Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2006/10/11 12:0 a.m.33 views

Microsoft Office fails to properly parse malformed chart records

Overview A vulnerability in the way Microsoft Office parses files containing malformed chart records may lead to execution of arbitrary code. Description Microsoft Office fails to properly handle malformed chart records. According to Microsoft Security Bulletin MS06-062:When Office opens a...

9.3CVSS7AI score0.36791EPSS
Exploits0References1
CERT
CERT
added 2006/09/27 12:0 a.m.33 views

Cisco IOS fails to properly verify the VTP configuration revision number

Overview Cisco IOS fails to properly verify the VTP configuration revision number. This vulnerability may allow a remote, unauthenticated attacker to prevent changes to the VLAN database from being properly propagated throughout the VTP domain. Description Cisco's VLAN Trunking Protocol VTP...

7.8CVSS6AI score0.04752EPSS
Exploits0References5
CERT
CERT
added 2006/09/19 12:0 a.m.33 views

gzip contains a buffer underflow

Overview The gzip program contains a buffer underflow vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition. Description The gzip program is used to compress and decompress archived files.A buffer underflow vulnerability exists in gzip. An...

7.5CVSS7AI score0.0551EPSS
Exploits1References2
CERT
CERT
added 2006/09/19 12:0 a.m.33 views

gzip contains an array out-of-bounds vulnerability in make_table()

Overview The gzip program contains a stack modification vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition.. Description The gzip program is used to compress and decompress archived files.A stack modification vulnerability exists in gzip. A...

7.5CVSS6.8AI score0.05478EPSS
Exploits1References2
CERT
CERT
added 2006/09/07 12:0 a.m.33 views

Microsoft Word 2000 malformed record vulnerability

Overview Microsoft Word 2000 contains a memory corruption vulnerability. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running Word 2000. Description Microsoft Word 2000 fails to properly handle malformed records leadin...

9.3CVSS7.1AI score0.32762EPSS
Exploits0References4
CERT
CERT
added 2006/08/02 12:0 a.m.33 views

Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted GIF image

Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to process...

5.1CVSS7.7AI score0.02636EPSS
Exploits1References2
CERT
CERT
added 2006/06/28 12:0 a.m.33 views

Apple Mac OS X Open Directory server vulnerable to DoS via an invalid LDAP request

Overview Apple has reported a vulnerability in their version of OpenLDAP that is included in Apple Mac OS X and Mac OS X Server versions 10.4 to 10.4.6. If successfully exploited, this vulnerability would allow an attacker to create a denial-of-service condition. Description OpenLDAP is a popular...

5CVSS6.3AI score0.08042EPSS
Exploits1References3
CERT
CERT
added 2006/06/02 12:0 a.m.33 views

Mozilla contains a buffer overflow vulnerability in crypto.signText()

Overview Mozilla products contain a buffer overflow in the crypto.signText method. This may allow a remote attacker to execute arbitrary code. Description crypto.SignText JavaScript contains a crypto.signText method, which allows the user to digitally sign a text string. The problem The Mozilla...

5CVSS7AI score0.04907EPSS
Exploits0References5
CERT
CERT
added 2006/06/02 12:0 a.m.33 views

Mozilla may process content-defined setters on object prototypes with elevated privileges

Overview Mozilla allows content-defined setters on object prototypes to execute with elevated privileges. This may allow a remote attacker to execute arbitrary code. Description Setters A setter is a method in JavaScript that sets the value of a property. The problem The setters in Mozilla are...

7.5CVSS6.4AI score0.06243EPSS
Exploits0References4
CERT
CERT
added 2006/04/17 12:0 a.m.33 views

Mozilla JavaScript security bypass vulnerability

Overview Mozilla products fail to properly enforce security restrictions in JavaScript. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to Mozilla Foundation Security Advisory 2006-28:The security check in jsValueToFunctionObject ca...

9.3CVSS7AI score0.06711EPSS
Exploits0References1
CERT
CERT
added 2006/03/29 12:0 a.m.33 views

Symantec VERITAS NetBackup Volume Manager daemon buffer overflow

Overview The Symantec VERITAS NetBackup Volume Manager daemon contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Symantec VERITAS NetBackup Symantec VERITAS NetBackup is a client/server based backup software solution...

