Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
added 2007/02/23 12:0 a.m.28 views

Mozilla Firefox fails to properly handle JavaScript onUnload events

Overview Mozilla Firefox does not properly handle JavaScript onUnload events. This vulnerability may lead to memory corruption that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The JavaScript onUnload event is executed when the brows...

9.3CVSS6.6AI score0.07069EPSS
Exploits1References5
CERT
CERT
added 2007/02/15 12:0 a.m.28 views

Microsoft Windows Shell vulnerable to privilege escalation

Overview A vulnerability in Microsoft Windows Shell may allow an attacker to gain access with escalated privileges. Description The Microsoft Windows Shell Hardware Detection service provides notification for AutoPlay hardware events. This service fails to properly validate a function parameter i...

7.2CVSS6.1AI score0.02571EPSS
Exploits0References3
CERT
CERT
added 2007/01/31 12:0 a.m.28 views

Computer Associates BrightStor ARCserve Backup LGSERVER.EXE stack buffer overflow

Overview Computer Associates BrightStor ARCserve Backup contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Computer Associates BrightStor ARCserve Backup products come with a service called LGSERVER.EX...

10CVSS6.8AI score0.7924EPSS
Exploits7References6
CERT
CERT
added 2007/01/30 12:0 a.m.28 views

Voice mail systems allow administrative access based on Caller ID

Overview Certain voice mail systems trust Calling Number Identification CNID, Caller ID to authenticate administrative access to voice mail accounts. Caller ID can be easily spoofed, allowing an attacker to gain control over a vulnerable voice mailbox. Description Some voice mail systems use Call...

7.4AI score
Exploits0References6
CERT
CERT
added 2006/12/15 12:0 a.m.28 views

Yahoo Messenger YMailAttach ActiveX control buffer overflow

Overview The Yahoo Messenger YMailAttach ActiveX control contains a buffer overflow, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo Messenger is an instant messaging application. Yahoo Messenger includes several ActiveX...

9.3CVSS7.3AI score0.06554EPSS
Exploits0References4
CERT
CERT
added 2006/12/15 12:0 a.m.28 views

Symantec Veritas NetBackup bpcd daemon fails to properly validate commands

Overview Symantec Veritas NetBackup is vulnerable to command chaining, which may allow a remote, authenticated attacker to execute arbitrary commands on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon fails t...

10CVSS7AI score0.04235EPSS
Exploits4References4
CERT
CERT
added 2006/11/16 12:0 a.m.28 views

Sky Software FileView ActiveX control allows arbitrary command execution via unsafe methods

Overview The Sky Software FileView ActiveX control contains unsafe methods, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Sky Software FileView object is an ActiveX control that is provided with several applications, such as...

4CVSS6.8AI score0.602EPSS
Exploits5References4
CERT
CERT
added 2006/10/26 12:0 a.m.28 views

Microsoft Internet Explorer 7 may allow address bar spoofing

Overview Internet Explorer 7 may allow address bar spoofing in pop-up windows. This could let an attacker spoof the address of a web site. Description Internet Explorer 7 includes a new feature called "Address bar protection." This makes sure that every window, including pop-ups, will present an...

6.2AI score
Exploits0References5
CERT
CERT
added 2006/10/17 12:0 a.m.28 views

NVIDIA Display Driver for Unix systems vulnerable to buffer overflow

Overview A vulnerability in the NVIDIA Display Driver for Unix systems may allow a remote attacker to execute code on a vulnerable system. Description The NVIDIA Display Driver for Unix systems provides access to the display adapter's accelerated features on supported systems, and includes a modu...

7.5CVSS7.5AI score0.26046EPSS
Exploits1References3
CERT
CERT
added 2006/10/05 12:0 a.m.28 views

McAfee HTTP Server vulnerable to buffer overflow

Overview A stack-based buffer overflow exists in the McAfee HTTP server that may allow a remote, unauthenticated attacker to execute arbitrary code. Description The McAfee HTTP server NAISERV.exe is used in McAfee products, such as McAfee ePolicy Orchestrator and Protection Pilot. The McAfee HTTP...

