3705 matches found
Mozilla products vulnerable to heap overflow via miscalculated size during conversion of an image
Overview A vulnerability exists in Mozilla products that may allow a remote attacker to execute arbitrary code or cause a denial of service. Description Mozilla products contain a vulnerability in the CSS cursor property on Microsoft Windows that may result in a crash when handling malicious...
Novell NetMail NMAP vulnerable to buffer overflow when processing "STOR" commands
Overview A vulnerability in the way Novell NetMail handles NMAP "STOR" commands may cause a buffer overflow that may allow remote execution of arbitrary code. Description Novell NetMail's implementation of the Network Messaging Application Protocol NMAP contains a buffer overflow that may occur...
Microsoft Excel fails to properly process a malformed Column record
Overview Microsoft Excel contains a memory corruption vulnerability that could enable an attacker to exectue arbitrary code and gain complete control of the vulnerable system. Description Microsoft Excel fails to properly handle malformed Column records. When an Excel file is opened, Excel does n...
Apple QuickTime RTSP buffer overflow
Overview Apple QuickTime may allow remote arbitrary code to be executed via a long src parameter in RTSP URL strings. Description A vulnerability exists in the way Apple QuickTime handles specially crafted Real Time Streaming Protocol RTSP URL strings. An attacker may be able to craft a QTL file ...
Microsoft Remote Installation Service Writable Path Vulnerability
Overview A vulnerability in the way Microsoft Remote Installation Service handles TFTP may allow a remote, unauthorized attacker to create or overwrite arbitrary operating system files. Description Microsoft Remote Installation Service contains a vulnerability in the way that it provides TFTP...
Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI
Overview Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI. Description According to Apple Security Update 2006-007:By enticing a user to access a maliciously crafted FTP URI, an attacker can cause the user's FTP client to issue arbitrary FTP commands ...
Apple Mac OS X WebKit deallocated object access vulnerability
Overview Apple Safari WebKit fails to properly deallocate objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to Apple: WebKit is the open source core of Apple's Safari web browser. It is available as a framework in Mac OS X fo...
Computer Associates BrightStor ARCserve Backup Tape Engine fails to properly handle RPC requests
Overview A vulnerability exists in the Computer Associates BrightStor ARCserve Backup Tape Engine. If successfully exploited, this vulnerability may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retention tool that integrates with...
Apple Mac OS X fails to properly handle corrupted DMG image structures
Overview Apple Mac OS X fails to properly handle corrupted DMG image structures. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. Description A vulnerability in the way Mac OS X com.apple.AppleDiskImageController handles...
Microsoft DirectAnimation Path ActiveX control Spline method integer overflow
Overview A vulnerability in the Microsoft DirectAnimation ActiveX controls may allow a remote attacker to execute arbitrary code on an affected system. Description Microsoft's DirectAnimation is a suite of development functionality, predating Microsoft DirectX, that provides animation support for...
Novell GroupWise Messenger fails to properly handle HTTP POST requests.
Overview Novell GroupWise Messenger fails to properly handle HTTP POST requests. This vulnerability may allow a remote attacker to cause a denial of service condition. Description Novell GroupWise Messenger fails to properly handle HTTP POST requests. This vulnerability may be triggered by sendin...
Wireshark contains an unspecified vulnerability in the SCSI dissector
Overview Wireshark contains a vulnerability in the SCSI dissector that may cause a denial-of-service condition. Description The SCSI dissector in Wireshark contains an unspecified error that may allow remote attackers to cause a denial-of-service condition.Wireshark states that Wireshark version...
WinSCP URI handlers fails to properly parse command line switches
Overview A vulnerability has been found in WinSCP, which can be exploited by an attacker to overwrite or add files to the victim's computer. Description WinSCP is an open source SFTP client for Microsoft windows. It supports a file-manager user interface, and uses the SSH protocol to transfer fil...
Microsoft PowerPoint malformed record vulnerability
Overview Microsoft PowerPoint fails to properly handle malformed records. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint Microsoft PowerPoint is presentation software that is available on Microsoft Windows and Apple Mac platform...
Microsoft JScript memory corruption vulnerability
Overview Microsoft JScript contains a memory corruption vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft JScript According to Microsoft Security Bulletin MS06-023: JScript is the Microsoft...
Microsoft Remote Access Connection Manager service vulnerable to buffer overflow
Overview A vulnerability in the Microsoft Remote Access Connection Manager may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft describes the Routing and Remote Access Service RRAS as follows:RRAS makes it possible for a computer to function as a...
Symantec products vulnerable to buffer overflow
Overview Symantec products are vulnerable to a stack-based buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description Symantec Client Security and Symantec Antivirus Corporate Edition contain a stack-based buffer overflow. For informati...
