Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2007/03/06 12:0 a.m.35 views

Apple QuickTime QTIF integer overflow

Overview A vulnerability in Apple QuickTime's handling of files in the QTIF format could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Apple's QuickTime is a player for files and streaming media in a variety of different formats, including QuickTime Image...

5.8CVSS6.9AI score0.05366EPSS
Exploits1References6
CERT
CERT
added 2007/03/06 12:0 a.m.35 views

Apple QuickTime PICT heap buffer overflow

Overview The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description PICT is a graphics file format that was used by Apple Macintosh systems prior to OS X as their...

5.8CVSS7.4AI score0.06087EPSS
Exploits1References12
CERT
CERT
added 2007/02/26 12:0 a.m.35 views

HP Mercury products vulnerable to buffer overflow

Overview Some HP Mercury products are vulnerable to a buffer overflow and may allow an attacker to execute arbitrary code. Description The magentproc.exe service provided with some HP Mercury products fails to properly parse values in the serveripname field. If an overly long value is sent in thi...

10CVSS7.1AI score0.44457EPSS
Exploits5References5
CERT
CERT
added 2007/02/20 12:0 a.m.35 views

Microsoft Internet Explorer fails to properly interpret certain responses from FTP servers

Overview A vulnerability in the way Microsoft Internet Explorer handles responses from FTP servers may lead to execution of arbitrary code. Description Microsoft Internet Explorer contains an unspecified vulnerability that could be exploited when it attempts to interpret responses from FTP server...

10CVSS6.2AI score0.60813EPSS
Exploits0References5
CERT
CERT
added 2007/01/17 12:0 a.m.35 views

Novell NetMail IMAP vulnerable to buffer overflow when processing "SUBSCRIBE" commands

Overview A vulnerability in the way Novell Netmail handles IMAP SUBSCRIBE commands may cause a buffer overflow that may allow remote execution of arbitrary code. Description Novell Netmail's IMAP server contains a buffer overflow that may occur when processing parameters supplied to the SUBSCRIBE...

6.5CVSS7.6AI score0.5367EPSS
Exploits4References4
CERT
CERT
added 2007/01/12 12:0 a.m.35 views

CA BrightStor ARCserve Backup Message Engine RPC buffer overflow

Overview The Computer Associates BrightStor ARCserve Backup Message Engine contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retention tool that...

7.5CVSS7.4AI score0.68809EPSS
Exploits16References6
CERT
CERT
added 2007/01/05 12:0 a.m.35 views

OpenOffice fails to properly process WMF and EMF files

Overview Multiple buffer overflow vulnerabilities exist in the OpenOffice.org office suite. If successfully exploited, these vulnerabilities may allow an attacker to execute arbitrary code on a vulnerable system. Description OpenOffice.org is a free office suite that is available for multiple...

9.3CVSS7.5AI score0.0824EPSS
Exploits0References12
CERT
CERT
added 2006/12/14 12:0 a.m.35 views

Microsoft Word malformed pointer vulnerability

Overview A vulnerability in Microsoft Word could allow an attacker to compromise a vulnerable system. Description Data used by Microsoft Word to construct a destination address for a memory copy routine is embedded within a Word document itself. If an attacker constructs a Word document with a...

9.3CVSS6.4AI score0.40431EPSS
Exploits1References3
CERT
CERT
added 2006/12/06 12:0 a.m.35 views

Microsoft Word malformed string vulnerability

Overview A vulnerability in Microsoft Word could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word contains a vulnerability that could be exploited when Word opens a specially crafted document. It is possible that the vulnerability can be exploited by...

9.3CVSS6.6AI score0.31301EPSS
Exploits0References8
CERT
CERT
added 2006/10/25 12:0 a.m.35 views

Wireshark contains multiple off-by-one errors in the IPSec ESP preference parser

Overview Wireshark contains a vulnerability in the IPSec ESP preference parser that may cause a denial of service condition. Description Wireshark contains multiple off-by-one vulnerabilities in the IPSec ESP preference parser when the application has been compiled with ESP decryption support.Thi...

