3704 matches found
HP Online Support Services ActiveX DeleteSingleFile() arbitrary file deletion
Overview The HP Online Support Services ActiveX control contains a method called DeleteSingleFile. This may allow a remote, unauthenticated attacker to remove files from a vulnerable system. Description HP Services provides online product support services including HP Instant Support. The...
OpenSSL Server Name extension Denial of Service
Overview A vulnerability exists in OpenSSL that may allow a remote attacker to cause a denial of service. Description OpenSSL contains a vulnerability in the way server name extension data is handled that may result in a denial of service. According to OpenSSL Security Advisory 28-Mar-2008:If...
Foxit Reader buffer overflow vulnerability
Overview Foxit Reader contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description Foxit Reader is a PDF reader that is available on multiple operating systems.From the Secuia Research advisory Foxit Reader "util.printf" Buffer Overflow: S ecunia...
Creative Software AutoUpdate Engine ActiveX stack buffer overflow
Overview The Creative Labs AutoUpdate Engine ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Creative Software AutoUpdate Engine ActiveX control is a component that provides...
X.Org PCF font parser buffer overflow
Overview A vulnerability in the X.Org server could allow a remote attacker to execute arbitrary code on an affected system. Description The X.Org project provides an open source implementation of the X Window System. The server supports bitmapped fonts in various formats, including Portable...
RealNetworks RealPlayer ActiveX controls property heap memory corruption
Overview Multiple RealPlayer ActiveX controls fail to properly handle properties, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description RealNetworks RealPlayer provides multiple ActiveX controls to allow integration with Internet Explorer...
Mozilla Thunderbird external-body MIME type buffer overflow
Overview Mozilla Thunderbird contains a heap-based buffer overflow which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Mozilla Thunderbird is an open source, cross-platform email and news client. Thunderbird uses Multipurpose Internet...
Microsoft Windows LSASS privilege escalation vulnerability
Overview The Windows LSASS service contains privilege escalation vulnerability. Description The Windows Local Security Authority Subsystem Service LSASS is a process that enforces the local security policy. Per Microsoft Security Bulletin MS08-002: An elevation of privilege vulnerability exists i...
RealNetworks player "Lyrics3" buffer overflow
Overview Multiple RealNetworks media players contain a buffer overflow which could allow a remote attacker to execute arbitrary code on an affected system. Description The RealNetworks RealPlayer and Helix Player applications allow users to view local and remote audio and video content. These...
Cisco IOS LPD buffer overflow vulnerability
Overview The Cisco IOS Line Printer Daemon contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition . Description The Cisco IOS includes support for the UNIX Line Printer Daemon...
Microsoft Agent fails to properly handle specially crafted URLs
Overview Microsoft Agent fails to properly handle specially crafted URLs, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system Description Microsoft Agent is software that provides animated characters to enhance interaction with computer systems...
IBM and Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures
Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...
Flash Player information disclosure vulnerability
Overview The Adobe Flash player contains an information disclosure vulnerability that affects the Konqueror and Opera web browsers. Description Konqueror is the default web browser for the KDE desktop. Opera is a web browser that is available for Windows, Linux and BSD systems.The Adobe Flash...
Apple Safari cross-domain HTTP redirection race condition
Overview Apple Safari contains a race condition when handling HTTP redirection when updating pages. This can allow a cross-domain violation. Description Apple Safari contains a race condition when updating pages. When this race condition is used in combination with an HTTP redirection, Safari may...
Cerulean Studios Trillian Instant Messenger fails to properly handle "UTF-8" sequences
Overview A vulnerability in Cerulean Studios Trillian Instant Messenger client may lead to execution of arbitrary code. Description Cerulean Studios Trillian Instant Messenger client fails to properly handle specially crafted UTF-8 text. A heap overflow may occur when Trillian receives a messages...
Microsoft Windows Secure Channel integer underflow
Overview A vulnerability in Microsoft Windows Secure Channel security package may lead to execution of arbitrary code. Description Microsoft Windows Secure Channel Schannel security package implements standard network authentication protocols Secure Sockets Layer SSL and Transport Layer Security...
Microsoft Speech API ActiveX controls contain buffer overflows
Overview The Microsoft Speech API ActiveListen and ActiveVoice ActiveX controls contain multiple buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Speech API is a software package that provides text-to-spee...
E-Book Systems FlipViewer ActiveX control stack buffer overflows
Overview The E-Book Systems FlipViewer ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description E-Book Systems FlipViewer is software for viewing "FlipBooks." FlipViewer includes an...
