3704 matches found
Vanilla Forums version 2.1.a26 contains a parameter manipulation vulnerability
Overview Vanilla Forums version 2.1.a26 and possibly other versions is vulnerable to parameter manipulation via the "edit profile" page of authenticated users. Description CWE-280: Improper Handling of Insufficient Permissions or PrivilegesVanilla Forums version 2.1.a26 and possibly other version...
Axigen Mail Server directory traversal vulnerability
Overview Axigen Mail Server contains a directory traversal vulnerability. Description CWE-22: Improper Limitation of a Pathname to a Restricted DirectoryAxigen Mail Server has a web based administration site which allows authorized administrators to perform certain actions via HTTP. The 'View Log...
Cerberus FTP Server web interface cross-site request forgery vulnerability
Overview The Cerberus FTP Server web interface contains a cross-site request forgery vulnerability Description CWE-352: Cross-Site Request Forgery CSRF: The Cerberus FTP Server web interface is vulnerable to CSRF using the HTTP POST method in the :10000/usermanager/users/modify. The application h...
Open Technology Real Services nested tags cross-site scripting vulnerability
Overview Open Technology Real Services OTRS is susceptible to a cross-site scripting vulnerability when viewing HTML webpages with nested tags. Description Open Technology Real Services OTRS contains a cross-site scripting CWE-79 vulnerability in the email body. An attacker may be able to load...
Pluck SiteLife software multiple XSS vulnerabilities
Overview Pluck SiteLife software contains multiple XSS vulnerabilities. Description According to DemandMedia's website Pluck SiteLife software is an integrated community platform architected for brands. Pluck SiteLife software contains multiple cross site scripting XSS vulnerabilities. CWE-79:...
Wibu-Systems CodeMeter remote denial of service vulnerability
Overview Wibu-Systems CodeMeter contains a remote denial of service vulnerability when receiving specially crafted packets. Description Wibu-Systems CodeMeter v4.30c and v4.10b contain a remote denial of service vulnerability when receiving specially crafted packets. Wibu-Systems CodeMeter listen...
Microsoft Windows UDP packet parsing vulnerability
Overview A vulnerability in the Microsoft Windows TCP/IP stack could allow an attacker to run arbitrary code in kernel mode or cause a denial-of-service. Description Microsoft Windows contains a TCP/IP stack used to process network packets for the operating system. This component contains a...
ProjectForum XSS vulnerability
Overview ProjectForum 7.0.1.3038 and possibly previous versions, are vulnerable to cross site scripting XSS. Description CourseForum's ProjectForum software fails to sanitize all input fields. As a result, cross site scripting XSS attacks can be conducted. By default, a non-credentialed user can...
ISC Bind 9 IXFR or DDNS update combined with high query rate DoS vulnerability
Overview A denial-of-service condition exists in certain cases when an ISC Bind server processes a IXFR transfer or dynamic update. Description The ISC security advisory states:"When an authoritative server processes a successful IXFR transfer or a dynamic update, there is a small window of time...
Microsoft WMI Administrative Tools WBEMSingleView.ocx ActiveX control vulnerability
Overview The ActiveX control, WBEMSingleView.ocx, that is a part of the WMI Administrative Tools package contains a vulnerability. Description The AddContextRef and ReleaseContext functions of the WMI Object Viewer control can be passed an object pointer from an attacker that results in arbitrary...
Microsoft Internet Explorer invalid flag reference vulnerability
Overview Microsoft Internet Explorer invalid flag reference vulnerability Description According to the Microsoft Security Research & Defense Blog, Microsoft Internet Explorer incorrectly under-allocates memory to store a certain combination of Cascading Style Sheets CSS tags when parsing HTML,...
VMware VMnc AVI video codec image height heap overflow
Overview The VMware VMnc video codec fails to properly handle the image height value in AVI files, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Several VMware products include the ability to create and play movies of running...
RealNetworks RealPlayer Shockwave Flash (SWF) file vulnerability
Overview RealNetworks RealPlayer fails to properly handle frames within Shockwave Flash SWF files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The RealNetworks RealPlayer application provides support for the SWF file format. A...
Microsoft Office Snapshot Viewer ActiveX control race condition
Overview The Microsoft Office Snapshot Viewer ActiveX control contains a race condition, which can allow a remote, unauthenticated attacker to download arbitrary files to arbitrary locations. Description Microsoft Snapshot Viewer is a viewer for snapshots created with Microsoft Access. Snapshot...
SkyPortal contains multiple SQL injection vulnerabilities
Overview SkyPortal RC6 contains multiple SQL injection vulnerabilities which could allow a remote, unauthenticated attacker to gain access to the back-end database and to add, modify or remove data. Description SkyPortal is a modular web portal and online community system that includes web-based...