9CVSS7.4AI score0.07927EPSS
Exploits4References3
CERT
CERT
added 2006/02/15 12:0 a.m.33 views

IBM Lotus Notes ZIP file handling buffer overflow

Overview IBM Lotus Notes contains a buffer overflow when handling a ZIP file with a large file name. This could allow a remote attacker to execute arbitrary code on a vulnerable system. Description IBM Lotus Notes is an integrated client application that provides functionality including email,...

9.3CVSS7.4AI score0.07922EPSS
Exploits8References3
CERT
CERT
added 2006/01/10 12:0 a.m.33 views

Microsoft embedded web font buffer overflow

Overview A heap-based buffer overflow in the way Microsoft Windows processes embedded web fonts may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows contains a heap-based buffer overflow in a routine that processes embedded w...

9.3CVSS7.2AI score0.32189EPSS
Exploits0References2
CERT
CERT
added 2005/10/13 12:0 a.m.33 views

Microsoft Windows FTP client does not properly validate received file names

Overview An input validation error in the Microsoft Windows FTP Client may allow a remote attacker to write files to arbitrary locations and may allow the execution of arbitrary code. Description The Microsoft Windows FTP Client does not properly validate the names of received files. If a remote...

2.6CVSS7.1AI score0.1383EPSS
Exploits0References2
CERT
CERT
added 2005/07/13 12:0 a.m.33 views

WebEOC contains multiple SQL injection vulnerabilities

Overview WebEOC contains multiple SQL injection vulnerabilities that may allow attackers to execute sql queries, potentially viewing or modifying data, or executing database commands. Description WebEOC is a web-based crisis information management application that provides functions to gather,...

7.5CVSS7.3AI score0.01225EPSS
Exploits0References3
CERT
CERT
added 2005/07/06 12:0 a.m.33 views

Apple Web Kit-based browsers may allow remote access to local filesystem contents

Overview Web browsers based on AppleWebKit may allow remote web sites to reference content on the local filesystem. This may allow an attacker to execute script within the security context of the local machine. Description Web browsers that allow remote web sites to reference content that resides...

5CVSS6AI score0.0182EPSS
Exploits1References8
CERT
CERT
added 2005/05/16 12:0 a.m.33 views

Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs

Overview Apple Mac OS X Directory Service utilities use external programs insecurely, potentially allowing an attacker to execute arbitrary code. Description The OS X Directory Services have three utilities chpass, chfn, and chsh to update information in the user database, such as user name,...

7.2CVSS7AI score0.00764EPSS
Exploits0References5
CERT
CERT
added 2005/04/12 12:0 a.m.33 views

Microsoft Word contains a buffer overflow vulnerability

Overview Microsoft Word contains a vulnerability that may result in the execution of code on the system with the privileges of the current user. Description Microsoft Word contains a vulnerability that may be exploited by opening a maliciously-crafted word document. Successful exploitation would...

10CVSS7.2AI score0.32659EPSS
Exploits0References1
CERT
CERT
added 2005/03/17 12:0 a.m.33 views

NotifyLink web client fails to adequately restrict access to administrative functions

Overview The NotifyLink web interface contains a vulnerability that allows authenticated normal users to access functions that have been disabled by an administrator. Description Notify Technology NotifyLink Enterprise Server allows users to synchronize e-mail between a PDA and a mail server. The...

4.6CVSS6.2AI score0.00658EPSS
Exploits0References3
CERT
CERT
added 2005/01/27 12:0 a.m.33 views

Apple Mac OS X vulnerable to buffer overflow in ColorSync ICC color profile handling

Overview Apple's Mac OS X operating system contains a flaw in the handling of ICC color profiles, which may allow arbitrary code execution through a heap-based buffer overflow. Description The Apple Mac OS X operating system contains support for ICC color profiles in the ColorSync component. This...

7.5CVSS7.7AI score0.03404EPSS
Exploits0References2
CERT
CERT
added 2005/01/25 12:0 a.m.33 views

BIND 8.4.4 and 8.4.5 vulnerable to buffer overflow in q_usedns

Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A buffer overflow err...

5CVSS7AI score0.11448EPSS
Exploits0References2
CERT
CERT
added 2004/12/17 12:0 a.m.33 views

Samba vulnerable to integer overflow processing file security descriptors

Overview Samba contains an integer overflow vulnerability in code that processes file security descriptors. This could allow an authenticated, remote attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Description Samba is an open-source implementation of...