Microsoft Exchange fails to properly handle vCal and iCal properties
Overview Microsoft Exchange Server does not properly handle the vCal and iCal properties of email messages. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on an Exchange Server. Description Microsoft Exchange Server Microsoft's Exchange...
Symantec VERITAS NetBackup contains a buffer overflow vulnerability in the Sharepoint Services daemon
Overview The Symantec VERITAS NetBackup Volume Manager daemon contains a buffer overflow vulnerability which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The Sharepoint Services...
Sendmail signal I/O race condition
Overview A race condition in Sendmail may allow a remote attacker to execute arbitrary code. Description Sendmail Sendmail is a widely used mail transfer agent MTA. Mail Transfer Agents MTA MTAs are responsible for sending an receiving email messages over the internet. They are also referred to a...
Apple Mail buffer overflow vulnerability
Overview Apple Mail contains a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Apple Mail Mac OS X includes the Mail application Mail.app for handling electronic mail. The Problem Apple Mail contains a buffer overflow caused by lack o...
Apple QuickTime image handling buffer overflow
Overview Apple QuickTime contains a heap-based buffer overflow that may allow an attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple QuickTime fails to properly validate QuickTime Images QTIF, potentially allowing a heap-based buffer overflow to occur. If ...
Sun Java Runtime Environment applet privilege escalation vulnerability
Overview The Sun Java Runtime Environment JRE may allow an untrusted Java applet to bypass Java security settings and execute arbitrary code. Description The Sun Java Runtime Environment provides the libraries and components necessary to run Java-based applications. There is an unspecified...
Skype vulnerable to heap-based buffer overflow
Overview A heap-based buffer overflow in Skype may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description Skype software provides telephone service over IP networks. Skype contains a buffer overflow in a routine that parses incoming network traffic...
Microsoft Collaboration Data Objects buffer overflow
Overview A buffer overflow in Microsoft Collaboration Data Objects may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Collaboration Data Objects CDO is a scripting library used to develop applications that handle email. Note that C...
Apple Mac OS X QuickDraw Manager fails to properly handle corrupt PICT files
Overview Apple Mac OS X QuickDraw Manager contains a buffer overflow that may allow a remote attacker to execute arbitrary code. Description Apple Mac OS X QuickDraw is a 2D graphics library. It is used by several applications, including Safari, Mail, and Finder. QuickDraw is used to render PICT...
Check Point Firewall rules may improperly handle network traffic
Overview Check Point Firewall CIFS service group may allow unintended traffic to pass through the firewall. Description Check Point Firewall contains a set of predefined service groups designed to handle different types of traffic associated with a service or collection of protocols. For instance...
Microsoft Windows Remote Desktop Protocol service input validation vulnerability
Overview An input validation error in the Microsoft Remote Desktop Protocol RDP service may allow a remote attacker to cause a denial-of-service condition. Description Microsoft describes the Remote Desktop Protocol RDP as follows.RDP is based on, and is an extension of, the T.120 protocol family...
Microsoft Exchange Server contains unchecked buffer in SMTP extended verb handling
Overview A vulnerability in some versions of Microsoft's Exchange Server may allow a remote attacker to execute arbitrary code on an affected server. Description Microsoft's Exchange Server supports a number of protocols for handling email, including the Simple Mail Transfer Protocol SMTP and SMT...
Microsoft Word contains a buffer overflow vulnerability
Overview Microsoft Word contains a vulnerability that may result in the execution of code on the system with the privileges of the current user. Description Microsoft Word contains a buffer overflow vulnerability that may be exploited by opening a maliciously-crafted word document. Successful...
Squid fails to properly handle oversized reply headers
Overview The Squid web proxy cache may be vulnerable to oversized HTTP reply headers. Description Squid functions as a web proxy and cache application for a number of protocols, including the hypertext transfer protocol HTTP. A defect in the Squid HTTP handling prevents oversized reply headers...
MailPost vulnerable to cross-site scripting in the 'append' variable passed to the file as part of an HTTP GET request
Overview A cross-site scripting vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions. Description According to a report by ProCheckUp, MailPost is vulnerable to a Cross-Site Scripting attack via the 'append' variable. The 'append variable is passed as part ...
Cisco IOS fails to properly handle malformed OSPF packets
Overview A denial-of-service vulnerability exists in Cisco's Internetwork Operating System IOS. This vulnerability may allow remote attackers to conduct denial-of-service attacks on an affected device. Description Open Shortest Path First OSPF is a routing protocol that provides a means for...
Microsoft Windows HTML Help component fails to properly validate input data
Overview There is a vulnerability in the HTML Help component of Microsoft Windows that could allow an attacker to execute arbitrary code on an affected system. Description Microsoft HTML Help provides a standard help system for the Windows operating system. There is a vulnerability in the way...
Microsoft Windows contains a vulnerability in the way the Windows Shell launches applications
Overview Microsoft Windows contains a remote code execution vulnerability in the way that the Windows Shell launches applications. An remote attacker could exploit this vulnerability to execute arbitrary code if they could trick a user into visiting a malicious website. Description Microsoft...