8.1AI score
Exploits0References2
CERT
CERT
added 2006/09/27 12:0 a.m.28 views

Roller Weblogger contains a cross-site scripting vulnerability

Overview A cross-site scripting vulnerability in Roller Weblogger may allow an attacker to read or modify data in web pages and cookies. Description There is a cross-site scripting vulnerability in the way that Roller handles data supplied in the comments section of a web page running the Roller...

4.3CVSS5.4AI score0.02467EPSS
Exploits0References2
CERT
CERT
added 2006/09/13 12:0 a.m.28 views

Apple QuickTime movie buffer overflow vulnerability

Overview A buffer overflow vulnerability in the way Apple QuickTime handles movie files could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description A buffer overflow vulnerability in QuickTime for Windows and Mac OS X may allow an attacker to execut...

5.1CVSS7.5AI score0.06636EPSS
Exploits0References3
CERT
CERT
added 2006/09/13 12:0 a.m.28 views

Apple QuickTime fails to properly handle FlashPix files

Overview Apple QuickTime fails to properly handle FlashPix files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and remot...

5.1CVSS7.5AI score0.07253EPSS
Exploits1References4
CERT
CERT
added 2006/08/21 12:0 a.m.28 views

Symantec Veritas Backup Exec for Windows Server vulnerable to heap-based buffer overflow

Overview Symantec Veritas Backup Exec for Windows Server contains multiple heap-based buffer overflow vulnerabilities which can allow a remote, authenticated attacker to cause a denial of service or execute arbitrary code. Description VERITAS Backup Exec for Windows Server is a data backup and...

6.5CVSS8.4AI score0.05691EPSS
Exploits0References4
CERT
CERT
added 2006/08/08 12:0 a.m.28 views

Microsoft Windows fails to properly parse the MHTML protocol

Overview Microsoft Windows fails to properly handle MHTML. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description MHTML According to Microsoft Security Bulletin MS06-043: MHTML extends HTML to embed encoded objects, such as images, in the HTML...

2.6CVSS6.8AI score0.47919EPSS
Exploits1References1
CERT
CERT
added 2006/08/08 12:0 a.m.28 views

Microsoft Hyperlink Object Library buffer overflow

Overview A vulnerability in Microsoft Hyperlink Object Library may allow a remote attacker to execute arbitrary code on an affected system. Description The Hyperlink Object Library is a collection of application programming interfaces that provide functionality for handling hyperlinks. The...

9.3CVSS7.5AI score0.11825EPSS
Exploits0References1
CERT
CERT
added 2006/08/07 12:0 a.m.28 views

Intel Centrino wireless network drivers fail to properly handle malformed frames

Overview Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Microsoft Windows drivers for Intel Centrino 2200BG and 2915ABG PRO wireless...

5.1CVSS6.8AI score0.04611EPSS
Exploits1References10
CERT
CERT
added 2006/08/02 12:0 a.m.28 views

Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted Radiance image

Overview The Apple Mac OS X ImageIO framework contains an integer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to process...

5.1CVSS7.5AI score0.02636EPSS
Exploits1References2
CERT
CERT
added 2006/06/30 12:0 a.m.28 views

Apple iTunes fails to properly parse AAC files

Overview Apple iTunes does not properly parse AAC files. This vulnerability may allow a remote attacker to execute arbitrary code. Description Apple iTunes Apple iTunes is a digital media player available for the Microsoft Windows and Mac OS X operating systems. Advanced Audio Coding AAC file...

5.1CVSS7.2AI score0.06891EPSS
Exploits0References3
CERT
CERT
added 2006/06/13 12:0 a.m.28 views

Microsoft Outlook Web Access for Exchange Server script injection vulnerability

Overview A script injection vulnerability exists in Microsoft Exchange Server running Outlook Web Access. Description Microsoft Outlook Web Access OWA is a service of Exchange Server. OWA allows authorized users to read and send email, manage their calendar, and perform other functions on an...

2.6CVSS6.5AI score0.39173EPSS
Exploits0References1
CERT
CERT
added 2006/06/13 12:0 a.m.28 views

Microsoft DXImageTransform Light filter fails to validate input

Overview The Microsoft DXImageTransform Light COM object fails to validate input, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft COMMicrosoft COM is a technology that allows programmers to create reusable software components that can be...

