Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
•added 2006/07/11 12:0 a.m.•32 views

Microsoft Office fails to properly handle PNG images

Overview Microsoft Office applications fail to properly handle PNG images. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office applications fail to properly parse PNG images. When an Office document containing a malformed P...

9.3CVSS7.1AI score0.15226EPSS
Exploits0References1
CERT
CERT
•added 2006/06/27 12:0 a.m.•32 views

Gracenote CDDB ActiveX control buffer overflow

Overview The Gracenote CDDB ActiveX control contains a buffer overflow vulnerability, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description CDDB CDDB CD Data Base is an internet database provided by Gracenote. CDDB contains track lists and other informati...

9.3CVSS7.3AI score0.1096EPSS
Exploits0References13
CERT
CERT
•added 2006/06/16 12:0 a.m.•32 views

Microsoft Excel vulnerability

Overview An unspecified vulnerability in Microsoft Excel could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel contains a vulnerability that could be exploited when Excel opens a specially crafted document. It is possible that the vulnerability can ...

9.3CVSS7.4AI score0.41113EPSS
Exploits0References8
CERT
CERT
•added 2006/05/18 12:0 a.m.•32 views

WeOnlyDo! Software wodSSHServer ActiveX component fails to properly validate key exchange algorithm strings

Overview The WeOnlyDo! Software wodSSHServer ActiveX component fails to properly validate the length of key exchange algorithm strings. This may allow a remote, unauthenticated attacker to execute arbitrary code. Description wodSSHServerActiveX component According to the wodSSHServer ActiveX...

7.5CVSS7.1AI score0.71375EPSS
Exploits11References5
CERT
CERT
•added 2006/04/17 12:0 a.m.•32 views

Mozilla products vulnerable to memory corruption via a particular sequence of HTML tags

Overview A vulnerability in the way Mozilla products and derivative programs handle certain HTML tags could allow a remote attacker to execute arbitrary code on a vulnerable system. Description A vulnerability has been discovered in the way that Mozilla and derived programs handle certain HTML...

9.3CVSS6.8AI score0.10487EPSS
Exploits0References3
CERT
CERT
•added 2006/04/11 12:0 a.m.•32 views

Microsoft Internet Explorer may automatically execute HTA files

Overview Microsoft Internet Explorer IE fails to properly handle HTA files. This vulnerability may allow a remote attacker to execute arbitrary code. Description HTML Application HTA HTML Applications HTAs are HTML documents that are executed as trusted applications. HTAs can run script, Java, or...

7.5CVSS6.7AI score0.5512EPSS
Exploits0References4
CERT
CERT
•added 2006/01/31 12:0 a.m.•32 views

Winamp fails to properly handle playlists with long "file" parameter

Overview Winamp contains a buffer overflow vulnerability when processing a playlist that has a long file parameter. This may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Winamp Winamp is a media player for Microsoft Windows systems. It can...

7.6CVSS7AI score0.74506EPSS
Exploits8References9
CERT
CERT
•added 2006/01/16 12:0 a.m.•32 views

Clam AntiVirus vulnerable to memory corruption via specially crafted UPX packed file

Overview A vulnerability in the ClamAV antivirus toolkit may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Clam AntiVirus is an antivirus toolkit for Unix-like systems that is commonly integrated with mail servers for email attachment scanning. It supports ...

7.5CVSS7AI score0.10094EPSS
Exploits0References5
CERT
CERT
•added 2005/12/31 12:0 a.m.•32 views

Research in Motion (RIM) BlackBerry Handheld web browser does not properly handle Java Application Description (JAD) files

Overview The Research in Motion RIM BlackBerry Handheld web browser is vulnerable to a denial of service via a specially crafted Java Application Description JAD file. Description The BlackBerry Handheld web browser does not properly handle malformed JAD files. JAD files in J2ME are used to...

2.6CVSS6.8AI score0.02582EPSS
Exploits0References3
CERT
CERT
•added 2005/10/26 12:0 a.m.•32 views

Skype VCARD handling routine contains a buffer overflow

Overview A buffer overflow in the way Skype handles imported VCARDs may allow a remote attacker to execute code on a vulnerable system. Description Skype software provides telephone service over IP networks. Skype fails to properly validate imported VCARDs, allowing a buffer overflow to occur. Th...

