Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
•added 2006/07/18 12:0 a.m.•29 views

Samba fails to properly handle multiple share connection requests

Overview There is a vulnerability in the smbd process which may allow an attacker to create a denial of service condition. Description Samba Samba is an open-source implementation of SMB/CIFS file and print services. It is frequently included in UNIX and Linux distributions and is typically used...

5CVSS7.1AI score0.05503EPSS
Exploits1References12
CERT
CERT
•added 2006/07/11 12:0 a.m.•29 views

Microsoft Office string parsing vulnerability

Overview Microsoft Office fails to properly parse strings. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly parse strings. When an Office document containing malformed string is opened with an Office application...

9.3CVSS6.6AI score0.43664EPSS
Exploits1References1
CERT
CERT
•added 2006/07/07 12:0 a.m.•29 views

Microsoft Internet Explorer vulnerable to heap overflow via the HTML Help Control "Image" property

Overview The HTML Help ActiveX control contains a heap overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to create reusable software components that can be...

7.5CVSS7AI score0.35274EPSS
Exploits1References5
CERT
CERT
•added 2006/06/30 12:0 a.m.•29 views

Apple Mac OS X vulnerable to stack-based buffer overflow via specially crafted TIFF file

Overview Apple has reported a vulnerability in the way Mac OS X 10.4 systems handle TIFF images that could cause affected applications to crash or allow remote code execution.. Description TIFF Image File Format The TIFF image file format is a widely supported file format used for storing images...

7.5CVSS8.6AI score0.04701EPSS
Exploits0
CERT
CERT
•added 2006/06/28 12:0 a.m.•29 views

ClamAV vulnerable to buffer overflow via malicious database mirror

Overview The Open Source anti-virus program ClamAV's update engine, freshclam, contains a buffer overflow vulnerability. If exploited, an attacker could create a denial-of-service condition, or possibly run arbitrary code with the privileges of the freshclam process. Description Freshclam is a...

5.1CVSS9.6AI score0.0581EPSS
Exploits1References4
CERT
CERT
•added 2006/04/12 12:0 a.m.•29 views

SunnComm MediaMax privilege elevation vulnerability

Overview SunnComm MediaMax contains a privilege elevation vulnerability, which may allow a user with limited rights to execute code with elevated privileges. Description SunnComm MediaMax SunnComm MediaMax is copy protection software that is automatically installed by some audio CDs. Sony BMG has...

4.6CVSS7.1AI score0.00468EPSS
Exploits1References7
CERT
CERT
•added 2006/03/14 12:0 a.m.•29 views

Microsoft Office routing slip buffer overflow

Overview Microsoft Office contains a buffer overflow in the parsing of routing slips, which may allow an attacker to execute arbitrary code on a vulnerable system. Description Routing slips According to Microsoft Security Bulletin MS06-012: Microsoft Office applications have the ability to add a...

5.1CVSS7.2AI score0.14205EPSS
Exploits0References2
CERT
CERT
•added 2006/03/14 12:0 a.m.•29 views

Microsoft Excel malformed record memory corruption vulnerability

Overview Microsoft Excel contains a memory corruption vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate records in data files. When a file with a malformed record is opened in Exce...

5.1CVSS7.1AI score0.18325EPSS
Exploits0References1
CERT
CERT
•added 2006/03/09 12:0 a.m.•29 views

LISTSERV contains multiple buffer overflow vulnerabilities in the WA CGI script

Overview Several buffer overflow vulnerabilities have been discovered in LISTSERV. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description L-Soft's LISTSERV is an email list management software package. It includes a Web Archive and...

7.5CVSS7.8AI score0.07485EPSS
Exploits0References3
CERT
CERT
•added 2006/01/11 12:0 a.m.•29 views

Apple QuickTime fails to properly handle corrupt media files

Overview Apple QuickTime contains a heap overflow vulnerability in the handling of media files which may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Description Apple's QuickTime Player is multimedia software that allows...

7.5CVSS7.3AI score0.08778EPSS
Exploits0References3
CERT
CERT
•added 2005/12/31 12:0 a.m.•29 views

Research in Motion (RIM) BlackBerry Router vulnerable to denial of service via Server Routing Protocol (SRP)

Overview The Research in Motion RIM BlackBerry Router contains a vulnerability in the way the router handles Server Routing Protocol SRP packets. By sending specially crafted SRP packets to the router, an attacker could cause a denial of service. Description The BlackBerry Router is a component o...