9.3CVSS6.6AI score0.40296EPSS
Exploits0References5
CERT
CERT
added 2006/04/17 12:0 a.m.28 views

Mozilla JavaScript cloned parent vulnerability

Overview Mozilla products fail to properly restrict access to a JavaScript functions cloned parent. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-15: it was possible to use the...

6.8CVSS6.9AI score0.06826EPSS
Exploits1References3
CERT
CERT
added 2006/04/11 12:0 a.m.28 views

Microsoft Windows fails to properly handle COM objects

Overview Microsoft Windows fails to properly handle COM Objects. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft COM Microsoft COM is a technology that allows programmers to create reusable software components...

5.1CVSS7.1AI score0.24069EPSS
Exploits0References3
CERT
CERT
added 2005/10/19 12:0 a.m.28 views

Oracle products contain multiple vulnerabilities

Overview Multiple vulnerabilities exist in numerous Oracle products. The severity and impacts of these vulnerabilities are varied and may include remote execution of arbitrary code, the disclosure of sensitive information, and denial-of-service conditions. Description Multiple vulnerabilities exi...

7.3AI score
Exploits0References2
CERT
CERT
added 2005/09/20 12:0 a.m.28 views

TWiki does not properly sanitize URI parameters

Overview A lack of input validation in the TWiki revision control function may allow a remote, unauthenticated attacker to execute arbitrary commands. Description TWiki is a web-based collaborative publishing environment. TWiki does not sanitize user-controlled URI parameters supplied to the...

7.5CVSS6.9AI score0.71104EPSS
Exploits8References5
CERT
CERT
added 2005/08/24 12:0 a.m.28 views

pam_ldap authentication bypass vulnerability

Overview An error in the pamldap password policy control may allow a remote attacker to gain access to a system. Description pamldap provides LDAP authentication services for UNIX-based systems. A vulnerability in pamldap may allow a remote attacker to bypass the authentication mechanism. If a...

7.5CVSS6.6AI score0.03645EPSS
Exploits0References2
CERT
CERT
added 2005/08/17 12:0 a.m.28 views

Apple Mac OS X AppKit vulnerable to buffer overflow via maliciously crafted Microsoft Word files

Overview A buffer overflow vulnerability exists in a component of Apple's Mac OS X operating system that handles Microsoft Word files. Description The Cocoa Application Framework also referred to as the Application Kit, or AppKit is one of the core Cocoa frameworks supplied with Apple's Mac OS X...

5.1CVSS9.4AI score0.03343EPSS
Exploits0References3
CERT
CERT
added 2004/10/19 12:0 a.m.28 views

PhpWebSite contains multiple cross-site scripting vulnerabilities

Overview PhpWebSite contains multiple cross-site scripting vulnerabilities that may allow an attacker to execute arbitrary code on users' web browser. Description PhpWebSite is an open-source web content management system. Certain PhpWebSite modules fail to properly filter URLs for malicious...

6.8CVSS6.5AI score0.02728EPSS
Exploits0References10
CERT
CERT
added 2004/10/18 12:0 a.m.28 views

Microsoft Internet Explorer fails to honor "Drag and Drop" zone security preference

Overview The Internet Explorer IE zone security preference for "Drag and drop or copy and paste files" is not honored with Windows XP and Windows Server 2003. Description IE provides several settings for the various security zones. These settings can prevent certain actions from taking place in...

4.6CVSS6.7AI score0.0419EPSS
Exploits0References4
CERT
CERT
added 2004/08/02 12:0 a.m.28 views

Check Point VPN-1 products contain boundary error in the ASN.1 decoding library

Overview A vulnerability exists in Check Point's VPN-1 Server, which is included in many Check Point products. This vulnerability may permit a remote attacker to compromise the gateway system. Description Check Point VPN-1 Server is a Virtual Private Network VPN application. A buffer overflow...

7.5CVSS6.6AI score0.05947EPSS
Exploits0References4
CERT
CERT
added 2004/06/21 12:0 a.m.29 views

Apple Mac OS X vulnerable to privilege escalation when using Directory Services

Overview A vulnerability in Mac OS X may permit a local authenticated user with physical access to the machine to gain elevated privileges. Description Mac OS X permits the remote authentication of users via directory sevices lookups. When a user logs in to a machine configured to use the Directo...

