3702 matches found
Yahoo! Webcam image upload ActiveX control vulnerable to arbitrary code execution
Overview The Yahoo! Webcam image upload ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Webcam is a component of Yahoo! Messenger that allows users to chat via webcams over a...
Authentium Command Antivirus odapi.dll multiple ActiveX buffer overflows
Overview Authentium Command Antivirus contains multiple ActiveX vulnerabilities, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Authentium Command Antivirus provides multiple ActiveX controls. Many of the ActiveX controls provided ...
Apple QuickTime for Java security bypass vulnerability
Overview Apple QuickTime for Java fails to properly restrict the instantiation and manipulation of Java objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime includes the ability to integrate QuickTim...
Microsoft Excel fails to properly process files with crafted filter records
Overview A vulnerability in Microsoft Excel could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to validate certain filter records contained in Excel documents. This flaw results in an unspecified memory corruption vulnerability that...
Apple Macintosh OS X fails to properly mount WebDAV filesystems
Overview A vulnerability in the way that Apple Macintosh OS X mounts WebDAV filesystems could allow a local attacker to execute commands with elevated privileges. Description Web-based Distributed Authoring and Versioning WebDAV is a set of extensions to the HTTP protocol which allows collaborati...
CA Brightstor ARCserve Backup fails to properly process RPC requests
Overview The Computer Associates BrightStor ARCserve Backup contains a buffer overflow in the handling of RPC data that may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retention tool that integrates with other BrightStor Data...
Apple CrashDump privilege escalation
Overview CrashReporter contains a privilege escalation vulnerability that may allow authenticated users to run commands as root. Description CrashReporter is a debugging facility in Apple OS X that logs information program crashes.CrashReporter contains a privilege escalation vulnerability. This...
Apple QuickTime QTIF heap buffer overflow
Overview Apple QuickTime is vulnerable to a heap buffer overflow which may allow an attacker to execute arbitrary code or crash the system. Description A vulnerability exists in the way Apple QuickTime handles specially crafted QuickTime Image QTIF files. According to Apple QuickTime 7.1.5 securi...
Mozilla layout engine contains multiple vulnerabilities
Overview The Mozilla layout engine contains multiple memory corruption vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, or create a denial of service condition. Description The Mozilla Foundation supports several Open Source projects, including the Mozilla,...
Macrovision / InstallShield InstallFromTheWeb buffer overflows
Overview Macrovision / InstallShield InstallFromTheWeb contains multiple buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description InstallShield InstallFromTheWeb is a web-based software installation product for Microsoft Windows systems...
Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control buffer overflows
Overview The Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control contains multiple buffer overflows, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Trend Micro OfficeScan comes with a web-based administration console that makes use...
Apple Type Services server font processing buffer overflow
Overview A stack-based buffer overflow in Apple Type Services server may allow attackers to execute arbitrary code. Description The Apple Type Services server fails to properly handle malformed font files possibly allowing a stack-based buffer overflow to occur. Note that according to Apple, font...
Symantec products fail to properly limit device driver access to kernel memory
Overview Certain device drivers included with Symantec products fail to properly verify address space within the "IOCTL" handlers. Description Symantec provides Anti-Virus and Internet Security products that are designed to protect users. According to Symantec Security Response SYM06-020:A...
Apple Mac OS X JPEG2000 image handling buffer overflow
Overview Apple Mac OS X fails to properly handle JPEG2000 files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple ImageIO is an image processing framework that was introduced in OS X 10.4 Tiger...
IBM Access Support eGatherer ActiveX control buffer overflow
Overview The IBM Access Support eGatherer ActiveX control contains a buffer overflow vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The IBM Access Support eGatherer ActiveX control has the ability to collect system...
Microsoft PowerPoint fails to properly handle malformed records
Overview Microsoft PowerPoint fails to properly handle malformed records allowing a buffer overflow to occur. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint fails to properly handle malformed records. Specifically,...
Microsoft Internet Explorer source element cross-domain vulnerability
Overview Microsoft Internet Explorer fails to properly handle redirects for source elements. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Cross-Domain Security Model IE uses a cross-domain security model to maintain separation between browser...
Apple Mac OS X ImageIO contains undetected memory failure in GIF image handling
Overview The Apple Mac OS X ImageIO framework contains a memory allocation flaw that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to...
Cisco Router Web Setup (CRWS) contains an insecure default IOS configuration
Overview A vulnerability in the Cisco Router Web Setup CRWS web configuration tool on some Cisco 800 and SOHO series routers may allow remote execution of system-level commands with no authentication. Description Cisco Router Web Setup Tool The Cisco Router Web Setup tool, or CRWS, provides a GUI...