7.8CVSS6.7AI score0.03892EPSS
Exploits0References4
CERT
CERT
•added 2005/08/31 12:0 a.m.•29 views

Reflection for Secure IT Windows Server can allow login to renamed built-in accounts

Overview WRQ Reflection for Secure IT Windows Server 6.0 can allow a user to login to a Windows built-in account with the default name Administrator and Guest after they are renamed. Description Microsoft Windows includes the built-in accounts Administrator and Guest. If those accounts are rename...

7.2AI score
Exploits0References1
CERT
CERT
•added 2005/08/17 12:0 a.m.•29 views

Apple Mac OS X Directory Services contains a buffer overflow

Overview A buffer overflow in Apple Mac OS X Directory Service's authentication process may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple Mac OS X Server Directory Service provides reading, writing, and authentication services within...

7.5CVSS9.5AI score0.06179EPSS
Exploits0References2
CERT
CERT
•added 2005/08/17 12:0 a.m.•29 views

Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files

Overview A buffer overflow vulnerability exists in a component of Apple's Mac OS X operating system that handles rich text files. Description The Cocoa Application Framework also referred to as the Application Kit, or AppKit is one of the core Cocoa frameworks supplied with Apple's Mac OS X...

7.6CVSS9.4AI score0.04211EPSS
Exploits0References3
CERT
CERT
•added 2005/08/10 12:0 a.m.•29 views

Microsoft Windows domain controller denial of service in Kerberos message handling

Overview Microsoft Windows domain controllers do not properly handle some Kerberos messages, potentially allowing a remote, authenticated attacker to cause a denial-of-service condition. Description Microsoft Windows domain controllers running Windows 2000 Server and Server 2003 use the Kerberos...

2.1CVSS6.1AI score0.06521EPSS
Exploits0References1
CERT
CERT
•added 2005/08/09 12:0 a.m.•29 views

Microsoft Windows Remote Desktop Protocol service input validation vulnerability

Overview An input validation error in the Microsoft Remote Desktop Protocol RDP service may allow a remote attacker to cause a denial-of-service condition. Description Microsoft describes the Remote Desktop Protocol RDP as follows.RDP is based on, and is an extension of, the T.120 protocol family...

5CVSS6.2AI score0.61183EPSS
Exploits0References10
CERT
CERT
•added 2005/06/07 12:0 a.m.•29 views

RSA Authentication Agent for Web fails to properly validate input

Overview The RSA Authentication Agent for Web running on Microsoft Internet Information Services IIS does not properly validate input that is passed to the "postdata" parameter in "/WebID/IISWebAgentIF.dll" and may allow an attacker to execute code in a user's browser. Description RSA...

4.3CVSS5.6AI score0.02508EPSS
Exploits0References4
CERT
CERT
•added 2005/05/09 12:0 a.m.•29 views

Apple Mac OS X with Bluetooth enabled may allow file exchange without prompting users

Overview Apple Mac OS X with Bluetooth support may unintentionally allow files to be exchanged with other systems by default. Description Mac OS X includes support for the Bluetooth networking protocol suite. Bluetooth is a communication technology that enables short-range communication between...

7.5CVSS5.8AI score0.01889EPSS
Exploits0References3
CERT
CERT
•added 2005/04/20 12:0 a.m.•29 views

sendfile() system call may leak sections of kernel memory

Overview The sendfile system call does not handle specially crafted files properly. Exploitation of this vulnerability may leak sensitive information to a local attacker. Description The sendfile system call is used to send a file through a socket without copying the file data into memory. A...

10CVSS5.5AI score0.02268EPSS
Exploits0References1
CERT
CERT
•added 2005/03/17 12:0 a.m.•29 views

NotifyLink contains multiple SQL injection vulnerabilities

Overview There are multiple vulnerabilities in NotifyLink that allow unauthenticated remote users to view or modify the contents of the NotifyLink SQL database. Possible modifications include the addition of unauthorized user and administrator accounts. Description Notify Technology NotifyLink...

7.5CVSS7.4AI score0.01512EPSS
Exploits0References3
CERT
CERT
•added 2005/03/09 12:0 a.m.•29 views

ISC DHCP contains a format string vulnerabilty in errwarn.c

Overview The Internet Systems Consortium ISC Dynamic Host Configuration Protocol DHCP application contains a format string vulnerability in errwarn.c that could allow an attacker to execute arbitrary code. Description As described in RFC 2131, "The Dynamic Host Configuration Protocol DHCP provide...

