Hewlett-Packard Virtual Vault OS (VVOS) contains vulnerability in mkacct program

Overview There is a vulnerability in the /sbin/mkacct program, part of Hewlett Packard's Virtual Vault Operating System VVOS. Description Virtual Vault is an environment "designed for use in the financial services, telecommunications, manufacturing, and retail industries to provide services such ...

TrendMicro InterScan WebManager contains buffer overflow in RegGo.dll

Overview A remotely exploitable buffer overflow exists in Trend Micro InterScan WebManager. Description InterScan WebManager is an application that inspects http traffic flowing into a network for known malicious code. This application also has the capability to restrict access to...

Curses library vulnerable to buffer overflow

Overview The curses library derived from System V contains a buffer overflow. A local user can execute a command that uses this library to exploit the vulnerability and gain elevated privileges. Description There is a buffer overflow in the curses library that could permit a local user to gain...

Filemaker Pro 5.0v3 and below does not adequately protect web-enabled databases

Overview FileMaker may expose data inadvertently. Description FileMaker Web Companion prior to version 5.0v4 permits unauthorized access to data even if the database manager believes that data is protected by Field Level Security. --- Impact Attackers can read information, including items such as...

MIT Kerberos 5 ksu may allow either the '-r' or '-l' time-interval parameter to overflow the stack with the characters ''d', 'h', 'm', or 's'

Overview Description From the reporter: Time-interval parsing for the "-r" and "-l" command-line options calls a library routine which uses sscanf"%d%d" and passes the address of an automatic int variable to correspond to the second %-sequence. But the % sequence needs an arbitrarily large string...

Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J

Overview A command injection vulnerability has been identified in the Wi-Fi Test Suite, a tool developed by the WiFi Alliance, which has been found deployed on Arcadyan routers. This flaw allows an unauthenticated local attacker to exploit the Wi-Fi Test Suite by sending specially crafted packets...

R Programming Language implementations are vulnerable to arbitrary code execution during deserialization of .rds and .rdx files

Overview A vulnerability in the R language that allows for arbitrary code to be executed directly after the deserialization of untrusted data has been discovered. This vulnerability can be exploited through RDS R Data Serialization format files and .rdx files. An attacker can create malicious RDS...

dotCMS contains multiple vulnerabilities

Overview The dotCMS administration panel is vulnerable to cross-site request forgery, and the "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal and arbitrary file upload. dotCMS versions 3.7.1 and earlier are affected. Description CWE-352: Cross-Site Request Forgery CSRF...

Lemur Vehicle Monitors BlueDriver LSB2 does not authenticate users for Bluetooth access

Overview The Lemur Vehicle Monitors BlueDriver is an aftermarket automotive device that connects to a vehicle's OBD-II port and provides information about the vehicle's performance. The BlueDriver does not require a PIN for Bluetooth access, which allows anyone in range to send arbitrary commands...

Impero Education Pro classroom management software vulnerable to remote code execution

Overview Impero Software Education Pro classroom management software is vulnerable to remote code execution via improper encryption and authentication mechanisms. Description CWE-321: Use of Hard-coded Cryptographic KeyCWE-329: Not Using a Random IV with CBC Mode - CVE-2015-5997 According to the...

Toshiba CHEC contains a hard-coded cryptographic key

Overview Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key. Description CWE-321: Use of Hard-coded Cryptographic Key - CVE-2014-4875Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key in the...

Blue Coat SSL Visibility Appliance contains multiple vulnerabilities

Overview Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800, versions 3.6.x to 3.8.3, contain multiple vulnerabilities. Description Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800, versions 3.6.x to 3.8.3, contain multiple vulnerabilities.CWE-352: Cross-Site...

MicroPact iComplaints cross-site scripting vulnerability

Overview MicroPact iComplaints contains a persistent cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' MicroPact iComplaints contains a persistent cross-site scripting vulnerability. The AddStdLetter.jsp file...

Huawei E355 contains a stored cross-site scripting vulnerability

Overview The Huawei E355 built-in web interface contains a stored cross-site scripting vulnerability. Description Huawei E355 wireless broadband modems include a web interface for administration and additional services. The web interface allows users to receive SMS messages using the connected...

Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability

Overview Cisco AsyncOS contains a reflected cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-3289 Cisco AsyncOS, the underlying OS for the Cisco Email Security Appliance, Web Security Applianc...

Unauthorized modification of UEFI variables in UEFI systems

Overview Certain firmware implementations may not correctly protect and validate information contained in certain UEFI variables. Exploitation of such vulnerabilities could potentially lead to bypass of security features and/or denial of service for the platform. Description As discussed in recen...