5CVSS8AI score0.04132EPSS
Exploits0References10
CERT
CERT
added 2006/10/24 12:0 a.m.35 views

Oracle SYS.DBMS_CDC_IMPDP package vulnerable to PL/SQL injection

Overview The Oracle SYS.DBMSCDCIMPDP package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle SYS.DBMSCDCIMPDP package is vulnerable to PL/SQL injection...

9CVSS7AI score0.02777EPSS
Exploits0References4
CERT
CERT
added 2006/10/24 12:0 a.m.35 views

Opera Web Browser fails to properly process overly long URLs

Overview The Opera Web Browser fails to properly process overly long URLs. This vulnerability may allow arbitrary code execution. Description Opera is a multi-platform web browser that is available for a range of operating systems and embedded Internet products. Opera contains a heap buffer...

5.1CVSS7.8AI score0.04724EPSS
Exploits0References3
CERT
CERT
added 2006/10/11 12:0 a.m.35 views

Microsoft Office fails to properly parse malformed strings

Overview A vulnerability in the way Microsoft Office parses files with malformed strings may lead to execution of arbitrary code. Description Microsoft Office contains a vulnerability that could be exploited when parsing specially crafted strings. According to Microsoft Security Bulletin...

9.3CVSS6.9AI score0.29568EPSS
Exploits0References1
CERT
CERT
added 2006/09/27 12:0 a.m.35 views

Microsoft Windows WebViewFolderIcon ActiveX integer overflow

Overview The Microsoft Windows WebViewFolderIcon ActiveX control contains an integer overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft WebViewFolderIcon object is an ActiveX control that comes with...

9.3CVSS6.9AI score0.63817EPSS
Exploits9References11
CERT
CERT
added 2006/08/16 12:0 a.m.35 views

X.Org server fails to properly test for effective user ID

Overview A vulnerability in the X.Org server could allow a local attacker to gain administrative privileges or cause a denial of service on an affected system. Description The X.Org server program provides several command-line options that are meant to be parsed only when the program is running a...

7.2CVSS6.9AI score0.01099EPSS
Exploits4References10
CERT
CERT
added 2006/07/27 12:0 a.m.35 views

Mozilla products fail to properly validate JavaScript constructors

Overview Mozilla products fail to properly validate references returned by JavaScript constructors. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-51: JavaScript functions have a...

7.5CVSS6.8AI score0.05359EPSS
Exploits0References5
CERT
CERT
added 2006/07/27 12:0 a.m.35 views

Mozilla contains multiple memory corruption vulnerabilities

Overview Mozilla products contain multiple vulnerabilities that can cause memory corruption. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products contain multiple bugs that cause the application to crash. In some cases, a crash may be...

7.5CVSS7.2AI score0.0747EPSS
Exploits0References17
CERT
CERT
added 2006/06/21 12:0 a.m.35 views

Microsoft Hyperlink Object Library stack buffer overflow

Overview The Microsoft Windows system library for handling hyperlinks contains a buffer overflow. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Description Microsoft Hyperlink Object Library HLINK.DLL The Hyperlink Object Library provides interfaces for...

9.3CVSS7.2AI score0.56461EPSS
Exploits6References4
CERT
CERT
added 2006/06/13 12:0 a.m.35 views

Microsoft IP Source Route Vulnerability

Overview A vulnerability in Microsoft Windows could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Source routing is a technique to determine the network route for a packet based on information supplied by the sender in the IP packet. The TCP/IP driver in so...

9.3CVSS7.2AI score0.58027EPSS
Exploits0References1
CERT
CERT
added 2006/05/12 12:0 a.m.35 views

Apple Safari fails to properly handle archive files containing symbolic links

Overview Apple Safari fails to properly handle archive files that contain symbolic links, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Safari Apple Safari is a web browser that comes with the Mac OS X operating system. Symbolic links Symbolic links are...

2.6CVSS7AI score0.0223EPSS
Exploits0References2
CERT
CERT
added 2006/05/12 12:0 a.m.35 views

Apple Quicktime JPEG integer overflow

Overview Apple QuickTime fails to properly handle JPEG images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and remote...

5.1CVSS7.5AI score0.03676EPSS
Exploits0References2
CERT
CERT
added 2006/03/14 12:0 a.m.35 views

Microsoft Excel fails to properly perform range validation when parsing document files

Overview Microsoft Excel contains an error in range validation, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate ranges in data files. When a file with a malformed range is opened in Excel,...

