3704 matches found
Objective Systems ASN1C generates code that contains a heap overflow vulnerability
Overview ASN.1 is a standard representation of data for networking and telecommunications applications. Objective System's ASN1C compiler generates C and C++ code that may be vulnerable to heap overflow. Description CWE-122: Heap-based Buffer Overflow - CVE-2016-5080ASN1C is used to generate...
Acer Portal app for Android does not properly validate SSL certificates
Overview The Acer Portal app for Android allows customers to connect to the Acer Cloud. The Acer Portal app, from version 3.9.3.2003 to 3.9.3.2006, does not properly validate SSL certificates when connecting to the Acer Cloud. Description CVE-2016-5648 - CWE-295: Improper Certificate Validation T...
Epiphany Cardio Server is vulnerable to SQL and LDAP injection
Overview The Epiphany Cardio Server is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights. Description Epiphany Cardio Server was reported as being vulnerable to the following issues:CWE-89: Improper Neutralization of Special Elements...
Chiyu Technology fingerprint access control contains multiple vulnerabilities
Overview Multiple models of Chiyu Technology fingerprint access control devices contain a cross-site scripting XSS vulnerability and an authentication bypass vulnerability. Description CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS- CVE-2015-2870According to t...
Raritian PX power distribution software is vulnerable to the cipher zero attack.
Overview Raritan PX power distribution software version 01.05.08 and previous running on a model DPXR20A-16 device allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 aka cipher zero and an arbitrary password. Description CWE-287: Improper...
Ignite Realtime Smack XMPP API contains multiple vulnerabilities
Overview Ignite Realtime's Smack XMPP API ServerTrustManger trusts unauthorized SSL certificates CWE-358 and IQ requests do not verify the from attribute allowing anyone to spoof IQ responses. CWE-345 Description CWE-358:Improperly Implemented Security Check for Standard- CVE-2014-0363 The...
Fortinet FortiOS 5.0.5 contains a reflected cross-site scripting (XSS) vulnerability
Overview Fortinet FortiOS 5.0.5, and possibly earlier versions, contains a cross-site scripting vulnerability. CWE-79 Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Fortinet FortiOS 5.0.5, and possibly earlier versions, contains a cross-site...
RealPlayer version 16.0.3.51 contains a buffer overflow vulnerability
Overview RealPlayer version 16.0.3.51 and possibly earlier versions contain a stack-based buffer overflow vulnerability CWE-121. Description CWE-121: Stack-based Buffer Overflow RealPlayer version 16.0.3.51 and possibly earlier versions contain a stack-based buffer overflow vulnerability. The .RM...
The TigerText Free Consumer Private Texting App (iOS) sends unencrypted user information in support requests
Overview The TigerText Free Consumer Private Texting App iOS sends unencrypted user information to TigerText support. Description The TigerText app generates an unencrypted log file containing the TigerText username and password on the device when a user taps on "Contact Customer Support." An ema...
Adobe Shockwave player installs Xtras without prompting
Overview Adobe Shockwave Player installs Xtras that are signed by Adobe or Macromedia without prompting, which can allow an attacker to target vulnerabilities in older Xtras. Description Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe...
Samsung and HTC android phone information disclosure vulnerability
Overview Certain Samsung and HTC android phones store user interactions to the dmesg buffer which could allow a a malicious application to derive certain user-inputted information from the phone. Description The Android operating system on certain Samsung and HTC mobile phones store certain user...
Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities
Overview Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities:CWE-79: Improper...
AutoFORM PDM Archive contains multiple vulnerabilities
Overview AutoFORM PDM Archive contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description According to AutoFORM's website AutoFORM PDM Archive is a comprehensive output management solution that encompasses document...
OneOrZero AIMS authentication bypass and SQLi vulnerabilities
Overview OneOrZero Action & Information Management System AIMS is vulnerable to an authentication bypass and SQL injection. Description According to the vendor's website:"OneOrZero AIMS is a powerful enterprise ready suite that includes a help desk, knowledge base, time manager and reporting syst...
Libpurple buffer overflow vulnerability
Overview The Libpurple instant messenger library contains a vulnerability that may allow an attacker to execute arbitrary code. Description Libpurple is an instant messenger IM library that is used by various programs to connect to multiple networks. Libpurple contains a buffer overflow...