Adobe ColdFusion is vulnerable to cross-site scripting via the logviewer directory

Overview Adobe ColdFusion 10 update 11 and possibly earlier versions contain a reflected cross-site scripting XSS CWE-79 vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Adobe ColdFusion 10 update 11 and possibly earlier version...

L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack

Overview L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack, resulting in information leakage. allowing a local attacker to derive the contents of memory not belonging to the attacker. Description Common L3 CPU shared cache architecture is susceptible to a...

Corporater EPM Suite is vulnerable to cross-site request forgery and cross-site scripting

Overview Corporater EPM Suite contains cross-site request forgery CSRF CWE-352 and reflected cross-site scripting XSS CWE-79 vulnerabilities. Description CWE-352: Cross-Site Request Forgery CSRF- CVE-2013-3583Corporater EPM Suite contains a cross-site request forgery vulnerability on the...

CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent account vulnerability

Overview CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent accounts. Description According to the CoSoSys's website the Endpoint Protector 4 appliance is a DLP product used to prevent users from taking unauthorized data outside the company or bringing...

HP Business Service Management 9.12 remote code execution vulnerability

Overview The HP Business Service Management HPBSM application contains a remote code execution vulnerability. Version 9.12 has been reported to be affected but other versions may also be affected. Description HPBSM uses the JBOSS application server. In the default configuration, HPBSM contains op...

Apple Mac OS X ATS data-font memory corruption vulnerability

Overview Apple Mac OS X ATS contains a memory corruption vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple Mac OS X ATS Apple Type Services fails to properly handle malformed data-font .dfont files, resulting in...

Microsoft Windows TrueType font array indexing vulnerability

Overview A vulnerability in the Microsoft Windows TrueType font parsing component could allow an attacker to cause a denial-of-service condition in Microsoft Windows. Description The Microsoft Windows kernel includes a driver win32k.sys that handles a variety of graphics processing tasks, includi...

Wireshark DECT dissector vulnerability

Overview Wireshark's DECT dissector contains a remote code execution vulnerability in the context of the user running a packet capture or reading a packet capture file. Description Paul Makowski's report states:/epan/dissectors/packet-dect.c contains a stack-based buffer overflow via a call to...

Foolabs Xpdf contains a denial of service vulnerability

Overview Foolabs Xpdf contains a denial of service vulnerability caused by the t1lib library incorrectly parsing Type 1 fonts. Description According to Foolabs: Xpdf is an open source viewer for Portable Document Format PDF files. These are sometimes also called 'Acrobat' files, from the name of...

Adobe Shockwave 11.5.9.615 contains multiple memory corruption vulnerabilities

Overview Adobe Shockwave Player 11.5.9.615 and earlier versions on the Windows and Macintosh operating systems contain critical vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Macromedia Shockwave Player is...

Panda Security ActiveScan fails to properly validate downloaded software

Overview Panda ActiveScan fails to properly validate downloaded software, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Panda ActiveScan is an online scanner that is reported to detect malware, vulnerabilities, and unknown threats...

Cyrus SASL library buffer overflow vulnerability

Overview The Cyrus SASL library contains a buffer overflow vulnerability that could allow an attacker to execute code or cause a vulnerable program to crash. Description SASL Simple Authentication and Security Layer is a method for adding authentication support to various protocols. SASL is...

Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX control stack buffer overflow

Overview The Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX control contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Linksys WVC54GC wireless video camera provides an ActiveX control called...

Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX stack buffer overflows

Overview The Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies, which was formerly known as NCT...

Sun Java WebStart stack buffer overflow

Overview Sun Java WebStart contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Sun Java WebStart is a technology for launching stand-alone Java applications. On Microsoft Windows systems, Java WebStart ...

Yahoo! Music Jukebox Yahoo! MediaGrid ActiveX control stack buffer overflow

Overview The Yahoo! Music Jukebox Yahoo! MediaGrid ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Music Jukebox is a music player for Microsoft Windows, which includes multip...

Gesytec Easylon OPC Server fails to properly validate OPC server handles

Overview The Gesytec Easylon OPC Server contains a vulnerability that may allow a remote attacker to execute arbitary code or cause a denial-of-service condition. Description OLE for Process Control OPC is a specification for a standard set of OLE COM objects used in the process control and...

Apple QuickTime buffer overflow vulnerability

Overview Apple QuickTime contains a stack buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to execute code. Description Apple QuickTime is a media player that includes a browser plugin. QuickTime can display PICT images.From Apple Article ID: 306896 "About the...

Mozilla products vulnerable to memory corruption in the JavaScript engine

Overview A number of vulnerabilities in the Mozilla JavaScript engine may allow the execution of arbitrary code or denial of service. Description The Mozilla JavaScript engine contains several vulnerabilities that may result in memory corruption. The impact of this memory corruption in specific...