Takebishi Electric DeviceXPlorer OPC Server fails to properly validate OPC server handles
Overview The Takebishi Electric DeviceXPlorer OPC server contains a vulnerability that may allow a remote attacker to execute arbitary code or cause a denial-of-service. Description OLE for Process Control OPC is a specification for a standard set of OLE COM objects for use in the process control...
WordPress fails to properly sanitize input passed to the iz parameter in wp-includes/theme.php
Overview WordPress fails to properly sanitize input to the iz parameter in wp-includes/theme.php, which could allow a remote, unauthenticated attacker to execute arbitrary commands. Description WordPress is a blogging application that is written in PHP. WordPress 2.1.1 fails to properly sanitize...
Mozilla JavaScript Engine multiple memory corruption vulnerabilities
Overview Several vulnerabilities exists in the Mozilla JavaScript Engine that may allow a remote attacker to compromise a vulnerable system. Description The Mozilla JavaScript Engine contains multiple vulnerabilities that may result in memory corruption. According to the Mozilla Foundation Securi...
Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability
Overview Web browsers running the Apple QuickTime plugin may allow remote web sites to reference content on the local filesystem. This may allow an attacker to execute script within the security context of the local machine. Description Web browser plugins that allow remote web sites to reference...
Microsoft Excel fails to properly handle malformed IMDATA records
Overview A vulnerability in the way that Microsoft Excel handles malformed image records could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate the size of IMDATA records. When a file containing a malformed IMDATA record is...
Mozilla mail products vulnerable to heap buffer overflow via Content-Type headers
Overview Mozilla mail products contain a heap buffer overflow vulnerability in the way they process Content-Type headers. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Mozilla Thunderbird and SeaMonkey contain a buffer overflow...
Apple Mac OS X Security Framework Secure Transport may not negotiate the best cipher available
Overview Apple Mac OS X Security Framework Secure Transport may not negotiate the best cipher available. This vulnerability may allow traffic to be weakly encrypted. Description Secure Transport refers to Apple’s implementation of SSL and TLS that is used by Mac OS X to create secure connections...
Oracle MDSYS.SDO_LRS package vulnerable to PL/SQL injection
Overview The Oracle MDSYS.SDOLRS package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle MDSYS.SDOLRS package is vulnerable to PL/SQL injection...
Oracle DISABLE_HIERARCHY_INTERNAL procedure vulnerable to PL/SQL injection
Overview The Oracle DISABLEHIERARCHYINTERNAL procedure is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle DISABLEHIERARCHYINTERNAL procedure fails to...
Cisco IOS contains buffer overflow in VTP VLAN name handling
Overview Cisco IOS fails to properly handle specially crafted VTP summary advertisement with overly long VLAN name. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Cisco's VLAN Trunking Protocol VTP...
Microsoft Internet Explorer fails to properly handle chained Cascading Style Sheets
Overview Microsoft Internet Explorer fails to properly handle chained Cascading Style Sheets CSS. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description CSS is a mechanism for adding style to web documents. Microsoft Internet Explorer contains a vulnerabili...
Mozilla Firefox fails to properly handle the "XPCNativeWrapper(window).Function(...)"
Overview Certain Mozilla products contain a cross-site scripting vulnerability because of a vulnerability in the XPCNativeWrapper function. Description XPCNativeWrapper Per Mozilla, XPCNativeWrapper is a way to wrap up an object so that it is safe to access from privileged code. It is used to all...
Mozilla fails to properly release JavaScript references
Overview Mozilla products fail to properly release memory. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products fail to properly release JavaScript references. This may corrupt memory in a way that can allow an attacker to...
Mozilla contains a buffer overflow vulnerability in crypto.signText()
Overview Mozilla products contain a buffer overflow in the crypto.signText method. This may allow a remote attacker to execute arbitrary code. Description crypto.SignText JavaScript contains a crypto.signText method, which allows the user to digitally sign a text string. The problem The Mozilla...
Microsoft Internet Explorer fails to handle specially crafted, invalid HTML
Overview Microsoft Internet Explorer IE fails to properly handle malformed HTML. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description IE fails to properly handle specially crafted HTML. When a specially crafted, malformed HTML file is opened...
Microsoft Internet Explorer contains overflow in processing script action handlers
Overview A vulnerability in the Microsoft Internet Explorer web browser could allow a remote attacker to crash the browser or possibly execute arbitrary code on a vulnerable system. Description A programming error in the way that Internet Explorer handles multiple event handlers in an HTML elemen...