9.3CVSS7.5AI score0.0587EPSS
Exploits0References3
CERT
CERT
•added 2005/10/21 12:0 a.m.•32 views

Oracle HTTP Server vulnerability

Overview An unspecified vulnerability in Oracle's HTTP Server Apache may allow a remote, unauthenticated attacker to compromise system confidentiality, integrity, and availability. Description Oracle Application Server and Database Server includes Apache as an HTTP server. There is an vulnerabili...

6.6AI score
Exploits0References3
CERT
CERT
•added 2005/10/11 12:0 a.m.•32 views

Microsoft Windows Shell fails to handle shortcut files properly

Overview Microsoft Windows Shell does not properly handle some shortcut files and may permit arbitrary code execution when a specially-crafted file is opened. Description Microsoft Windows supports files that point to another file, called "shortcut" files. These files have the .lnk extension, and...

10CVSS7.2AI score0.42749EPSS
Exploits0References1
CERT
CERT
•added 2005/08/04 12:0 a.m.•32 views

Computer Associates BrightStor ARCserve Backup Discovery Service SERVICEPC vulnerable to buffer overflow

Overview The Computer Associates BrightStor ARCserve Backup Discovery Service contains a buffer overflow, which may allow a remote attacker to execute arbitrary code. Description Computer Associates BrightStor ARCserve Backup is a cross-platform backup and recovery application. The ARCserve Backu...

8.5AI score
Exploits0References5
CERT
CERT
•added 2005/07/13 12:0 a.m.•32 views

MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function

Overview An unauthenticated attacker can cause krb5recvauth function to free a block of memory twice, possibly leading to arbitrary code execution. Description Kerberos is a network authentication system that uses a trusted third party a KDC to authenticate clients and servers to each other. It i...

9.8CVSS9.9AI score0.11012EPSS
Exploits0References1
CERT
CERT
•added 2005/06/24 12:0 a.m.•32 views

VERITAS Backup Exec remote registry access validation vulnerability

Overview VERITAS Backup Exec contains a remote registry access validation vulnerability. Description VERITAS Backup Exec is a data backup and recovery solution with support for over the network backup.An access validation vulnerability in Backup Exec for Windows allows remote attackers to access...

10CVSS6.9AI score0.54155EPSS
Exploits2References7
CERT
CERT
•added 2005/06/08 12:0 a.m.•32 views

Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes

Overview Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes. This may allow a remote, unauthenticated attacker to access the private network. Description Easy VPN Server Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing...

7.5CVSS6.6AI score0.01444EPSS
Exploits0References8
CERT
CERT
•added 2005/05/10 12:0 a.m.•33 views

Mozilla fails to properly prevent "JavaScript:" URIs containing "eval()" from being executed in the context of other URIs in the history list

Overview Mozilla fails to properly restrict the execution of javascript: URIs. The impact is similar to that of a cross-site scripting vulnerability, which allows an attacker to access data in other sites. Description Mozilla uses a same origin security model to maintain separation between browse...

5.1CVSS5.7AI score0.16697EPSS
Exploits1References16
CERT
CERT
•added 2005/05/09 12:0 a.m.•32 views

Apple Cocoa applications vulnerable to denial of service via malformed TIFF image

Overview Apple Mac OS X applications using the Cocoa environment may quit due to an unhandled exception in TIFF image handling routines. Description Mac OS X applications may take advantage of the Cocoa programming environment, which is described by Apple as "an object-oriented application...

4.9CVSS6.1AI score0.00351EPSS
Exploits0References2
CERT
CERT
•added 2005/02/21 12:0 a.m.•32 views

WinAmp contains a flaw in metadata handling in .mpa and .mp4 files

Overview WinAmp contains a flaw which may allow an attacker to crash WinAmp remotely via .mpa or .mp4 files. Description Nullsoft's WinAmp Player, a popular multimedia system for Microsoft Windows, contains a flaw in the handling of the metadata called "tags" contained within .mpa and .mp4 files...

7AI score
Exploits0References2
CERT
CERT
•added 2005/02/09 12:0 a.m.•32 views

SquirrelMail vulnerable to command injection because of flawed input checking in S/MIME plug-in

Overview SquirrelMail contains a flaw in its S/MIME plug-in certificate handling routines which may allow arbitrary code to be remotely executed. Description From the SquirrelMail web page:SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for...

7.5CVSS7.2AI score0.04212EPSS
Exploits0References2
CERT
CERT
•added 2005/02/09 12:0 a.m.•32 views

Microsoft DHTML Drag-and-Drop events insufficiently validated

Overview Microsoft DHTML Drag-and-Drop events can manipulate windows to copy objects from one domain to another, including the Local Machine Zone. This vulnerability could allow an attacker to write arbitrary files to the local file system. Description Microsoft Drag-and-Drop events do not proper...