Microsoft Windows Services for UNIX privilege escalation vulnerability

Overview Microsoft Windows Services for UNIX contains a vulnerability that may allow a local, authenticated attacker to gain elevated privileges. Description Windows Services for UNIX fails to properly handle setuid binary files. An attacker may be able to trigger this vulnerability by running a...

MIT Kerberos 5 kadmind privilege escalation vulnerability

Overview MIT Kerberos kadmind contains a privilege escalation vulnerability that may allow an authenticated attacker to execute code with root privileges. Description Kerberos is a network authentication system that uses a trusted third party to authenticate clients and servers to each other. It ...

Microsoft Windows Vista Feed Headlines Gadget vulnerability

Overview The Windows Vista Feed Headlines gadget contains a vulnerability that may allow and attacker to execute code. Description From Microsoft Security Bulletin MS07-048:Gadgets are mini-applications designed to provide the user with information or utilities. Windows Vista treats gadgets simil...

Mozilla Firefox URI filtering vulnerability

Overview Mozilla Firefox does not filter input when sending certain URIs to registered protocol handlers. This may allow a remote, authenticated attacker to use Firefox as a vector for executing commands on a vulnerable system. Description A Uniform Resource Identifier URI is a string of characte...

SAP DB Web Server buffer overflow vulnerability

Overview The SAP Web Server contains a vulnerability that may allow an attacker to execute arbitrary code or cause a denial-of-service condition. Description SAP DB is a database server that includes a series of web-based configuration tools.A stack based buffer overlfow exists in the SAP DB web...

Novell NetWare NFS denial of service vulnerability

Overview The Novell NetWare NFS mount daemon contains a denial of service vulnerability. Description Network File System NFS is an ONC RPC based file and print sharing protocol. Novell Netware includes support for the NFS protocol.From Novell Support Document 3008097: If an NFS client attempts a...

Apple WebCore XMLHttpRequest fails to properly serialize headers into an HTTP request

Overview Apple WebCore fails to properly serialize headers into an HTTP request, which can cause a cross-domain security violation. Description Apple WebCore is one of the components of the WebKit web browser engine that is used by Safari, Dashboard, Mail, and other applications. WebCore provides...

Apple Mac OS X iChat UPnP buffer overflow

Overview A vulnerabilty in the way Apple Mac OS X iChat handles specially crafted UPnP packets may allow execution of arbitrary code or denial of service. Description Apple iChat contains a vulnerability that could be exploited by an attacker on the local network when it attempts to handle...

McAfee ePolicy Orchestrator and ProtectionPilot ActiveX control buffer overflow vulnerability

Overview A vulnerability in an ActiveX control provided with the McAfee ePolicy Orchestrator and ProtectionPilot software could allow a remote attacker to execute arbitrary code on an affected system. Description The McAfee ePolicy Orchestrator and ProtectionPilot are applications that are design...

Apple QuickTime fails to properly process specially crafted MIDI files

Overview The Apple Quicktime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description Apple QuickTime contains a heap buffer overflow vulnerability. This vulnerability may allow an...

Microsoft Internet Explorer fails to properly interpret certain responses from FTP servers

Overview A vulnerability in the way Microsoft Internet Explorer handles responses from FTP servers may lead to execution of arbitrary code. Description Microsoft Internet Explorer contains an unspecified vulnerability that could be exploited when it attempts to interpret responses from FTP server...

Apple Mac OS X UserNotificationCenter privilege escalation vulnerability

Overview Apple's UserNotificationCenter contains a vulnerability that may allow local users to gain elevated privileges. Description The Apple UserNotificationCenter contains a privilege escalation vulnerability. This vulnerability occurs because the Apple UserNotificationCenter runs with elevate...

Samba AFS ACL mapping VFS plug-in format string vulnerability

Overview Samba AFS ACL mapping VFS plug-in contains a format string vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Samba AFS ACL mapping VFS plug-in fails to properly sanitize user-controlled file names that are used in ...

Mozilla LiveConnect vulnerable to crash finalizing JS objects

Overview A vulnerability exists in the Mozilla LiveConnect that may allow a remote attacker to cause a denial of service. Description Mozilla LiveConnect, which allows communication between Java applets and web JavaScript, contains a vulnerability in the way freed objects are re-used that may...

Cisco Secure Access Control Server vulnerable to a stack-based buffer overflow via a specially crafted "HTTP GET" request

Overview A vulnerability in the web administrative server supplied with Cisco Secure ACS products could allow a remote attacker to execute arbitrary code on an affected system. Description Cisco Secure ACS is a Remote Access Dial-In User Service RADIUS and Terminal Access Controller Access Contro...