7.2CVSS6.2AI score0.00447EPSS
Exploits0References4
CERT
CERT
added 2004/05/11 12:0 a.m.28 views

Microsoft Help and Support Center (HCP) fails to properly validate HCP URLs

Overview The Microsoft Help and Support Center HCP fails to properly handle HCP URL validation. Exploitation of this vulnerability may permit remote attackers to execute arbitrary code on the system with the privileges of the current user. Description Microsoft Windows XP and Server 2003 Help and...

5.1CVSS6.9AI score0.26133EPSS
Exploits1References2
CERT
CERT
added 2004/04/23 12:0 a.m.28 views

BEA WebLogic Server configuration wizard stores administrative credentials in clear text log files

Overview There is a vulnerability in BEA WebLogic Server in which a user with access to log files generated by the configuration wizard could obtain the administrative username and password. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure fo...

6.7AI score
Exploits0References3
CERT
CERT
added 2004/03/01 12:0 a.m.28 views

WinZip vulnerable to buffer overflow in handling of MIME archive parameters

Overview A buffer overflow vulnerability in the WinZip program could allow a remote attacker to execute arbitrary code on a vulnerable system. Description WinZip Computing, Inc.'s WinZip is a popular utility for creating and extracting a variety of archive file formats on Microsoft Windows-based...

8.1AI score
Exploits0References2
CERT
CERT
added 2004/02/24 12:0 a.m.28 views

metamail contains multiple buffer overflow vulnerabilities

Overview Multiple buffer overflows in the metamail package could allow a remote attacker to execute arbitrary code on a vulnerable system. An attacker may be able to exploit these vulnerabilities via a specially-crafted email message. Description The metamail package is one of the first widely...

7.5CVSS7.5AI score0.08227EPSS
Exploits0References1
CERT
CERT
added 2004/02/24 12:0 a.m.28 views

Microsoft Virtual PC for Mac insecurely handles temporary file

Overview A component program of Microsoft Virtual PC for Mac uses an insecure method for handling a temporary file. This could allow an attacker with local system access to gain elevated privileges. Description Microsoft Virtual PC for Mac is a product that allows users of the Apple MacOS X...

4.6CVSS5.8AI score0.01531EPSS
Exploits0References3
CERT
CERT
added 2003/10/10 12:0 a.m.28 views

Microsoft Windows fails to properly validate buffer size of incoming SMB packets

Overview Microsoft's implementation of Server Message Block SMB contains a buffer overflow vulnerability that could permit a remote attacker to execute arbitrary code or cause a denial of service. Description SMB and the Common Internet File System CIFS are closely related protocols used sharing...

7.5CVSS7.8AI score0.34496EPSS
Exploits0References6
CERT
CERT
added 2003/09/10 12:0 a.m.28 views

Microsoft Windows RPCSS Service contains heap overflow in DCOM request filename handling

Overview There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. Description The Microsoft RPCSS Service is responsible for managing Remote Procedure Call RPC messages and is enabled by default on many version...

10CVSS8.1AI score0.37799EPSS
Exploits0References12
CERT
CERT
added 2003/08/21 12:0 a.m.28 views

Cisco Secure PIX Firewall TCP Reset Vulnerability

Overview A vulnerability in Cisco's Secure PIX Firewall may allow a remote attacker to reset arbitrary TCP sessions. Description Cisco describes the Secure PIX Firewall as, "an easy-to-install, integrated hardware/software firewall appliance". A vulnerability in the Secure PIX Firewall may allow ...

5CVSS6.5AI score0.09181EPSS
Exploits0References2
CERT
CERT
added 2003/07/28 12:0 a.m.28 views

Microsoft SQL Server becomes unresponsive when large packet is sent to specific named pipe

Overview A vulnerability in Microsoft SQL Server may allow a local attacker to cause a denial of service. An exploit for this vulnerability is publicly available. Description Microsoft describes SQL Server as, "a fully enterprise-class database product, providing core support for Extensible Marku...

5CVSS6.5AI score0.36179EPSS
Exploits0References5
CERT
CERT
added 2003/07/24 12:0 a.m.28 views

Microsoft SQL Server vulnerable to buffer overflow

Overview Microsoft SQL Server contains a buffer overflow vulnerability. A local attacker could leverage this vulnerability to gain elevated privileges and/or execute arbitrary code. Description Quoting from Microsoft Security Bulletin MS03-031:A flaw exists in a specific Windows function that may...