7.5CVSS6.4AI score0.6349EPSS
Exploits1References6
CERT
CERT
•added 2005/01/14 12:0 a.m.•32 views

Apple iTunes fails to properly handle overly long URLs in playlists

Overview A buffer overflow vulnerability in iTunes could allow a remote attacker to execute arbitrary code. Description Apple iTunes is a digital media player available for the Microsoft Windows and Mac OS X operating systems. It supports a variety of playlist formats including .m3u and .pls. A...

7.5CVSS7.5AI score0.69005EPSS
Exploits4References3
CERT
CERT
•added 2004/12/01 12:0 a.m.•32 views

LibTIFF vulnerable to denial-of-service condition

Overview An Integer overflow in the LibTIFF library may allow a remote attacker to cause a divide-by-zero error that results in a denial-of-service condition. Description LibTIFF is a library used to encode and decode images in Tag Image File Format TIFF format. An integer overflow in the...

9.5AI score
Exploits0References5
CERT
CERT
•added 2004/11/23 12:0 a.m.•32 views

Sun Java Plug-in fails to restrict access to private Java packages

Overview There is a vulnerability in the Sun Java Plug-in that could allow a malicious Java applet to bypass restrictions for untrusted applets. Description The Java Plug-in is part of the Java 2 Runtime Environment JRE and establishes a framework for displaying Java applets within a web browser...

9.3CVSS5.7AI score0.17018EPSS
Exploits0References9
CERT
CERT
•added 2004/10/08 12:0 a.m.•32 views

FreeBSD syscons fails to properly validate input in "CONS_SCRSHOT" ioctl

Overview The FreeBSD syscons CONSSCRSHOT ioctl does not sufficiently validate input for the function's arguments. This may cause the disclosure of arbitrary portions of kernel memory that may contain sensitive information. Description Syscons is the default console driver for FreeBSD. It provides...

4.6CVSS6AI score0.00422EPSS
Exploits0References5
CERT
CERT
•added 2004/10/01 12:0 a.m.•32 views

The zlib compression library is vulnerable to a denial-of-service condition

Overview Un-handled error conditions in the zlib compression library may allow an attacker to cause a denial-of-service condition. Description There is a vulnerability in the error handling mechanisms of the decompression functions in the zlib compression library. The decompression functions...

2.1CVSS7.5AI score0.00476EPSS
Exploits0References4
CERT
CERT
•added 2004/09/15 12:0 a.m.•32 views

Microsoft Office WordPerfect 5.x Converter contains a buffer overflow vulnerability

Overview A buffer overflow vulnerability in the Microsoft Office WordPerfect 5.x Converter could allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Office WordPerfect 5.x Converter allows users to convert documents in WordPerfect format to Microsof...

7.5CVSS7.6AI score0.42337EPSS
Exploits0References7
CERT
CERT
•added 2004/09/10 12:0 a.m.•32 views

Microsoft Internet Explorer window.createPopup() method creates chromeless windows

Overview The Internet Explorer IE window.createPopup method creates chromeless popup windows. These windows can be used to spoof the user interface in Internet Explorer, any Windows application, or the Windows desktop. Description The visible area of a web browser window can be categorized into t...

5CVSS6.2AI score0.50549EPSS
Exploits1References8
CERT
CERT
•added 2004/08/11 12:0 a.m.•32 views

Microsoft Outlook Web Access contains vulnerability in HTML redirection query

Overview A cross-site scripting vulnerability in Microsoft Exchange 5.5 Outlook Web Access OWA could allow an attacker to execute arbitrary scripting code in the victim's browser. Description Outlook Web Access OWA is a component of Microsoft Exchange. By using OWA, a server that is running...

4.3CVSS5.9AI score0.20982EPSS
Exploits0References5
CERT
CERT
•added 2004/05/13 12:0 a.m.•32 views

Multiple Symantec firewall products contain a buffer overflow in the processing of DNS resource records

Overview There is a buffer overflow vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted Domain Name Service DNS packet could allow an unauthenticated, remote attacker to execute arbitrary code with kernel privileges. Description Symantec offers a...

