16 matches found
KLA11281 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A buffer overflow vulnerability can be exploited...
KLA10747 Obsolete PHP version in XAMPP & WAMP
Obsolete version of PHP was found in XAMPP & WAMP. Details about PHP vulnerabilities you can get at KLA10746. Original advisories - Related products PHP CVE list CVE-2016-1904 critical CVE-2016-1903 high CVE-2015-8617 critical CVE-2015-8616 critical CVE-2015-6836 critical CVE-2015-6833 warning...
KLA10671 Flash Player update for Google Chrome
Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10670. Original advisories Blog entry Exploitation Public exploits exist for this vulnerability. Related products Google-Chrome CVE list CVE-2015-5573 critical CVE-2015-5574 critical CVE-2015-5575 critica...
KLA10530 JRE update for multiple VMware products
Multiple VMware products were updated to address vulnerabilities in Oracle Java. For details look at KLA10447. Original advisories VMSA advisory KLA10447 Exploitation Public exploits exist for this vulnerability. Related products VMware-unclassified-products CVE list CVE-2014-6593 warning Solutio...
KLA10447 Multiple vulnerabilities in Java SE
Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to cause loss of integrity, denial of service and obtain sensitive information. Below is a complete list of vulnerabilities 1. Vectors relsted to Swing, Hotspot, JAX-WS,...
KLA10448 Multiple Pidgin vulnerabilities
Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information and write local files. Below is a complete list of vulnerabilities 1. Vectors related to Jabber protocol can be exploited remotely...
KLA10077 WLF vulnerability in Apple iTunes
A permissions vulnerability was found in Apple iTunes. By exploiting this vulnerability malicious users can modify local files. This vulnerability can be exploited locally via standard file system operations. Original advisories Apple bulletin Related products Apple-iTunes CVE list CVE-2014-1347...
KLA10169 WLF vulnerability in Emacs
An unspecified vulnerability was found in GNU Emacs. By exploiting this vulnerability malicious users can overwrite arbitrary tmp files. This vulnerability can be exploited locally via a symlink attack. Original advisories - Related products GNU-Emacs CVE list CVE-2014-3424 warning CVE-2014-3423...
KLA10394 Multiple vulnerabilities in Siemens
Multiple critical vulnerabilities have been found in Siemens products. Malicious users can exploit these vulnerabilities to read & modify arbitrary files, cause denial of service, execute arbitrary code, bypass authentication, obtain access and inject arbitrary HTTP headers. Below is a complete...
KLA10322 RLF & WLF vulnerabilities in Serv-U
A directory traversal was found in Serv-U FTP Server. By exploiting this vulnerability malicious users can read and write arbitrary files. This vulnerability can be exploited remotely via a specially designed path. Original advisories - Exploitation Public exploits exist for this vulnerability...
KLA10058 WLF vulnerability in Altiris Notification Server
An unspecified vulnerability was found in the Symantec products. By exploiting this vulnerability malicious users can download and write local files. This vulnerability can be exploited from the network at a point related to eXpress NS SC Download. Original advisories Symantec security advisory...
KLA10154 WLF vulnerability in FTP Voyager
Directory traversal vulnerability was found in the FTP Voyager. By using this vulnerability spiteful abuser can erite arbitrary files. This vulnerability can be exploited from remote via specially designed filename. Original advisories test results Related products FTP-Voyager CVE list...
KLA10172 Vulnerability in Garmin Communicator Plugin
An improper restriction was found in Garmin Communicator Plug-In. By exploiting this vulnerability malicious users can obtain sensitive information or reconfigure GPS device. This vulnerability can be exploited remotely via unspecified vectors. Original advisories - Related products...
KLA10339 WLF vulnerability in SpeedProject
A directory traversal vulnerability was found in SpeedProject products. By exploiting this vulnerability malicious users can overwrite local files. This vulnerability can be exploited remotely at a point related to the JAR and ZIP archives. Original advisories - Related products...
KLA10377 WLF vulnerability in Veritas Backup Exec
An insecure auth was found in Veritas Backup Exec. By exploiting this vulnerability malicious users can read & write arbitrary code. This vulnerability can be exploited remotely at a point related to NDMP agent. Original advisories Symantec bulletin Related products VERITAS-Backup-Exec CVE list...
KLA10294 WLF vulnerability in Pine
A race condition was found in Pine. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited locally via a symlink attack. Original advisories - Related products Pine CVE list CVE-2005-1066 warning Solution Update to latest version Impact...