6.8CVSS7AI score0.31108EPSS
Exploits0References5
CERT
CERT
added 2006/03/03 12:0 a.m.35 views

Apple Safari vulnerable to buffer overflow

Overview Apple Safari is vulnerable to a stack-based buffer overflow. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Safari Apple Safari is a web browser that comes with the Mac OS X operating system. The Problem Apple Safari contains a stack-based...

6.4CVSS6.9AI score0.07774EPSS
Exploits0References2
CERT
CERT
added 2005/10/18 12:0 a.m.35 views

Snort Back Orifice preprocessor buffer overflow

Overview A buffer overflow exists in the Snort Back Orifice preprocessor that may allow a remote, unauthenticated attacker to execute arbitrary code, possibly with elevated privileges. Description Snort is an open-source intrusion detection system IDS. A lack of validation on attacker-controlled...

7.5CVSS7.5AI score0.83621EPSS
Exploits12References5
CERT
CERT
added 2005/08/09 12:0 a.m.35 views

Microsoft Plug and Play contains a buffer overflow vulnerability

Overview Microsoft Plug and Play contains a flaw in the handling of message buffers that may result in local or remote arbitrary code execution or denial-of-service conditions. Description The following is from the Microsoft Plug and Play description: Plug and Play PnP allows the operating system...

10CVSS7.6AI score0.93405EPSS
Exploits9References14
CERT
CERT
added 2005/08/01 12:0 a.m.35 views

Mozilla insecurely clones objects and member functions

Overview Mozilla fails to enforce security restrictions on cloned base objects. This may allow a remote attacker to execute arbitrary code on a vulnerable web browser. Description Mozilla supports the use of JavaScript to perform client side scripting. JavaScript uses prototyping as a way to...

7.5CVSS6.6AI score0.0596EPSS
Exploits1References7
CERT
CERT
added 2005/05/18 12:0 a.m.35 views

TCP does not adequately validate segments before updating timestamp value

Overview Certain TCP implementations may allow a remote attacker to arbitrarily modify host timestamp values, leading to a denial-of-service condition. Description The Transmission Control Protocol TCP is defined in RFC 793 as a means to provide reliable host-to-host transmission between hosts in...

5CVSS6.3AI score0.83284EPSS
Exploits1References3
CERT
CERT
added 2005/05/16 12:0 a.m.35 views

Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs

Overview Apple Mac OS X Directory Service utilities use external programs insecurely, potentially allowing an attacker to execute arbitrary code. Description The OS X Directory Services have three utilities chpass, chfn, and chsh to update information in the user database, such as user name,...

7.2CVSS7AI score0.00764EPSS
Exploits0References5
CERT
CERT
added 2005/05/09 12:0 a.m.35 views

Apple Mac OS X Server Admin fails to properly restrict users from using the proxy service

Overview The Apple Mac OS X Server HTTP proxy service does not restrict access by default and may allow unintended remote users to use the service. Description Mac OS X Server includes a service to provide for HTTP proxying. The HTTP proxy service does not include any access restrictions in the...

7.5CVSS6AI score0.01307EPSS
Exploits0References2
CERT
CERT
added 2005/02/28 12:0 a.m.35 views

Gaim vulnerable to DoS via specially crafted HTML

Overview Gaim contains a flaw in HTML processing that may result in an invalid memory access and denial of service condition. Description From the Gaim project:Gaim is a multi-protocol instant messaging IM client for Linux, BSD, MacOS X, and Windows. It is compatible with AIM and ICQ Oscar...

5CVSS6AI score0.03204EPSS
Exploits0References2
CERT
CERT
added 2005/02/21 12:0 a.m.35 views

Gaim vulnerable to HTML processing denial of service

Overview Gaim contains a flaw in HTML processing that may result in an invalid memory access and denial of service condition. Description From the Gaim project:Gaim is a multi-protocol instant messaging IM client for Linux, BSD, MacOS X, and Windows. It is compatible with AIM and ICQ Oscar...