Mozilla CSS integer overflow vulnerability
Overview Mozilla products contain an integer overflow that could allow a remote, unauthenticated attacker to execute arbitrary code. Description Cascading Style SheetsCSS is a mechanism for adding style to web documents. The problem Mozilla products contain an integer overflow in the CSS letter...
Microsoft Internet Explorer fails to properly handle HTML elements with a specially crafted tag
Overview Microsoft Internet Explorer IE fails to properly handle HTML element tags, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description IE fails to properly handle HTML element tags. When a specially crafted HTML file is opened in IE, system memory can be...
Apple QuickTime TIFF image "StripByteCounts" integer overflow
Overview Apple QuickTime contains an integer overflow vulnerability in the handling of TIFF images, which may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Description Apple's QuickTime Player is multimedia software that...
Oracle Database Server buffer overflow in Security Component
Overview The Oracle Database Server Security Component contains a buffer overflow. Exploitation may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description A lack of input validation in the Oracle Database Server Security Component may allow a buffer...
unace buffer overflow vulnerability
Overview A buffer overflow in the unace compression library may allow a remote attacker to execute arbitrary code. Description The unace compression library is used to decompress ace archives .ace file extension. A lack of input validation on filenames in an ace archive may allow a buffer overflo...
Adobe Acrobat contains a remotely exploitable buffer overflow
Overview A buffer overflow in Adobe Acrobat/Acrobat Reader may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition Description Adobe Acrobat is a suite of applications that allow users to manipulate PDF Portable Document Format files. A buffer within a core...
EMC Legato NetWorker uses weak AUTH_UNIX authentication
Overview EMC Legato NetWorker uses weak AUTHUNIX authentication, allowing a remote attacker to execute arbitrary commands, gain elevated privileges, or cause a denial of service. Description EMC Legato NetWorker is a cross-platform backup and recovery application. It is also repackaged by Sun...
Microsoft Agent vulnerable to trusted site spoofing
Overview Microsoft Agent contains a vulnerability that could allow a remote attacker to spoof trusted Internet content. Description Microsoft Agent is a software extension that enhances user interaction through the use of interactive personalities in the form of animated characters. Applications...
Cisco ACNS may be vulnerable to DoS via malformed IP packets
Overview A vulnerability in Cisco ACNS may allow a remote attacker to cause a denial of service on an affected device. Description Cisco Application and Content Networking System ACNS is an integrated caching and content-delivery platform. Specially crafted IP packets can cause excessive CPU...
RSA Authentication Agent for Web for IIS vulnerable to heap overflow via overly large "chunk"
Overview RSA Authentication Agent for Web for IIS contains a heap overflow in the handling of chunked input. This could allow a remote, unauthenticated attacker to execute arbitrary code on the server. Description RSA Authentication Agent software provides access control for networks, web...
Multiple web browsers vulnerable to spoofing via Internationalized Domain Name support
Overview Multiple web browsers are vulnerable to spoofing attacks through the use of Internationalized Domain Names. Other applications such as email programs may also be vulnerable. Description The Domain Name System The Domain Name System DNS provides name, address, and other information about...
McAfee Scan Engine vulnerable to buffer overflow in LHA decoder
Overview A buffer overflow vulnerability in the McAfee Virus Scan Engine may allow a remote attacker to execute arbitrary code on an affected system. Because the vulnerability exists in a core component, a number of different McAfee products are affected. Description The McAfee Antivirus products...
NotifyLink server provides inadequate protection for cryptographic key material
Overview The NotifyLink key exchange protocol contains a vulnerability that significantly reduces the strength of cryptographic keys used to encrypt mail messages. Description Notify Technology NotifyLink Enterprise Server allows users to synchronize e-mail between a PDA and a mail server. The...
OpenConnect Webconnect MS-DOS device name denial-of-service
Overview OpenConnect WebConnect may stop responding after processing an HTTP request with an MS-DOS device name in it. Description OpenConnect Webconnect provides secured web access and emulation services for backend mainframes and UNIX servers. Versions of Webconnect prior to 6.4.5 and 6.5.1...
Microsoft License Logging Service buffer overflow
Overview A vulnerability in a component of some server versions of Microsoft Windows could allow a remote attacker to execute code on a vulnerable system. Description Microsoft's License Logging Service LLS assists in the management of licenses for some Microsoft server products. An error in the...
