Mozilla products vulnerable to memory corruption in the browser engine

Overview A number of vulnerabilities in the Mozilla browser engine may allow the execution of arbitrary code or denial of service. Description The Mozilla browser engine contains several vulnerabilities that may result in memory corruption. The impact of this memory corruption in specific cases i...

Mozilla products vulnerable to memory corruption in the JavaScript engine

Overview A number of vulnerabilities in the Mozilla JavaScript engine may allow the execution of arbitrary code or denial of service. Description The Mozilla JavaScript engine contains several vulnerabilities that may result in memory corruption. The impact of this memory corruption in specific...

Mozilla XUL web applications may hide the titlebar

Overview Mozilla's XUL contains a vulnerability that may allow a web application to cover an active window's titlebar. Description XUL is Mozilla's XML-based user interface language. XUL can be used to create Mozilla applications, extensions, and web applications.From Mozilla Foundation Security...

Cisco IOS LPD buffer overflow vulnerability

Overview The Cisco IOS Line Printer Daemon contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition . Description The Cisco IOS includes support for the UNIX Line Printer Daemon...

Electronic Arts SnoopyCtrl ActiveX control and plug-in stack buffer overflows

Overview The Electronic Arts SnoopyCtrl ActiveX control and plug-in contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Electronic Arts EA.com provides an ActiveX control and Netscape-style...

Sun Java JRE vulnerable to unauthorized network access

Overview The Sun Java Runtime Environment JRE contains a vulnerability that may allow unintended access to network resources. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for multiple...

Google Gmail cross-site request forgery vulnerability

Overview According to public reports, Google Gmail contained a cross-site request forgery XSRF vulnerability that allowed attackers to create email filters that could forward mail and attachments to arbitrary email addresses. Description Google Gmail is a web-based mail service. Gmail provides...

Microsoft MFC FindFile function heap buffer overflow

Overview A buffer overflow vulnerability in the Microsoft Foundation Class MFC Library could allow an attacker to execute arbitrary code on an affected system. Description The Microsoft Foundation Class MFC Library is a Microsoft library that wraps parts of the Windows API in C++ classes. The MFC...

PhotoChannel Networks Photo Upload Plugin ActiveX control stack buffer overflows

Overview The PhotoChannel Networks Photo Upload Plugin ActiveX control contains multiple buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description PNI Digital Media, which is a division of PhotoChannel Networks, provides pho...

Apple QuickTime remote command execution vulnerability

Overview Apple QuickTime contains a vulnerability that may allow an attacker to pass arbitrary commands to other applications. Description Apple QuickTime is a media player that is available for Microsoft Windows and Apple OS X. Apple QuickTime includes browser plugins for Internet Explorer,...

Callisto PhotoParade Player PhPInfo ActiveX control buffer overflow

Overview The Callisto PhotoParade Player PhPInfo ActiveX control contains a buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Callisto PhotoParade Player includes an ActiveX control called PhPinfo. The ActiveX control...

Microsoft Windows Services for UNIX privilege escalation vulnerability

Overview Microsoft Windows Services for UNIX contains a vulnerability that may allow a local, authenticated attacker to gain elevated privileges. Description Windows Services for UNIX fails to properly handle setuid binary files. An attacker may be able to trigger this vulnerability by running a...

Microsoft Agent fails to properly handle specially crafted URLs

Overview Microsoft Agent fails to properly handle specially crafted URLs, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system Description Microsoft Agent is software that provides animated characters to enhance interaction with computer systems...

Web sites may transmit authentication tokens unencrypted

Overview Web services that rely on cookies for authentication may be vulnerable to an authentication bypass vulnerability. Some web sites transmit authentication material often cookies without encrypting the entire session, even when the authentication material is initially set over an encrypted...

VUPlayer malformed playlist buffer overflow

Overview VUPlayer fails to properly handle malformed playlists. This vulnerability may allow a remote attacker to execute arbitrary code. Description VUPlayer is a freeware audio player for the Microsoft Windows platform. It can play various types of media files, such as MP3s. A Playlist .PLS or...

Earth Resource Mapping NCSView ActiveX control stack buffer overflows

Overview The Earth Resource Mapping NCSView ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Earth Resource Mapping NCSView ActiveX control, which is provided by...

Cisco Adaptive Security Appliance insecurely logs passwords

Overview The Cisco Adaptive Security Appliance ASA firewall may log user credentials, including passwords, as plain text when AAA authentication is enabled. Description The Cisco Adapative Security Appliance ASA is a firewall with Intrusion Protection System IPS, Stateful Packet Inspection SPI, a...

Intuit QuickBooks Online Edition ActiveX control stack buffer overflows

Overview The Intuit QuickBooks Online Edition ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Intuit QuickBooks Online Edition is a version of QuickBooks that functions withi...