7.2CVSS7.7AI score0.04126EPSS
Exploits0References12
CERT
CERT
added 2003/07/17 12:0 a.m.28 views

Microsoft Windows Active Directory fails to handle long LDAP requests

Overview A flaw has been discovered in the way that Microsoft's Active Directory service handles large LDAP requests. This flaw could result in a denial-of-service vulnerability. Description The directory services provided by Microsoft's Active Directory are based on the Lightweight Directory...

7.5CVSS6.7AI score0.26626EPSS
Exploits0References4
CERT
CERT
added 2003/04/14 12:0 a.m.28 views

Oracle E-Business Suite Report Review Agent (RRA) allows arbitrary files to be retrieved with no authentication

Overview A vulnerability in Oracle's E-Business Suite Report Review Agent RRA allows arbitrary files to be retrieved with no authentication. Description A vulnerability exists in the Oracle E-Business Suite Report Review Agent RRA. This vulnerability may allow a remote attacker to retrieve...

6.7AI score
Exploits0References5
CERT
CERT
added 2003/03/21 12:0 a.m.28 views

Buffer Overflow in SGI IRIX syslogd

Overview A remotely exploitable buffer overflow in SGI IRIX syslogd may allow an attacker to crash syslogd or execute arbitrary code. Description There is a remotely exploitable buffer overflow in SGI IRIX syslogd. For more detailed information please see SGI Security Advisory 20020405-01-I. ---...

5CVSS7.6AI score0.01348EPSS
Exploits0References2
CERT
CERT
added 2003/02/05 12:0 a.m.28 views

Sun Solaris lockd(1M) daemon vulnerable to DoS

Overview A remotely exploitable denial-of-service vulnerability exists in the Solaris lockd1M daemon. Exploitation of this vulnerability may kill the lockd process. Description Sun Microsystems describes the lockd1M daemon as follows:The lockd utility is part of the NFS lock manager, which suppor...

5CVSS6AI score0.01798EPSS
Exploits0References4
CERT
CERT
added 2003/01/31 12:0 a.m.28 views

MIT Kerberos V5 allows inter-realm user impersonation by malicious realm controllers with shared keys

Overview MIT Kerberos V5 contains a flaw that allows the controller of one Kerberos realm to impersonate users in a second realm. Description MIT Kerberos V5 releases prior to 1.2.3 contain a vulnerability that allows users from one realm to impersonate users from other non-local realms that use...

7.5CVSS9.6AI score0.03554EPSS
Exploits0References2
CERT
CERT
added 2003/01/24 12:0 a.m.28 views

Web servers enable HTTP TRACE method by default

Overview The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. Attackers could leverage this behavior to access sensitive information, such as cookies or authentication data, contained in the HTTP headers of the request. Description The HTTP...

6.8AI score
Exploits0References14
CERT
CERT
added 2002/10/15 12:0 a.m.28 views

State-based firewalls fail to effectively manage session table resource exhaustion

Overview There is a vulnerability in several state-based firewall products that allows arbitrary remote attackers to conduct denial of service attacks against vulnerable firewalls. Description Many firewall products use state tables to determine whether a given packet belongs to an existing sessi...

7.2AI score
Exploits0References3
CERT
CERT
added 2002/10/11 12:0 a.m.28 views

Microsoft Java implementation JDBC classes do not properly validate DLL requests

Overview The Java Database Connectivity JDBC classes of Microsoft's Java virtual machine VM do not properly validate DLL requests, allowing a malicious applet to load and execute any DLL on the client system. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and XP. It is used...

7.5CVSS6.3AI score0.41356EPSS
Exploits0References2
CERT
CERT
added 2002/09/27 12:0 a.m.28 views

WebBoard does not adequately validate user input thereby permitting arbitrary JavaScript execution

Overview WebBoard does not adequately validate user input, allowing attackers to execute arbitrary JavaScript code on other WebBoard users' systems. Description WebBoard is a web application which includes a real-time chat server, using JavaScript alerts to display messages received by other user...

5CVSS7.1AI score0.0521EPSS
Exploits1References1
Total number of security vulnerabilities3702