IPv6 implementations insecurely update Forwarding Information Base
Overview A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. Description IPv6 networks use the Neighbor Discovery Protocol NDP to detect and locate routers and other on-link...
Windows Media Encoder WMEX.DLL ActiveX Control buffer overflow
Overview The WMEX.DLL ActiveX control, which is installed by Windows Media Encoder 9 Series, contains a buffer overflow vulnerability. Description According to Microsoft, the Windows Media Encoder is a tool used to capture audio and video content using Windows Media. The WMEX.DLL ActiveX control...
Microsoft GDI buffer overflow vulnerability
Overview The Microsoft GDI contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description The Graphics Device Interface GDI is component of the Microsoft Windows user interface. Windows Metafile WMF and Enhanced Metafile EMF are image file formats...
SSH Tectia Client and Server ssh-signer local privilege escalation
Overview The SSH Communications Security Tectia Client and Server products are vulnerable to privilege escalation, which may allow a local user to gain root access. Description The SSH Tectia Client and Server products contain an unspecified privilege escalation vulnerability in ssh-signer. A loc...
Adobe Flash Player asfunction protocol may enable cross-site scripting
Overview The Adobe Flash player asfunction protocol could allow an attacker to conduct cross-site scripting attacks on websites that host vulnerable Flash files. Description The Adobe Flash Player is a player for the Flash media format and enables frame-based animations and multimedia to be viewe...
Microsoft DirectX remote code execution
Overview Microsoft DirectX is vulnerable to a remote code execution vulnerability which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft DirectX is a feature of the Microsoft Windows operating system used for streaming multimedia...
CUPS buffer overflow vulnerability
Overview The Common Unix Printing System contains a buffer overflow vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code. Description The Common Unix Printing System CUPS is a printing service used by many Linux and Unix operating systems. CUPS uses a print...
Microsoft Windows URI protocol handling vulnerability
Overview Microsoft Windows fails to properly handle protocols specified in a URI, which could allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system. Description A Uniform Resource Identifier URI is a string of characters that can be used to identify a...
Adobe Flash Player FLV integer overflow
Overview A vulnerability in the Adobe Flash Player could allow a remote attacker to execute arbitrary code on an affected system. Description Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser. An integer...
Internet Pictures Corporation iPIX Image Well ActiveX controls contain buffer overflows
Overview The Internet Pictures Corporation iPIX Image Well ActiveX controls contain buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Internet Pictures Corporation has produced equipment and software to create 360...
file integer overflow vulnerability
Overview The file program contains a vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description file is a program for Unix-like operating systems that is used to determine what type of data is contained in a file.file contains a buffer...
Apple QuickTime movie heap buffer overflow vulnerability
Overview The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description Apple QuickTime contains a heap buffer overflow vulnerability. This vulnerability may allow an...
Apple iChat fails to properly handle crafted TXT key hashes
Overview A vulnerability in the way Apple iChat handles specially crafted TXT key hashes could lead to denial of service. Description Apple iChat is an instant message client for Apple Mac OS X. Apple iChat Agent is a back-end process that manages iChat sessions and available contacts. Apple...
Cisco IOS fails to properly handle Session Initiated Protocol packets
Overview Cisco devices that run IOS and support voice traffic fail to properly handle Session Initiated Protocol packets. Exploitation of this vulnerability may result in a denial-of-service condition. Description Cisco IOS is an operating system that is used on Cisco network devices. According t...
CA BrightStor ARCserve Backup Tape Engine directly calls user supplied data in RPC requests
Overview The Computer Associates BrightStor ARCserve Backup Tape Engine contains a vulnerability in its Tape Engine RPC service. If successfully exploited, this vulnerability may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retenti...
Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
Overview A vulnerability exists in the way Microsoft Outlook handles Office Saved Searches .oss. This vulnerability may allow a remote attacker to execute arbitrary code. Description Office Saved Searches .oss contain views of e-mail items that satisfy previous search criteria.Microsoft Outlook...
Citrix ICA Client ActiveX control buffer overflow
Overview A vulnerability in an ActiveX control provided with the Citrix Presentation Server Client could allow a remote attacker to execute arbitrary code on an affected system. Description The Citrix Presentation Server Client software provides an ActiveX control that can be used to integrate th...