10CVSS6.5AI score0.07968EPSS
Exploits0References4
CERT
CERT
•added 2005/01/14 12:0 a.m.•29 views

Veritas Backup Exec registration request buffer overflow

Overview Certain versions of Veritas Backup Exec 8.x and 9.x can be remotely exploited to allow execution of arbitrary code on affected servers. Description A buffer overflow exists in Veritas Backup Exec 8.x prior to 8.60.3878 Hotfix 68, and 9.x pritor to 9.1.4691 Hotfix 40. A stack-based buffer...

10CVSS7.5AI score0.81791EPSS
Exploits7References12
CERT
CERT
•added 2004/12/01 12:0 a.m.•29 views

SuSe Linux LibTIFF package vulnerable to buffer overflow

Overview The SuSe Linux version of LibTIFF is vulnerable to a buffer overflow that may allow a remote attacker to execute arbitrary code. Description SuSe LibTIFF is a library used to encode and decode images in Tag Image File Format TIFF format on SuSE systems. A lack of input validation in the...

10CVSS7.7AI score0.08088EPSS
Exploits0References3
CERT
CERT
•added 2004/11/03 12:0 a.m.•29 views

Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements

Overview Microsoft Internet Explorer IE contains a buffer overflow vulnerability that can be exploited to execute arbitrary code with the privileges of the user running IE. Description A heap buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of HTML elements...

10CVSS6.4AI score0.67061EPSS
Exploits4References12
CERT
CERT
•added 2004/09/16 12:0 a.m.•29 views

star fails to set proper permissions on programs specified in RSH environment variable

Overview Star can call external programs specified by the RSH environment variable. This may permit a malicious local user to gain elevated privileges. Description Star is a tape archiving program similar to tar. Star permits the use of storage devices on remote machines via an access program on...

7.2CVSS6.9AI score0.00433EPSS
Exploits0References2
CERT
CERT
•added 2004/07/14 12:0 a.m.•29 views

Microsoft Windows fails to properly process showHelp URLs

Overview A vulnerability in the showHelp Method may allow a remote attacker to execute arbitrary code. Description A cross domain vulnerability exists in the showHelp method that may permit a remote attacker to execute local commands on the system with the privileges of the current user...

7.5CVSS6.4AI score0.5261EPSS
Exploits1References1
CERT
CERT
•added 2004/05/13 12:0 a.m.•29 views

IEEE 802.11 wireless network protocol DSSS CCA algorithm vulnerable to denial of service

Overview The IEEE 802.11 wireless networking protocol contains a vulnerability that could allow a remote attacker to cause a denial of service to any wireless device within range. Description IEEE 802.11 wireless network protocols use a Clear Channel Assessment CCA algorithm to determine whether ...

5CVSS6.6AI score0.02336EPSS
Exploits0References5
CERT
CERT
•added 2004/05/13 12:0 a.m.•29 views

Multiple Symantec firewall products fail to properly process DNS response packets

Overview There is a vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted Domain Name Service DNS response packet could allow an unauthenticated, remote attacker to cause a denial of service condition. Description Symantec offers a suite of corporat...

2.6CVSS6.8AI score0.11048EPSS
Exploits0References3
CERT
CERT
•added 2004/04/16 12:0 a.m.•29 views

FTE fails to properly validate command line arguments

Overview FTE contains a vulnerability in the processing of command line arguments that could allow an attacker to execute arbitrary code. Description FTE is a text editor available for a variety of operating systems. There is a buffer overflow vulnerability in the way FTE performs bounds checking...

10CVSS7.2AI score0.0517EPSS
Exploits0References7
CERT
CERT
•added 2004/04/14 12:0 a.m.•29 views

Microsoft Windows Secure Sockets Layer (SSL) library vulnerable to DoS

Overview A vulnerability in the Microsoft Secure Sockets Layer library could allow a remote attacker to cause a denial-of-service condition on an affected system. Description The Secure Sockets Layer SSL protocol is commonly used to provide authentication, encryption, integrity, and non-repudiati...

5CVSS7.4AI score0.55583EPSS
Exploits0References1
CERT
CERT
•added 2004/03/25 12:0 a.m.•29 views

Ethereal IrDA dissector plugin fails to properly parse IRCOM_PORT_NAME parameter

Overview Ethereal contains a vulnerability in the way the Infrared Data Association IrDA dissector plugin parses the IRCOMPORTNAME parameter. Description Ethereal is a network traffic analysis package. It includes the ability to decode packets containing IrDA data. There is a vulnerability in the...