10CVSS7.9AI score0.12798EPSS
Exploits0References3
CERT
CERT
•added 2004/03/23 12:0 a.m.•32 views

HP-UX CDE library libDtSvc contains unspecified buffer overflow

Overview CDE, the default X Windows environment in HP-UX, ships with a libraray called libDtSvc. It has a locally-exploitable buffer overflow in some versions. Description Please see HP Security Bulletin HPSBUX0401-308 SSRT3492 for more details. --- Impact A local user may be able to gain...

7.2CVSS7.1AI score0.00626EPSS
Exploits0References4
CERT
CERT
•added 2004/03/10 12:0 a.m.•32 views

Microsoft MSN Messenger fails to properly validate file requests

Overview Microsoft MSN Messenger fails to properly validate file requests which could allow an attacker to view the contents of files on the victim's system. Description Microsoft MSN Messenger is an instant messaging application that allows users to collaborate with friends using text messages,...

5CVSS7.2AI score0.22467EPSS
Exploits0References3
CERT
CERT
•added 2004/02/27 12:0 a.m.•32 views

Oracle9i Database contains buffer overflow in NUMTODSINTERVAL() function

Overview Oracle9i Database contains a buffer overflow in the NUMTODSINTERVAL function which could allow anyone who can query the server to execute arbitrary code or access data with the privileges of the vulnerable process. Description A buffer overflow exists in the NUMTODSINTERVAL function. Thi...

7.9AI score
Exploits0References3
CERT
CERT
•added 2003/11/11 12:0 a.m.•32 views

Microsoft Windows Workstation service vulnerable to buffer overflow when sent specially crafted network message

Overview A remotely exploitable vulnerability affects Microsoft Windows Systems. Exploitation of this vulnerability could permit the execution of arbitrary code on the system with elevated privileges. The exploit vector for this vulnerability is highly conducive to a worm or other automated...

7.5CVSS7.4AI score0.83265EPSS
Exploits6References2
CERT
CERT
•added 2003/08/29 12:0 a.m.•32 views

RealNetworks media server RTSP protocol parser buffer overflow

Overview RealNetworks Helix Universal Server 9 media servers contain a buffer overflow in a RTSP protocol parser. Earlier versions of their media servers are also affected: RealSystem Server 7, 8, and RealServer G2. Description RealNetworks Helix Universal Server 9 media server is software which...

8.4AI score
Exploits0References2
CERT
CERT
•added 2003/06/12 12:0 a.m.•32 views

IBM AIX vulnerable to DoS

Overview A denial-of-service vulnerability in AIX may allow a remote attacker to consume 100% of the CPU. Description AIX is a UNIX operating system distributed by IBM. A vulnerability in AIX 4.3.3 may allow a remote attacker to cause a denial of service. For more information, please see IBM APAR...

5CVSS6.3AI score0.02099EPSS
Exploits0References4
CERT
CERT
•added 2003/04/04 12:0 a.m.•32 views

Entrust Authority Security Manager (EASM) does not enforce multiple authorization requirement for master user password change

Overview Entrust Authority Security Manager contains a vulnerability that could allow a master user to change the password of another master user. A master user could exploit this vulnerability to perform operations that otherwise require authorization by multiple master users. Description Entrus...

2.1CVSS6.2AI score0.05263EPSS
Exploits0References3
CERT
CERT
•added 2003/03/21 12:0 a.m.•32 views

HP Tru64 UNIX "su" command vulnerable to buffer overflow

Overview The Hewlett Packard Tru64 "su" command contains a locally exploitable buffer overflow. An exploit for this vulnerability is known to exist and may be circulating. Description The Hewlett Packard Tru64 operating system contains a command, known as "su," that allows users to assume the...

7.2CVSS6.4AI score0.00441EPSS
Exploits0References2
CERT
CERT
•added 2003/03/03 12:0 a.m.•32 views

Buffer overflow in Snort RPC preprocessor

Overview There is a buffer overflow vulnerability in the RPC preprocessing feature of Snort versions 1.8 through 1.9.0 and 2.0 beta. Description Martin Roesch, the primary Snort developer, described the vulnerability by saying:When the RPC decoder normalizes fragmented RPC records, it incorrectly...

7.8AI score
Exploits0References4
CERT
CERT
•added 2003/02/04 12:0 a.m.•32 views

ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received

Overview A vulnerability in the Internet Software Consortium's "dhcrelay" makes it possible for a remote attacker to use dhcrelay to launch a denial-of-service attack against a victim dhcp server. Description The Internet Software Consortium ISC produces a "freely redistributable reference...