10CVSS7.8AI score0.13196EPSS
Exploits0References8
CERT
CERT
added 2004/12/07 12:0 a.m.33 views

XFree86 vulnerable to buffer overflow via error in 'ReadFontAlias()' function

Overview XFree86 contains a vulnerability in the parsing of the 'fonts.alias' file, which could be exploited by a local user to execute arbitrary code with elevated privileges. Description XFree86 contains a flaw during the processing of the 'fonts.alias' file. XFree86 is an implementation of the...

10CVSS7AI score0.24863EPSS
Exploits1References4
CERT
CERT
added 2004/10/13 12:0 a.m.33 views

Microsoft Windows kernel fails to reset values in CPU data structures

Overview A vulnerability in the Microsoft Windows kernel could allow an attacker to cause a denial-of-service condition. Description The Microsoft Windows kernel is responsible for handling processor resources and system services such as device and memory management. There is a vulnerability in t...

2.1CVSS5.9AI score0.01926EPSS
Exploits0References4
CERT
CERT
added 2004/10/01 12:0 a.m.33 views

GdkPixbuf ICO parser contains an integer overflow vulnerability

Overview An integer overflow vulnerability exists in the ICO handling of GdkPixbuf. This vulnerability can lead to a denial-of-service condition. Description GdkPixbuf is a library used by GTK+ 2 for loading and rendering images. GTK+ is a multi-platform toolkit for creating graphical user...

5CVSS7.3AI score0.05867EPSS
Exploits0References4
CERT
CERT
added 2004/08/24 12:0 a.m.33 views

Mac OS X Safari "Show in Finder" option may allow arbitrary file execution

Overview Mac OS X Safari "Show in Finder" option may automatically open and execute downloaded files. This could allow an attacker to execute arbitrary code. Description Safari is the default web browser for Mac OS X. Safari has a "Show in Finder" option to allow users to automatically reveal the...

10CVSS6.9AI score0.0484EPSS
Exploits0References2
CERT
CERT
added 2004/08/17 12:0 a.m.33 views

CVS "history" command may disclose sensitive information

Overview A vulnerability exists in the history command of Concurrent Versions System CVS. If exploited, this vulnerability could disclose sensitive information about files and directories on an affected system to a remote, authenticated CVS user. Description Concurrent Versions System CVS is a...

5CVSS6.2AI score0.024EPSS
Exploits0References3
CERT
CERT
added 2004/04/16 12:0 a.m.33 views

FTE fails to properly validate environment variables

Overview FTE contains a vulnerability in the processing of certain environment variables that could allow an attacker to execute arbitrary code. Description FTE is a text editor available for a variety of operating systems. There is a buffer overflow vulnerability in the way FTE performs bounds...

10CVSS7.1AI score0.0517EPSS
Exploits0References7
CERT
CERT
added 2004/03/30 12:0 a.m.33 views

Cisco 6000/6500/7600 series systems fail to properly process layer 2 frames

Overview Cisco 6000/6500/7600 series systems with Multilayer Switch Feature Card 2 MSFC2 fail to properly process layer 2 frames. Description Cisco 6000/6500/7600 series systems with MSFC2 contain a vulnerability in the way layer 2 frames are processed in software. By sending a specially crafted...

4.7CVSS6.1AI score0.01101EPSS
Exploits0References9
CERT
CERT
added 2004/01/21 12:0 a.m.33 views

Microsoft Exchange Server 2003 fails to assign user credentials to proper mailbox

Overview A flaw in the authentication mechanism that Microsoft Exchange Server 2003 uses for Outlook Web Access users in some configurations could expose another user's mailbox. Description Outlook Web Access OWA is a feature of Microsoft Exchange Server 2003. By using OWA, a server that is runni...

6CVSS6.1AI score0.08162EPSS
Exploits0References3
CERT
CERT
added 2004/01/19 12:0 a.m.33 views

Microsoft Data Access Components (MDAC) contains buffer overflow

Overview Microsoft Data Access Components MDAC contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code or cause a denial of service. Description From Microsoft Security Bulletin MS04-003:Microsoft Data Access Components MDAC is a collection of...