5CVSS7.4AI score0.67092EPSS
Exploits0References4
CERT
CERT
•added 2003/12/10 12:0 a.m.•29 views

Multiple web-based email services fail to filter malicious characters when the message contains cascading style sheet character escaping

Overview An attacker can send a specially crafted email message to a victim containing malicious scripting JavaScript, VBScript, JScript, etc., active content, or potentially HTML. When a victim views the message with scripting enabled, the victim's browser will then interpret this javascript whi...

6.3AI score
Exploits0References1
CERT
CERT
•added 2003/11/19 12:0 a.m.•29 views

Microsoft Internet Explorer execCommand method does not properly validate URL source

Overview Microsoft Internet Explorer IE does not properly determine the source of script used in URLs. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary...

7.5CVSS7.3AI score0.2768EPSS
Exploits0References16
CERT
CERT
•added 2003/11/05 12:0 a.m.•29 views

Oracle command-line program buffer overflow in argument handling

Overview A buffer overflow in some command-line utilities supplied with the Oracle Database Server could allow a local user to gain the privileges of the oracle system user. Description The Oracle 9 i Database Server package includes the oracle and oracleO command-line client programs to connect ...

4.6CVSS7.3AI score0.00855EPSS
Exploits0References4
CERT
CERT
•added 2003/10/16 12:0 a.m.•29 views

Microsoft Outlook Web Access (OWA) contains cross-site scripting vulnerability in the "Compose New Message" form

Overview There is a cross-site scripting vulnerability in Microsoft Outlook Web Access. Description The "Compose New Message" form of the Outlook Web Access OWA component of Microsoft Exchange 5.5 contains a cross-site scripting vulnerability. For more information about cross-site scripting...

4.3CVSS5.8AI score0.17357EPSS
Exploits0References4
CERT
CERT
•added 2003/10/09 12:0 a.m.•29 views

Hummingbird CyberDOCS sets insecure permissions on script source code files

Overview Hummingbird CyberDOCS running on Microsoft Internet Information Services IIS sets insecure permissions on script source code files. A remote attacker could read the contents of unprotected files. Description Hummingbird CyberDOCS Hummingbird DM is a web-based enterprise document manageme...

7.4AI score
Exploits0References1
CERT
CERT
•added 2003/09/10 12:0 a.m.•29 views

Microsoft Windows RPCSS Service contains heap overflow in DCOM activation routines

Overview There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. Description The Microsoft RPCSS Service is responsible for managing Remote Procedure Call RPC messages and is enabled by default on many version...

10CVSS8.1AI score0.37141EPSS
Exploits0References13
CERT
CERT
•added 2003/08/19 12:0 a.m.•29 views

Hewlett-Packard Company MPE/iX FTPSRVR does not properly validate certain commands

Overview A vulnerability in the FTP server included with the MPE/iX operating system may allow a remote attacker to gain unauthorized access. Description MPE/iX is an operating system produced by Hewlett-Packard Company. The FTP server included with MPE/iX FTPSRVR contains a vulnerability which m...

7.5CVSS6.5AI score0.02818EPSS
Exploits0References2
CERT
CERT
•added 2003/05/19 12:0 a.m.•29 views

Apple Mac OS X IPSec mechanism fails to handle certain incoming security policies that match by port

Overview Apple's Mac OS X IPSec implementation does not properly filter certain types of IP traffic. Description Apple Mac OS X contains an implementation of the IP Security Protocol IPSec. A vulnerability in this implementation may allow a remote attacker to exchange traffic with a host that...

7.5CVSS6.2AI score0.03215EPSS
Exploits0References4
CERT
CERT
•added 2003/04/16 12:0 a.m.•29 views

Heap overflow in Snort "stream4" preprocessor

Overview The Snort "stream4" preprocessor module contains a vulnerability that allows remote attackers to execute arbitrary code with the privileges of the user running Snort, typically root. Description Researchers at CORE Security Technologies have discovered a remotely exploitable heap overflo...

7.9AI score
Exploits0References4
CERT
CERT
•added 2003/03/19 12:0 a.m.•29 views

Adobe Acrobat PDF viewers contain flaw when loading and verifying plug-ins

Overview Acrobat plug-ins can be digitally signed to determine whether they should be loaded by Adobe Acrobat Reader at startup. This digital signature mechanism is not cryptographically strong and allows other potentially-malicious plug-in code to pretend to be certified by Adobe and be executed...