Apple QuickTime "file: URL" arbitrary code execution
Overview Apple QuickTime does not properly handle "file: URLs" which may allow an attacker to execute arbitrary code. Description Apple QuickTime is a multiplatform multimedia software architecture which provides file format converters for more than 250 common image, video, and audio file...
GnuTLS Client Hello repeat Denial of Service
Overview A vulnerability exists in GnuTLS that may allow a remote attacker to cause a denial of service. Description GnuTLS contains a vulnerability in gnults-serv that may result in a denial of service when handling a specially crafted TLS packet that contains multiple Client Hello messages...
BGP implementations do not properly handle UPDATE messages
Overview BGP implementations from multiple vendors including Juniper may not properly handle specially crafted BGP UPDATE messages. These vulnerabilities could allow an unauthenticated, remote attacker to cause a denial of service. Disrupting BGP communication could lead to routing instability...
cPanel XSRF vulnerabilities
Overview cPanel contains multiple cross-site request forgery XSRF vulnerabilities. If successfully exploited, these vulnerabilities may allow an attacker to execute arbitrary commands. Description cPanel, a web-based tool that is designed to automate and control web sites and servers, contains...
Apple Safari vulnerable to xss via the processing of JavaScript URLs
Overview A vulnerability in the way Apple Safari handles JavaScript URLs may allow execution of JavaScript in the context of another site. Description Apple Safari contains a vulnerability that may cause a cross-site script injection when processing JavaScript URLs. According to Apple Security...
Apple Mac OS X fails to properly handle a crafted URL
Overview A vulnerability in the way Apple Mac OS X handles specially crafted URLs may allow an attacker to execute arbitrary code. Description According to Apple Security Update 2008-001:An input validation issue exists in the processing of URL schemes handled by Terminal.app. By enticing a user ...
RealPlayer playlist name stack buffer overflow
Overview RealPlayer contains a stack buffer overflow in the handling of playlist names, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description RealNetworks RealPlayer is a multimedia application that allows users to view local and remote...
Intuit QuickBooks Online Edition ActiveX control fails to properly restrict access to methods
Overview The Intuit QuickBooks Online Edition ActiveX control fails to properly restrict access to dangerous methods, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Intuit QuickBooks Online Edition is a version of QuickBooks that is implemented a...
GIMP integer overflow vulnerability
Overview GIMP contains a vulnerability that may allow a remote attacker to execute code, or create a denial-of-service condition. Description The Photoshop Document PSD format is the native file format used by Adobe Photoshop. The GNU Image Manipulation Program GIMP can open and manipulate .psd...
Atheros wireless network drivers may fail to properly handle malformed frames
Overview Atheros wireless drivers fail to properly handle malformed wireless frames. This vulnerability may allow a remote, unauthenticated attacker to create a denial-of-service condition. Description Some versions of the Microsoft Windows drivers for Atheros 802.11 a/b/g wireless adapters fail ...
Apple QuickTime fails to properly handle malformed movie files
Overview Apple QuickTime fails to properly handle malformed movie files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple QuickTime is multimedia software that allows users to view local and remote...
Microsoft Windows Active Directory fails to properly validate LDAP requests
Overview A vulnerability in Windows Active Directory could allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Lightweight Directory Access Protocol LDAP is a standard protocol that enables users to query or modify the data in a meta directory. Microsoft's...
SAP Message Server heap buffer overflow
Overview The SAP Message Server contains a flaw that may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description The SAP Message Server is used to exchange and regulate messages between servers in a SAP network. A heap-based buffer...
Apple AFP Client privilege escalation vulnerability
Overview The Apple File Protocol AFP Client fails to properly clean its environment before executing commands. This vulnerability may allow a local attacker execute commands with elevated privileges. Description The Apple File Protocol service allows Apple Mac OS clients to access files remotely...
The Wizz RSS Reader chrome access vulnerability
Overview The Wizz RSS Reader contains a vulnerability that may allow an attacker to take any action that Mozlla Firefox can. Description The Mozilla Firefox user interface components outside of the content area are created using chrome. This includes toolbars, menu bars, progress bars, and window...
Intel Centrino wireless drivers fail to properly process malformed frames
Overview Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow an attacker to execute arbitrary code. Description The Microsoft Windows drivers for Intel Centrino 2200BG and 2915ABG PRO wireless adapters fail to...
CA BrightStor ARCserver Tape Engine denial-of-service vulnerability
Overview The Computer Associates BrightStor ARCserve Backup Tape Engine contains a vulnerability. If successfully exploited, this vulnerability may allow a remote attacker to shut down the tape engine interface. Description BrightStor ARCserve Backup is a backup and data retention tool that...
Apple Mac OS X fails to properly handle crafted AppleSingleEncoding disk images
Overview A vulnerabilty in the Apple Mac OS X AppleSingleEncoding disk image handler may allow execution of arbitrary code or denial of service. Description Apple Mac OS X contains a vulnerability that may be exploited when a user mounts a specially crafted AppleSingleEncoding disk image file...