Adobe Macromedia Shockwave Player ActiveX installer buffer overflow vulnerability
Overview The ActiveX installer for Adobe Macromedia Shockwave contains a buffer overflow, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Shockwave Player Adobe Macromedia Shockwave Player is software that plays active web content...
Oracle Transparent Data Encryption master encryption key stored as plaintext
Overview Oracle Transparent Data Encryption master encryption key is stored as plaintext, which could allow an attacker to decrypt and read sensitive information within the database. Description Transparent Data Encryption TDE According to Oracle, Transparent Data Encryption "allows customers to...
Apple QuickTime fails to properly handle corrupt TGA images
Overview Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of Targa TGA image format files could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Several types of overflow...
Perl contains an integer sign error in format string processing
Overview The Perl interpreter contains a flaw that may increase the impact of format string vulnerabilities in programs written in Perl. Description Perl is a programming language used in many applications and commonly used for web applications. The Perl interpreter, which interprets and executes...
mod_ssl fails to properly enforce client certificates authentication
Overview modssl, the Apache web server module for Secure Socket Layer SSL communications, may not properly authenticate client certificates. Description modssl provides Secure Socket Layer SSL communications for the Apache web server. SSL is designed to provide the ability to encrypt and...
Apple Safari fails to perform security checks on links in rich text content
Overview Apple Safari fails to perform security checks on hyperlinks in rich text content, which may allow an attacker to execute arbitrary commands on a vulnerable system. Description Mac OS X includes the Safari web browser, which can display rich text RTF files directly. When Safari opens a ri...
Novell eDirectory iMonitor vulnerable to buffer overflow
Overview Novell eDirectory iMonitor contains a buffer overflow that can be remotely exploited to allow execution of arbitrary code or crash an affected system. Description Novell eDirectory iMonitor is a service for monitoring servers in an eDirectory installation. A buffer overflow exists in...
Computer Associates BrightStor ARCserve Backup Agents vulnerable to buffer overflow
Overview Several Computer Associates BrightStor ARCserve Backup Agents contain a buffer overflow, which may allow a remote attacker to execute arbitrary code. Description Computer Associates BrightStor ARCserve Backup is a cross-platform backup and recovery application. Backup Agents are availabl...
Microsoft Color Management Module buffer overflow during profile tag validation
Overview Microsoft Color Management Module contains a flaw that may allow an attacker to execute arbitrary code. Description The Microsoft Color Management Module provides consistent color management operations between applications and devices, and transforms between colorspaces such as 'RGB' and...
Microsoft Outlook Express vulnerable to remote code execution
Overview A vulnerability in Microsoft Outlook Express's NNTP response parsing may allow an attacker to execute arbitrary code. Description Microsoft Outlook Express contains support for Network News Transfer Protocol NNTP data, which is defined in RFC 977 and RFC 2980. A flaw in Outlook Express'...
NotifyLink web client fails to adequately restrict access to administrative functions
Overview The NotifyLink web interface contains a vulnerability that allows authenticated normal users to access functions that have been disabled by an administrator. Description Notify Technology NotifyLink Enterprise Server allows users to synchronize e-mail between a PDA and a mail server. The...
OpenConnect Webconnect read-only directory traversal vulnerability in jretest.html
Overview OpenConnect Webconnect contains a read-only directory traversal vulnerability in the file jretest.html. Description OpenConnect Webconnect provides secured web access and emulation services for backend mainframes and UNIX servers. Versions of Webconnect prior to 6.4.5 and 6.5.1 running o...
SquirrelMail may allow execution of arbitrary code
Overview SquirrelMail 1.2.6 may allow remote execution of arbitrary code via URL manipulation. Description From the SquirrelMail webpage:SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render i...
Apple Mac OS X vulnerable to information disclosure in "Message-ID" header
Overview The Mail application supplied with Apple's Mac OS X operating system identifies the system from which any electronic mail is sent. Description Mac OS X includes the Mail application for handling electronic mail. This application does include the Media Access Control MAC address of a...
Microsoft Internet Explorer vulnerable to address bar spoofing on double byte character set systems
Overview Microsoft Internet Explorer contains a vulnerability in how it processes URLs on Double Byte Character Set DBCS systems. This could allow an attacker to spoof the address of a web site. Description Microsoft Internet Explorer contains a canonicalization error when it parses special...
GdkPixbuf ICO parser contains an integer overflow vulnerability
Overview An integer overflow vulnerability exists in the ICO handling of GdkPixbuf. This vulnerability can lead to a denial-of-service condition. Description GdkPixbuf is a library used by GTK+ 2 for loading and rendering images. GTK+ is a multi-platform toolkit for creating graphical user...