Microsoft Windows Task Scheduler Buffer Overflow
Overview Microsoft Windows Task Scheduler has a buffer overflow that may allow a remote or local intruder to execute arbitrary code. Description Microsoft Windows Task Scheduler Mstask.dll is a COM-based API ActiveX control that provides a scheduling service for executing arbitrary commands on a...
Apple Mac OS X "disk://" URI handler stores arbitrary files in a known location
Overview A vulnerability has been reported in the default "disk://" protocol handler installed on Apple Mac OS X systems. Remote attackers may potentially use this vulnerability to create files on the local system without explicit user consent. We have not independently verified the scope of this...
Sun Java Runtime Environment vulnerable to DoS
Overview The Sun Java Runtime Environment JRE contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service condition in the Java Virtual Machine JVM. Description The Sun Java Runtime Environment provides the libraries and components necessary to run...
Outlook Express MHTML protocol handler does not properly validate source of alternate content
Overview The Outlook Express MIME Encapsulation of Aggregate HTML Documents MHTML protocol handler does not adequately validate the source of alternate content. An attacker could exploit this vulnerability to access data and execute script in different security domains. By causing script to be ru...
Norton AntiSpam contains boundary error within the "SymSpamHelper Class" (symspam.dll) ActiveX component.
Overview Symantec's Norton AntiSpam is a software package that provides spam filtering. A vulnerability in an ActiveX control that ships with Norton AntiSpam may permit a remote attacker to execute arbitrary code on the local system. Description Symantec Norton AntiSpam for Windows installs the...
NetScreen Instant Virtual Extranet (IVE) platform contains cross-site scripting vulnerability in delhomepage.cgi
Overview NetScreen Instant Virtual Extranet IVE platform contains a cross-site scripting vulnerability in the row parameter of delhomepage.cgi, which could allow an attacker to mount a cross-site scripting attack. Description The Instant Virtual Extranet platform is an application security gatewa...
Multiple tools within the Netpbm package create temporary files in an insecure manner
Overview Multiple tools within the Netpbm package create temporary files in an insecure manner. Description Netpbm is a toolkit that contains over 220 separate tools for manipulating graphic images. Multiple tools within the Netpbm package create temporary files insecurely. --- Impact A local...
Avaya Argent Office vulnerable to denial of service via malformed DNS packets
Overview The Avaya Argent Office reboots in response to certain malformed DNS packets, resulting in a denial of service condition. Description The Avaya Argent Office reboots when a packet with an empty payload is sent to UDP port 53 DNS on its internal interface. By sending repeated packets to...
Microsoft Help and Support Center contains buffer overflow in code used to handle HCP protocol
Overview There is a buffer overflow in the Microsoft Help and Support Center that could permit an attacker to execute arbitrary code with SYSTEM privileges. Description The Microsoft Help and Support Center is a facility within WIndows to provide product help and documentation. Among other things...
SSH Communications Secure Shell vulnerable to DoS via malformed BER/DER packet
Overview SSH Communications' Secure Shell contains vulnerabilities in ASN.1 libraries that may allow remote attackers to cause a denial-of-service situation, or potentially execute arbitrary code on the server. Description SSH Communications' Secure Shell contains a vulnerability in the decoding ...
Sendmail contains buffer overflow in ruleset parsing
Overview Sendmail contains a buffer overflow vulnerability in the code that parses rulesets. This vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service on a vulnerable system.This vulnerability does not affect the default configuration. Description...
SGI IRIX contains buffer overflow vulnerability in "cpr" program
Overview A vulnerability in cpr may allow a local attacker execute arbitrary code. Description SGI describes cpr as follows:IRIX Checkpoint and Restart CPR offers a set of user-transparent software management tools, allowing system administrators, operators, and users with suitable privileges to...
Microsoft Windows DirectX MIDI library does not adequately validate MThd track values in MIDI files
Overview A Microsoft Windows DirectX library, quartz.dll, does not properly validate the number of tracks value in Musical Instrument Digital Interface MIDI files. An attacker could exploit this vulnerability to execute arbitrary code or crash any application using the library, causing a denial o...
Symantec ActiveX control vulnerable to buffer overflow
Overview There is a buffer overflow in a component of Symantec's web-based Security Check. Description Symantec describes Security Check as "a free web-based tool that enables users to test their computer's exposure to a wide range of on-line threats. As part of running the check, users may insta...
Adobe Acrobat does not adequately validate Acrobat JavaScript
Overview Adobe Acrobat contains a vulnerability in its JavaScript parsing engine that could allow an attacker to place arbitrary files on the local file system. Description Different versions of Adobe Acrobat software can create, modify, and read Portable Document Format PDF files. Acrobat...