10CVSS8AI score0.37494EPSS
Exploits0References8
CERT
CERT
added 2004/01/19 12:0 a.m.33 views

OpenCA libCheckSignature function fails to properly verify the signature of certificates

Overview OpenCA may accept a signature from a certificate if the certificate's chain is trusted by the chain directory of OpenCA. Description The OpenCA PKI Development Project is a Certification Authority. A vulnerability exists in the way the libCheckSignature function compares the certificate ...

7.5CVSS6AI score0.0209EPSS
Exploits0References3
CERT
CERT
added 2004/01/16 12:0 a.m.33 views

tcpdump contains vulnerability in RADIUS decoding function print_attr_string() in print-radius.c

Overview tcpdump contains a vulnerability in the way it parses Remote Authentication Dial In User Service RADIUS packets. Description tcpdump is a widely used network sniffer that is capable of decoding RADIUS packets. A vulnerability exists in the way the tcpdump printattrstring function in...

5CVSS7.6AI score0.03629EPSS
Exploits1References7
CERT
CERT
added 2003/11/04 12:0 a.m.33 views

Multiple vulnerabilities in S/MIME implementations

Overview Multiple vulnerabilities exist in different vendors' S/MIME Secure/Multipurpose Internet Mail Extensions implementations. The impacts of these vulnerabilities are varied and range from denial of service to potential remote execution of arbitrary code. Description The U.K. National...

5CVSS9.3AI score0.07643EPSS
Exploits0References3
CERT
CERT
added 2003/08/19 12:0 a.m.33 views

HP-UX "passwd" utility may corrupt password file

Overview The HP-UX "passwd" utility contains a denial-of-service vulnerability. Description The HP-UX "passwd" utility is used to make changes to a user's authentication credentials. A vulnerability in "passwd" may allow a local attacker to corrupt the password file. --- Impact An attacker may be...

2.1CVSS6.6AI score0.00627EPSS
Exploits0References2
CERT
CERT
added 2003/06/23 12:0 a.m.33 views

Cisco VPN 3000 Concentrator may allow access to internal hosts when IPsec over TCP is enabled

Overview A vulnerability in some Cisco Virtual Private Network VPN products could allow a remote attacker to access systems that should not be accessible. Description The Cisco VPN 3000 Series Concentrators and the Cisco VPN 3002 Hardware Clients are Virtual Private Network VPN platforms designed...

7.5CVSS6.8AI score0.02158EPSS
Exploits0References2
CERT
CERT
added 2003/06/04 12:0 a.m.33 views

Mac OS X LDAP plugins transmit user credentials in clear text

Overview Versions 10.2 and later of Apple's MacOS X operating system include support for the Lightweight Directory Access Protocol LDAP. A vulnerability in the way some of these versions of MacOS X handle authentication in certain environments could expose user's passwords in plaintext as they're...

7.5CVSS6.2AI score0.01433EPSS
Exploits1References3
CERT
CERT
added 2003/04/30 12:0 a.m.33 views

ScriptLogic RunAdmin service can allow users to gain administrative access

Overview There is a vulnerability in version 4.01 of ScriptLogic that may allow local or domain users to gain administrative access to workstations running the ScriptLogic RunAdmin service. Description The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabiliti...

8.1AI score
Exploits0References1
CERT
CERT
added 2003/04/17 12:0 a.m.33 views

Buffer Overflow in mod_ssl

Overview A buffer overflow exists in modssl. Description modssl is an Apache module that allows secure connections over X.509 authenticated channels. A buffer overflow exists in the sslcompatdirective function. For more detailed information, please see the original vulnerability report. --- Impac...

7.8CVSS7.8AI score0.011EPSS
Exploits0References4
CERT
CERT
added 2003/04/02 12:0 a.m.33 views

IBM AIX "secldapclntd" daemon authentication vulnerability

Overview A vulnerability in the secldapclntd daemon in IBM's AIX operating system could allow unauthorized remote users to modify accounts on the system. Description According to the IBM bulletin for this issue:"The secldapclntd daemon accepts requests from the LDAP load module, forwards requests...

7.5CVSS6.3AI score0.02132EPSS
Exploits0References4
CERT
CERT
added 2003/03/11 12:0 a.m.33 views

The ISS RealSecure Network Sensor fails to properly process certain types of DHCP traffic.

Overview ISS RealSecure Network Sensor "informational signatures" fail to properly process certain types of DHCP traffic, thereby causing the sensor to crash. Description The ISS RealSecure Network Sensor fails to properly process certain types of DHCP traffic. If the sensor processes certain typ...