Multiple implementations of LDAP Directory Server vulnerable to buffer overflow
Overview A buffer overflow in some implementations of the LDAP protocol may allow a remote unauthenticated attacker to execute arbitrary code. Description The Lightweight Directory Access Protocol LDAP is a protocol for accessing network based directories. A lack of bounds checking in some...
freeRADIUS Server vulnerable to a denial-of-service attack
Overview Multiple vulnerabilities in freeRADIUS Server may allow attackers to cause a denial-of-service condition. Description The Remote Authentication Dial In User Service RADIUS protocol is used for remote user authentication and accounting. freeRADIUS Server is an popular open-source RADIUS...
Oracle Database Server contains several vulnerabilities
Overview Several vulnerabilities exist in the Oracle Database Server and Listener. According the the Oracle Security Alert, exploitation of these vulnerabilities would require the attacker to have network access, but not a valid user account on the vulnerable system. Description Oracle Database 1...
Perl vulnerable to buffer overflow in win32_stat()
Overview A flaw in a standard function in some Perl distributions could allow an attacker to execute arbitrary code on the vulnerable system. Description The stat Perl function, similar to the standard C stat function, returns a list giving the status info for a file. Since the stat function is...
Gaim contains an integer overflow vulnerability when parsing DirectIM packets
Overview There is an integer overflow vulnerability in the handlehdrodc function, which could allow an unauthenticated, remote attacker to cause a denial of service or potentially execute arbitrary code. Description Gaim is a multi-protocol instant messenger client available for a number of...
Gaim fails to properly validate the "value" parameter in the Yahoo login webpage
Overview There is a buffer overflow vulnerability in the way the Gaim yahoologinpagehash function parses the "value" parameter in the Yahoo login webpage. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of instant messaging...
Gaim contains a buffer overflow vulnerability in the http_canread() function
Overview There is a buffer overflow vulnerability in the Gaim httpcanread function, which could allow an unauthenticated, remote attacker to execute arbitrary code. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It provides a feature that allow...
BEA WebLogic Server internal methods may disclose sensitive information
Overview There is a vulnerability in BEA WebLogic Server that could allow users to obtain the credentials of the user who booted the server. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and managing...
Microsoft Windows ASN.1 library contains a memory management vulnerability
Overview Microsoft's ASN.1 library contains a memory management error that could be exploited by a remote attacker to cause a denial-of-service situation, or execute arbitrary code. Description Microsoft's ASN.1 library contains a memory management error, potentially a "double-free" condition. By...
Microsoft Windows XP creates tasks with elevated privileges
Overview Microsoft Windows XP contains a vulnerability in the way that tasks are created that may permit an authenticated user to launch applications with elevated privileges. Description Microsoft Windows creates tasks when a user launches an application. A vulnerability in the way that Windows ...
HP-UX shar utility creates files with predictable names in "/tmp" directory
Overview The shar program distributed with some versions of the HP-UX operating system creates files insecurely. This vulnerability could allow local users to gain escalated privilege on the system. Description shar is a program commonly available on UNIX systems to create a shell script that wil...
tcpdump contains vulnerability in ISAKMP decoding routine
Overview tcpdump contains a vulnerability in the way it decodes Internet Security Association and Key Management Protocol ISAKMP packets. Description tcpdump is a widely-used network sniffer that is capable of decoding ISAKMP packets. A vulnerability exists in the way tcpdump parses specially...
Oracle command-line program buffer overflow in argument handling
Overview A buffer overflow in some command-line utilities supplied with the Oracle Database Server could allow a local user to gain the privileges of the oracle system user. Description The Oracle 9 i Database Server package includes the oracle and oracleO command-line client programs to connect ...
OpenSSL accepts unsolicited client certificate messages
Overview OpenSSL accepts unsolicited client certificate messages. This could allow an attacker to exploit underlying vulnerabilities in client certificate handling. Description OpenSSL implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols and includes a general-purpos...
Microsoft Internet Explorer and Outlook Express MHTML rendering engine incorrectly executes script in Local Computer Zone
Overview There is an MHTML input validation vulnerability in Outlook Express that may lead to arbitrary command and code execution in the Local Computer Zone of a victim host. Description Microsoft systems use components of Microsoft Outlook Express to render MHTML MIME Encapsulation of Aggregate...
RealNetworks Helix Universal Server vulnerable to buffer overflow when supplied an overly long string within the "Transport" field of a SETUP RTSP request
Overview The RealNetworks' Helix Universal Server supports delivery of several different media types via RTSP Real Time Streaming Protocol. Vulnerabilities have been discovered in the way it handles some RTSP requests. These vulnerabilities could allow a remote attacker to execute arbitrary code ...