Sun Network Security Services (NSS) vulnerable to DoS due to an unspecified vulnerability
Overview The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. Description The Sun One Application Server provides a Java 2 Platform for delivering Java...
Apple Mac OS X AFP server may disclose file and folder information in search results
Overview A vulnerability in the Apple Mac OS X AFP server may disclose file and folder items to unauthorized users. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to remotely access files stored on a server. When file sharing is enabled, Apple's Mac OS X AFP server...
Mozilla products allows the src attribute in an img element to be changed to a JavaScript URI
Overview Mozilla products contain a cross-site scripting vulnerability due to a vulnerability in the way IMG elements are loaded. Description A vulnerability in the way Mozilla products load IMG elements in a frame may cause a cross-site script injection. According to Mozilla Foundation Security...
Mozilla LiveConnect vulnerable to crash finalizing JS objects
Overview A vulnerability exists in the Mozilla LiveConnect that may allow a remote attacker to cause a denial of service. Description Mozilla LiveConnect, which allows communication between Java applets and web JavaScript, contains a vulnerability in the way freed objects are re-used that may...
Novell NetMail NMAP vulnerable to buffer overflow when processing "STOR" commands
Overview A vulnerability in the way Novell NetMail handles NMAP "STOR" commands may cause a buffer overflow that may allow remote execution of arbitrary code. Description Novell NetMail's implementation of the Network Messaging Application Protocol NMAP contains a buffer overflow that may occur...
Cisco Secure Access Control Server vulnerable to a stack-based buffer overflow via a specially crafted "HTTP GET" request
Overview A vulnerability in the web administrative server supplied with Cisco Secure ACS products could allow a remote attacker to execute arbitrary code on an affected system. Description Cisco Secure ACS is a Remote Access Dial-In User Service RADIUS and Terminal Access Controller Access Contro...
Microsoft Excel fails to properly process a malformed Column record
Overview Microsoft Excel contains a memory corruption vulnerability that could enable an attacker to exectue arbitrary code and gain complete control of the vulnerable system. Description Microsoft Excel fails to properly handle malformed Column records. When an Excel file is opened, Excel does n...
Sun Java JRE vulnerable to arbitrary code execution via an undetermined error
Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...
Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists
Overview Apple Mac OS X Security Framework Online Certificate Status Protocol OCSP service is unable to retrieve certificate revocation lists on systems that are configured to use an HTTP proxy. This vulnerability may result in the use of revoked certificates. Description The Online Certificate...
Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI
Overview Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI. Description According to Apple Security Update 2006-007:By enticing a user to access a maliciously crafted FTP URI, an attacker can cause the user's FTP client to issue arbitrary FTP commands ...
Apple Mac OS X WebKit deallocated object access vulnerability
Overview Apple Safari WebKit fails to properly deallocate objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to Apple: WebKit is the open source core of Apple's Safari web browser. It is available as a framework in Mac OS X fo...
Apple Mac OS X fails to properly handle corrupted DMG image structures
Overview Apple Mac OS X fails to properly handle corrupted DMG image structures. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. Description A vulnerability in the way Mac OS X com.apple.AppleDiskImageController handles...
Microsoft DirectAnimation Path ActiveX control Spline method integer overflow
Overview A vulnerability in the Microsoft DirectAnimation ActiveX controls may allow a remote attacker to execute arbitrary code on an affected system. Description Microsoft's DirectAnimation is a suite of development functionality, predating Microsoft DirectX, that provides animation support for...
Novell GroupWise Messenger fails to properly handle HTTP POST requests.
Overview Novell GroupWise Messenger fails to properly handle HTTP POST requests. This vulnerability may allow a remote attacker to cause a denial of service condition. Description Novell GroupWise Messenger fails to properly handle HTTP POST requests. This vulnerability may be triggered by sendin...
Wireshark contains an unspecified vulnerability in the SCSI dissector
Overview Wireshark contains a vulnerability in the SCSI dissector that may cause a denial-of-service condition. Description The SCSI dissector in Wireshark contains an unspecified error that may allow remote attackers to cause a denial-of-service condition.Wireshark states that Wireshark version...
IBM Lotus Notes sets insecure default permissions on program data
Overview IBM Lotus Notes sets insecure default permissions on the Notes directory. This vulnerability may allow a local attacker to gain unintended access to Lotus Notes program data. Description IBM Lotus Notes installs numerous program files and program data in a special directory known as the...
Apple Mac OS X WebKit may allow code execution when visiting a malicious website
Overview A vulnerability in Apple Mac OS X WebKit may allow an attacker to execute arbitrary code on an affected system. Description WebKit From the OpenDarwin WebKit project description, WebKit is an open source web browser engine. WebKit is also the name of the Mac OS X system framework version...