Symantec Veritas NetBackup bpcd.exe CONNECT_OPTIONS buffer overflow
Overview Symantec Veritas NetBackup contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon is...
Apple Mac OS X ftpd may allow arbitrary users to determine account name validity
Overview Apple Mac OS X ftpd may allow arbitrary users to determine account name validity. This vulnerability may reveal protected information or allow an attacker to cause a denial-of-service condition. Description According to Apple Security Update 2006-007:When attempting to authenticate a val...
Microsoft Internet Explorer fails to properly interpret HTML with certain layout combinations
Overview A vulnerability in the way Microsoft Internet Explorer interprets malformed Web pages may lead to execution of arbitrary code. Description Microsoft Internet Explorer contatins a vulnerabilty that could be exploited when Internet Explorer attempts to interpret specially crafted Web pages...
Microsoft Excel fails to properly handle Lotus 1-2-3 files
Overview Microsoft Excel contains a vulnerability in the handling of malformed Lotus 1-2-3 files, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel contains an unspecified vulnerability that could be exploited when Exc...
Microsoft PowerPoint fails to properly handle malformed data records
Overview Microsoft PowerPoint contains a vulnerability in the handling of malformed data records, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoint...
Microsoft DirectAnimation Path ActiveX control fails to validate input
Overview The Microsoft DirectAnimation Path ActiveX control fails to properly validate input. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft DirectAnimation Path object is an ActiveX control that is used to move object...
Apple QuickTime fails to properly handle FLC movies
Overview Apple QuickTime fails to properly handle FLC movies. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple QuickTime is multimedia software that allows users to view local and remote audio, vide...
Microsoft Management Console cross-site scripting vulnerability
Overview Microsoft Management Console MMC is vulnerable to cross-site scripting, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description MMCMMC is an application that allows a user to perform administrative tasks. Through the use of various snap-ins, MMC ca...
Microsoft Internet Explorer HTML layout rendering vulnerability
Overview Microsoft Internet Explorer fails to properly render certain HTML layout combinations. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the rendering of certain HTML layout combinations...
Apple Mac OS X Image RAW vulnerable to buffer overflow via specially crafted Canon RAW image
Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description RAW image files provide access to image information directly from a camera's sensor prior to in-camera processing, retaining the...
Mozilla fails to properly handle simultaneous XPCOM events
Overview Mozilla products are vulnerable to memory corruption via simultaneous XPCOM events. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description XPCOMXPCOM is a cross-platform component object model similar to Microsoft COM or CORBA. XPCOM provides the...
Mozilla JavaScript engine contains multiple integer overflows
Overview The Mozilla JavaScript engine contains multiple integer overflows. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products that use the Mozilla JavaScript engine are vulnerable to integer overflows. Specifically, the...
Microsoft Internet Explorer fails to properly handle CLSID extensions
Overview Microsoft Internet Explorer fails to properly handle directories with CLSID extensions. This may allow an attacker to bypass the warning dialog that Internet Explorer should display before executing downloaded code. Description CLSID According to Microsoft MSDN, A CLSID is a "globally...
Apple QuickTime FlashPix integer overflow
Overview Apple QuickTime fails to properly handle FlashPix images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and remo...
Mozilla Firefox designMode deleted object reference
Overview Mozilla Firefox contains a deleted object reference vulnerability. This may allow a remote attacker to execute arbitrary code. Description Mozilla Firefox contains a vulnerability that causes a deleted object to be referenced when designMode is set to "on." When Firefox attempts to use...
Mozilla products border-rendering code vulnerability using CSS
Overview A vulnerability in the way Mozilla products and derivative programs handle certain CSS methods could allow a remote attacker to crash the application or execute arbitrary code on a vulnerable system. Description The Mozilla browser and derived products include support for Content Style...
RealNetworks products vulnerable to buffer overflow via specially crafted MBC file
Overview Numerous RealNetworks products are vulnerable to a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description RealNetworks RealPlayer RealNetworks RealPlayer is a multimedia application that allows users to view local and remote...
Adobe Flash products contain multiple vulnerabilities
Overview Several vulnerabilities in Adobe Macromedia Flash products may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web...