4.6CVSS6.7AI score0.00902EPSS
Exploits0References7
CERT
CERT
•added 2002/09/24 12:0 a.m.•29 views

Exim does not adequately validate user input thereby allow execution of arbitrary commands

Overview Under certain configurations, Exim may execute commands embedded in a mail message's From address. Description Exim is an open-source mail transport agent distributed by the University of Cambridge. Exim can be configured to route all incoming mail or mail to particular addresses through...

7.5CVSS6.8AI score0.06354EPSS
Exploits0References2
CERT
CERT
•added 2002/09/18 12:0 a.m.•29 views

Entrust GetAccess does not validate user input thereby allowing users to read arbitrary files

Overview Entrust GetAccess does not properly validate the CGI variable "LOCALE" and may be exploited to read arbitrary files on the server. Description Entrust GetAccess is a web software product for identifying users of a web site. Entrust GetAccess takes a CGI variable named "LOCALE" specifying...

7AI score
Exploits0References1
CERT
CERT
•added 2002/08/12 12:0 a.m.•29 views

Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) vulnerable to buffer overflow via _TT_CREATE_FILE()

Overview The Common Desktop Environment CDE ToolTalk RPC database server contains a buffer overflow condition that could let an attacker execute arbitrary code or cause a denial of service on a vulnerable system. The ToolTalk RPC database server typically runs with root privileges. Description A...

10CVSS7.8AI score0.23256EPSS
Exploits0References2
CERT
CERT
•added 2002/07/27 12:0 a.m.•29 views

Microsoft SQL Server installation process leaves sensitive information on system

Overview Microsoft SQL server versions 7.0 and 2000, as well as MSDE 1.0, may leave installation and log files on the server after the installation process is complete. These files may contain senstitive information such as passwords used during the install. Users with authenticated access to the...

4.6CVSS6.2AI score0.01697EPSS
Exploits0References6
CERT
CERT
•added 2002/07/26 12:0 a.m.•29 views

Microsoft SQL Server 2000 contains denial-of-service vulnerability in SQL Server Resolution Service

Overview Microsoft SQL Server 2000 contains a vulnerability that allows remote attackers to create a denial-of-service condition between two Microsoft SQL servers. Description The SQL Server Resolution Service SSRS was introduced in Microsoft SQL Server 2000 to provide referral services for...

5CVSS6.8AI score0.18289EPSS
Exploits0References11
CERT
CERT
•added 2002/06/25 12:0 a.m.•29 views

Microsoft SQLXML HTTP components vulnerable to cross-site scripting via root parameter

Overview A cross-site scripting vulnerability exists in the Microsoft SQLXML HTTP components. This vulnerability could allow an attacker to execute script on a victim's system with the victim's privileges. Description Microsoft SQL Server 2000 includes a feature called SQLXML that allows the serv...

7.5CVSS6.1AI score0.13893EPSS
Exploits0References4
CERT
CERT
•added 2002/06/05 12:0 a.m.•29 views

Yahoo! Messenger "addview" function allows for the automatic execution of malicious script contained in web pages

Overview Yahoo! Messenger is an instant messaging client. When installed, Yahoo! Messenger enables a URI handler ymsgr :parameter. The addview function of this handler can be used to execute arbitrary script/html on the local system. Description The addview feature of Yahoo! Messenger is used to...

7.5CVSS6.3AI score0.03871EPSS
Exploits0References2
CERT
CERT
•added 2002/06/04 12:0 a.m.•29 views

Oracle Reports Server Reports Web Cartridge (RWCGI60) vulnerable to buffer overflow via database name parameter

Overview A buffer overflow vulnerability in Oracle Reports Server 6i could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Reports Server process. Description Oracle Reports Server is a component of Oracle Application Server that handles client...

7.5CVSS9.5AI score0.09542EPSS
Exploits0References5
CERT
CERT
•added 2002/03/29 12:0 a.m.•29 views

GnuPG contains format-string vulnerability in handling of encrypted data filename

Overview Some versions of Gnu Privacy Guard GPG contain a format-string vulnerability from improper handling of filenames when decrypting files. Description GPG is an OpenPGP-compliant alternative to PGP to protect electronic communications using public-key cryptography. Versions of GPG prior to...

7.5CVSS6.9AI score0.13728EPSS
Exploits0References1
Total number of security vulnerabilities3702