5CVSS6.2AI score0.03484EPSS
Exploits0References2
CERT
CERT
added 2005/01/11 12:0 a.m.35 views

LibTIFF vulnerable to integer overflow via corrupted directory entry count

Overview An integer overflow in LibTIFF may allow a remote attacker to execute arbitrary code. Description LibTIFF is a library used to encode and decode images in Tag Image File Format TIFF. A lack of validation on user supplied input may allow buffer overflow to occur. TIFF files contain...

7.4AI score
Exploits0References2
CERT
CERT
added 2004/10/15 12:0 a.m.35 views

Microsoft Windows Program Group Converter vulnerable to buffer overflow

Overview Microsoft Program Group Converter contains a buffer overflow that may allow an attacker to execute arbitrary code. Description Microsoft describes Program Group Converter grpconv.exe as a application to "convert Program Manager Group files .grp extention that were created in Windows 3.1,...

10CVSS7.8AI score0.49951EPSS
Exploits1References2
CERT
CERT
added 2004/10/13 12:0 a.m.35 views

Microsoft Windows contains buffer overflow in processing of WMF and EMF image files

Overview A vulnerability in the way the Microsoft Windows Graphics Rendering Engine processes certain types of image files could allow an attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats...

10CVSS7.4AI score0.62054EPSS
Exploits8References4
CERT
CERT
added 2004/10/13 12:0 a.m.35 views

Microsoft Windows kernel fails to properly handle invalid opcodes used in DOS emulation

Overview A vulnerability in the way the Microsoft Windows kernel handles invalid opcodes used in DOS emulation could allow a local attacker to gain elevated privileges on a vulnerable system. Description The Virtual DOS Machine VDM provides support for 16-bit legacy operations and applications. F...

7.2CVSS6.9AI score0.01524EPSS
Exploits0References4
CERT
CERT
added 2004/10/13 12:0 a.m.35 views

Microsoft Windows processing of zip files contains a buffer overflow

Overview A buffer overflow exists in the way Microsoft Windows processes zip files that may allow remote code execution. Description Microsoft Windows XP and Windows Server 2003 feature the ability to natively handle zip files. Microsoft has released bulletin MS04-034 describing a remotely...

10CVSS7.7AI score0.603EPSS
Exploits4References2
CERT
CERT
added 2004/06/22 12:0 a.m.35 views

ISC DHCP contains C Includes that define vsnprintf() to vsprintf() creating potential buffer overflow conditions

Overview The Internet Systems Consortium's ISC Dynamic Host Configuration Protocol DHCP 3 application contains a vulnerability that introduces several potential buffer overflow conditions. Exploitation of this vulnerability can cause a denial-of-service condition to the DHCP Daemon DHCPD and may...

10CVSS7.8AI score0.16773EPSS
Exploits0
CERT
CERT
added 2004/03/23 12:0 a.m.35 views

util-linux login program discloses sensitive information

Overview util-linux login program uses a pointer that was previously freed and reallocated which could allow an attacker to gain access to sensitive information. Description util-linux is shipped with Red Hat and numerous other Linux distributions. It contains a collection of utility programs, su...

5CVSS6AI score0.03332EPSS
Exploits0References3
CERT
CERT
added 2004/03/09 12:0 a.m.35 views

Linux kernel do_mremap() call creates virtual memory area of 0 bytes in length

Overview There is a vulnerability in the Linux kernel memory management routines that allows local users to gain superuser privileges. Description The Linux kernel contains a vulnerability in the domremap call that allows software to create a virtual memory area VMA with a length of 0 bytes. This...

6.3AI score
Exploits0References8
CERT
CERT
added 2004/03/05 12:0 a.m.35 views

NTP service vulnerable to internal overflow if date / time offset is greater than 34 years

Overview NTP Network TIme Protocol contains an integer overflow vulnerability that may lead to clients receiving an incorrect date/time offset. Description NTP Network Time Protocol is a method by which client machines can synchronize the local date and time with a reference server. The server wi...

7AI score
Exploits0References3
CERT
CERT
added 2004/02/25 12:0 a.m.35 views

Apple Mac OS X contains a vulnerability in DiskArbitration when initializing writable removable media

Overview Apple Mac OS X contains a vulnerability in the way DiskArbitration initializes writable removable media. Description The DiskArbitration Server in Apple Mac OS X tracks new disks and provides notifications announcing their availability. There is a non-specific vulnerability identified as...

