect the lower! Thank you! Himself for the firewall always nothing good, in invasion, they're rather nasty stumbling block is. They not only put...
ARCserve Backup for Laptops & Desktops Server Admin Service Detection
BrightStor ARCserve Backup for Laptops & Desktops Server formerly BrightStor Mobile Backup Server, an enterprise class backup solution for remote and mobile Windows-based PCs, is installed on the remote host. And the service listening on this port is used by the application's Server Explorer to...
ARCserve Backup for Laptops & Desktops Server Detection
BrightStor ARCserve Backup for Laptops & Desktops Server / BrightStor Mobile Backup Server, an enterprise class backup solution for remote and mobile Windows-based PCs, is installed on the remote host. And the service listening on this port is used by clients to backup and restore files...
RealServer Describe Buffer Overflow
This module exploits a buffer overflow in RealServer 7/8/9 and was based on Johnny Cyberpunk's THCrealbad exploit. This code should reliably exploit Linux, BSD, and Windows-based servers. This module requires Metasploit: https://metasploit.com/download Current source:...
Security Update for Flash Player (KB923789)
Security issues have been identified in Macromedia Flash Player from Adobe that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart yo...
Security Update for Flash Player (KB913433)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system with a vulnerable version of the Flash Player and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you...
Security Update for Flash Player (KB913433)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system with a vulnerable version of the Flash Player and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you...
[Hat-Squad] Remote Heap Corruption Vulnerability in Interaction SIP Proxy
Hat-Squad Advisory: Remote Heap Corruption Vulnerability in Interaction SIP Proxy Product: Interaction SIP Proxy Vendor: Interactive Intelligence Inc. http://www.inin.com Systems Affected: Vonexus Enterprise Interaction Center Interaction SipProxy 3.0.010 Release Date: 12/21/2005 Vendor Status:...
Don't let upload My Chosen pass-vulnerability warning-the black bar safety net
Recently busy with the development of a WAP mobile website, several days did not sleep, is because UTF8 conversion for GB problems. Online though there are ready-made ASP script can be converted, but the conversion process or some character conversion. Helpless in a successful development of the...
Hosting Controller 0.6.1 - User Registration (1)
Domain: Username: INP...