5CVSS6.6AI score0.07955EPSS
Exploits0References5
CERT
CERT
•added 2003/01/23 12:0 a.m.•32 views

Microsoft Locator service contains buffer overflow

Overview A remotely exploitable buffer overflow exists in the Microsoft Locator service. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Locator service "maps logical names to network-specific names". Quoting from...

7.5CVSS7.5AI score0.4545EPSS
Exploits1References3
CERT
CERT
•added 2003/01/22 12:0 a.m.•32 views

Sun KCMS library service daemon does not adequately validate location of KCMS profiles

Overview The Sun KCMS library service daemon, kcmsserver, does not adequately validate the location of KCMS profile files. This could allow a remote attacker to read arbitrary files on a vulnerable system. Description Sun Solaris contains support for the Kodak Color Management System KCMS, an...

5CVSS6.4AI score0.25724EPSS
Exploits2References4
CERT
CERT
•added 2002/10/01 12:0 a.m.•32 views

SetupCtl 1.0 Type Library contains a buffer overflow

Overview SetupCtl 1.0 Type Library is a safe-for-scripting ActiveX control that contains a remotely exploitable buffer overflow. This control ships with Microsoft Internet Explorer 4.01 and 5. Description SetupCtl 1.0 Type Library is a safe-for-scripting ActiveX control that contains a remotely...

10CVSS7AI score0.24429EPSS
Exploits0References2
CERT
CERT
•added 2002/09/26 12:0 a.m.•32 views

WebCalendar does not adequately validate user input

Overview WebCalendar does not properly validate user input, allowing attackers to execute arbitrary commands. Description WebCalendar is a free PHP application providing web calendar services for user groups. WebCalendar contains an unspecified input validation vulnerability, allowing arbitrary...

7.5CVSS7.5AI score0.04043EPSS
Exploits0References1
CERT
CERT
•added 2002/09/26 12:0 a.m.•32 views

zml.cgi does not adequately validate user input thereby allowing directory traversal

Overview zml.cgi does not adequately validate user input, allowing for directory traversal out of the web root directory. Description The perl script zml.cgi reads and parses a file on the server, executing certain Server Side Include SSI directives found in the file. The script accepts a CGI...

5CVSS6AI score0.08037EPSS
Exploits1References2
CERT
CERT
•added 2002/08/16 12:0 a.m.•32 views

Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_printstatements" extended procedure

Overview MS SQL Server contains an extended stored procedure with inappropriate permission settings. Description Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 contain an extended stored procedure, xpprintstatements , that permits an unprivileged user of a database to gain administrative...

10CVSS6.6AI score0.46307EPSS
Exploits0References2
CERT
CERT
•added 2002/08/05 12:0 a.m.•32 views

Talentsoft Web+ contains buffer overflow in "webpsvc.exe"

Overview Talentsoft's Web+ development platform contains a buffer overflow in a component that also installs by default into all web sites produced by Web+. Description Talentsoft Web+ is a set of tools for accelerated web site development. A component of Web+ named "webpsvc.exe" contains a buffe...

10CVSS7.4AI score0.08961EPSS
Exploits0References2
CERT
CERT
•added 2002/07/25 12:0 a.m.•32 views

Microsoft SQL Server contains SQL injection vulnerability in replication stored procedures

Overview Microsoft SQL Server contains multiple SQL injection vulnerabilities that allow database users to leverage administrative privileges on a single database to execute SQL queries or operating system commands with greater privileges. Description Microsoft SQL Server provides a scripting...

7.5CVSS9.6AI score0.0337EPSS
Exploits0References4
CERT
CERT
•added 2002/06/13 12:0 a.m.•32 views

Microsoft Remote Access Service API contains buffer overflow vulnerability via phonebook entries

Overview The Microsoft Remote Access Service API contains a vulnerability that allows local attackers to execute arbitrary code with system privileges. Description The Microsoft Remote Access Service RAS Application Programming Interface API allows Windows programs to make dial-up connections to...

4.6CVSS7.5AI score0.05525EPSS
Exploits0References4
CERT
CERT
•added 2002/06/13 12:0 a.m.•32 views

Chunked encoding post can consume excessive memory on IIS 4.0 webserver

Overview Microsoft IIS 4.0, circa March 2000, contained a vulnerability that allowed an intruder to consume unlimited memory on a vulnerable server. Description Older versions of IIS 4.0, circa March 2000, contained a vulnerability in the chunked-encoding transfer mechanism that permitted an...

5CVSS6.5AI score0.06808EPSS
Exploits0References5
Total number of security vulnerabilities3704