7.5CVSS6AI score0.02272EPSS
Exploits0References2
CERT
CERT
added 2004/02/05 12:0 a.m.35 views

Check Point ISAKMP vulnerable to buffer overflow via Certificate Request

Overview A buffer overflow vulnerability exists in the Internet Security Association and Key Management Protocol ISAKMP implementation used in Check Point VPN-1, SecuRemote, and SecureClient products. An unauthenticated, remote attacker could execute arbitrary code with the privileges of the ISAK...

10CVSS7.7AI score0.07623EPSS
Exploits0References9
CERT
CERT
added 2004/02/05 12:0 a.m.35 views

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Overview Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. Description The HTTP Security Servers component of Check Point Firewall-1 contains an HTTP parsing vulnerability that is triggered by...

10CVSS7.3AI score0.09314EPSS
Exploits0References4
CERT
CERT
added 2004/02/03 12:0 a.m.35 views

Apache mod_rewrite vulnerable to buffer overflow via crafted regular expression

Overview A vulnerability in a supplementary module to the Apache HTTP server could allow an attacker to execute arbitrary code on an affected web server under certain circumstances. Description The Apache HTTP server distribution includes a number of supplemental modules that provide additional...

8.1AI score
Exploits0References9
CERT
CERT
added 2003/08/26 12:0 a.m.35 views

Microsoft Windows BR549.DLL ActiveX control contains vulnerability

Overview The Microsoft Windows BR549.DLL ActiveX control, which provides support for the Windows Reporting Tool, contains an unknown vulnerability. The impact of this vulnerability is not known. Description Microsoft Security Bulletin MS03-032 briefly describes a vulnerability in the BR549.DLL...

7.5CVSS7.8AI score0.30387EPSS
Exploits0References8
CERT
CERT
added 2003/08/18 12:0 a.m.35 views

IRISconsole allows login to the "iceadmin" account with incorrect password

Overview SGI IRIS console contains a vulnerability which may allow a local attacker to gain elevated privileges. Description SGI describes IRISconsole as a "central control point that manages and monitors servers and logs their activity." A vulnerability in IRISconsole may allow a local attacker ...

7.5CVSS6.7AI score0.0175EPSS
Exploits0References3
CERT
CERT
added 2003/06/10 12:0 a.m.35 views

Sun Java Runtime Environment allows untrusted applets to access information within trusted applets

Overview The Sun Java Runtime Environment JRE contains a vulnerability that may lead to sensitive information being leaked. Description Sun Microsystems describes the Sun JRE as follows:The Java RE provides the libraries, Java virtual machine, and other components necessary for you to run applets...

7.2AI score
Exploits0References7
CERT
CERT
added 2003/04/30 12:0 a.m.35 views

ScriptLogic sets insecure permissions on "LOGS$" share

Overview Version 4.01 of ScriptLogic contains a vulnerability in the default permissions assigned to the network share used for logging. Description The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabilities for Microsoft Windows systems in a domain...

7AI score
Exploits0References1
CERT
CERT
added 2003/03/20 12:0 a.m.35 views

TCP/IP implementations handle unusual flag combinations inconsistently

Overview Various vendors' TCP/IP implementations handle packets containing unusual flag combinations in different ways, which may lead to a violation of implicit or explicit security policies. Description Background on TCP/IP Connection Semantics To establish a TCP connection, a client and server...

7.5CVSS7.4AI score0.03742EPSS
Exploits1References9
CERT
CERT
added 2002/10/10 12:0 a.m.35 views

ypxfrd daemon fails to properly validate user supplied arguments in "getdbm" procedure

Overview A vulnerability in the ypxfrd daemon may allow a local attacker to read arbitrary files on the vulnerable system. Description Janusz Niewiadomski, of iSEC, discovered this vulnerability and produced the following advisory.Issue: ====== Improper arguments validation in ypxfrd may allow...

5CVSS6AI score0.02238EPSS
Exploits0References2
Total number of security vulnerabilities3704