5CVSS6.1AI score0.02468EPSS
Exploits0References3
CERT
CERT
added 2003/02/12 12:0 a.m.33 views

Apache allows arbitrary code execution via crafted POST request containing MS-DOS device name

Overview Due to a flaw in the Apache web server's handling of MS-DOS device names, an attacker may be able to remotely execute code on systems running the Apache web server under some versions of Microsoft Windows. Description The Apache HTTP server fails to filter POST requests for MS-DOS style...

7.5CVSS6.8AI score0.15471EPSS
Exploits0References1
CERT
CERT
added 2003/01/21 12:0 a.m.33 views

Microsoft Virtual Machine incorrectly parses the domain portion of URLs containing a colon

Overview Some versions of the Microsoft virtual machine Microsoft VM contain a flaw that could allow untrusted Java applets from an attacker's site to be run instead of the trusted applet from the intended site. Description The Microsoft virtual machine Microsoft VM enables Java programs to run o...

7.5CVSS6AI score0.20503EPSS
Exploits0References2
CERT
CERT
added 2003/01/13 12:0 a.m.33 views

Lotus Domino web server vulnerable to buffer overflow via long HTTP authentication header containing non-ASCII characters

Overview A remotely exploitable buffer overflow exists in versions of IBM's Lotus Domino web server prior to R5.0.10. Description A remotely exploitable buffer overflow exists in the Lotus Domino web server. The overflow can occur as the result of an overly long HTTP Authenticate header containin...

8AI score
Exploits0References2
CERT
CERT
added 2002/12/10 12:0 a.m.33 views

wget contains directory traversal vulnerability

Overview The wget utility contains directory traversal vulnerabilities that allow a malicious FTP server to overwrite files on the client host. Description In a typical file transfer operation, one participant the client requests a file while a second participant the server provides the requested...

5CVSS6AI score0.04249EPSS
Exploits0References1
CERT
CERT
added 2002/10/01 12:0 a.m.33 views

Microsoft Windows XMLHTTP component allows remote access to local data sources

Overview The Microsoft XMLHTTP ActiveX control allows unauthorized reading of any known file on a system. A victim must be enticed to visit a malicious site in order to be attacked. Description Description from MS02-008:Microsoft XML Core Services MSXML includes the XMLHTTP ActiveX control, which...

5CVSS5.5AI score0.19175EPSS
Exploits0References5
CERT
CERT
added 2002/09/27 12:0 a.m.33 views

Alchemy Eye HTTP Server does not adequately validate user input thereby allowing remote command execution

Overview Alchemy Eye does not properly validate HTTP requests, allowing arbitrary command execution. Description Alchemy Eye includes an HTTP server for remote system monitoring and control. In versions 2.0 through 2.6 of Alchemy Eye, the HTTP server component does not adequately validate HTTP...

7.5CVSS7.3AI score0.02966EPSS
Exploits0References4
CERT
CERT
added 2002/09/26 12:0 a.m.33 views

DansGuardian content filtering proxy fails to adequately validate user input thereby allowing user to access restricted site via hex encoded URLs

Overview DansGuardian does not properly filter Description DansGuardian is an HTTP proxy server based on Squid and enhanced to filter web content. DansGuardian does not properly process URLs that contain certain unspecified hexadecimal encodings, resulting in incomplete filtering of HTTP response...

7.1AI score
Exploits0References1
CERT
CERT
added 2002/08/28 12:0 a.m.33 views

Sun Solaris ptexec does not adequately validate argument passed via -o option

Overview The Sun Solaris ptexec command is subject to a buffer overflow due to not adequately validating arguments passed via the -o option. Description A locally exploitable buffer overflow exists in the ptexec command which is included in the SUNWvts package. This package is not included in the...

7.2CVSS7.6AI score0.01009EPSS
Exploits1References3
CERT
CERT
added 2002/08/20 12:0 a.m.33 views

FreeBSD privilege elevation vulnerability

Overview A locally exploitable privilege elevation vulnerability exists in FreeBSD. Description A locally exploitable privilege elevation vulnerability exists in FreeBSD. For more information, please see the Pine Internet Security Advisory. --- Impact A local user can gain root privileges. ---...

7.2CVSS5.9AI score0.01552EPSS
Exploits1References5
Total number of security vulnerabilities3704