Intuit QuickBooks Online Edition ActiveX control fails to properly restrict access to methods

Overview The Intuit QuickBooks Online Edition ActiveX control fails to properly restrict access to dangerous methods, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Intuit QuickBooks Online Edition is a version of QuickBooks that is implemented a...

Broderbund Expressit 3DGreetings Player ActiveX control buffer overflows

Overview The Broderbund Expressit 3DGreetings Player ActiveX control contains multiple buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The 3DGreetings Player is an ActiveX control that displays 3D greeting cards...

MIT Kerberos 5 kadmind privilege escalation vulnerability

Overview MIT Kerberos kadmind contains a privilege escalation vulnerability that may allow an authenticated attacker to execute code with root privileges. Description Kerberos is a network authentication system that uses a trusted third party to authenticate clients and servers to each other. It ...

MIT Kerberos 5 kadmind buffer overflow vulnerability

Overview An unspecified vulnerability in MIT Kerberos kadmind server may allow an attacker to execute arbitrary code. Description Kerberos is a network authentication system that uses a trusted third party to authenticate clients and servers to each other. It is designed to provide strong...

Move Networks Quantum Streaming Player ActiveX stack buffer overflows

Overview The Move Networks Quantum Streaming Player ActiveX controls contain multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Move Networks Quantum Streaming Player is an ActiveX video player for use ...

Quiksoft EasyMail SMTP ActiveX control stack buffer overflow vulnerabilities

Overview The Quiksoft EasyMail SMTP ActiveX control contains multiple stack buffer overflow vulnerabilities, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Quiksoft EasyMail Objects is a set of ActiveX controls that provides emai...

MSN Messenger and Windows Live Messenger webcam stream heap overflow

Overview MSN Messenger fails to properly handle webcam streams, which may allow a remote attacker to execute arbitrary code. Description MSN Messenger is an instant messaging application. Starting with version 8, MSN Messenger was renamed to Windows Live Messenger. Windows Live Messenger and some...

Oracle JInitiator ActiveX control stack buffer overflows

Overview The Oracle JInitiator ActiveX control contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle JInitiator allows users to run Oracle Developer Server applications within a web...

BIND version 8 generates cryptographically weak DNS query identifiers

Overview ISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. Version 8 of the BIND...

Trend Micro ServerProtect Integer Overflow Vulnerability

Overview Trend Micro ServerProtect contains an integer overflow vulnerability that may allow a remote attacker to execute arbitrary code. Description Trend Micro ServerProtect is an anti-virus application designed to run on Microsoft Windows servers. The application provides administrators with...

Trend Micro ServerProtect Agent service RPC stack-buffer overflow

Overview Trend Micro ServerProtect Agent service fails to properly handle RPC requests. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Trend Micro ServerProtect Agent service handles RPC Remote Procedure Calls RPC using port 3628/tcp. Th...

Trend Micro ServerProtect RPC buffer overflows

Overview The Trend Micro ServerProtect fails to properly handle RPC requests. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description Trend Micro ServerProtect is an anti-virus application that is designed to run on Microsoft Windows servers. Trend...

Yahoo! Installer Plugin for Widgets ActiveX control stack buffer overflow

Overview The Yahoo! Installer Plugin for Widgets ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Widgets is a program for Windows that allows the user to run applications call...

Yahoo! Messenger webcam stream heap overflow

Overview Yahoo! Messenger fails to properly handle webcam streams, which may allow a remote attacker to execute arbitrary code. Description Yahoo! Messenger is an instant messaging application that is available for Windows, Mac, Unix, web, and mobile systems. Some version of Yahoo! Messenger, suc...

Microsoft Windows Vista Weather Gadget vulnerability

Overview The Windows Vista Weather gadget contains a vulnerability that may allow and attacker to execute code. Description From Microsoft Security Bulletin MS07-048:Gadgets are mini-applications designed to provide the user with information or utilities. Windows Vista treats gadgets similar to t...

GIMP integer overflow vulnerability

Overview GIMP contains a vulnerability that may allow a remote attacker to execute code, or create a denial-of-service condition. Description The Photoshop Document PSD format is the native file format used by Adobe Photoshop. The GNU Image Manipulation Program GIMP can open and manipulate .psd...

Microsoft Windows Vista Contacts Gadget vulnerability

Overview The Windows Vista Contacts gadget contains a vulnerability that may allow an attacker to execute code. Description From Microsoft Security Bulletin MS07-048:Gadgets are mini-applications designed to provide the user with information or utilities. Windows Vista treats gadgets similar to t...

Microsoft Windows Vista Feed Headlines Gadget vulnerability

Overview The Windows Vista Feed Headlines gadget contains a vulnerability that may allow and attacker to execute code. Description From Microsoft Security Bulletin MS07-048:Gadgets are mini-applications designed to provide the user with information or utilities. Windows Vista treats gadgets simil...

Microsoft Windows VML compressed content integer underflow

Overview Microsoft Windows VML fails to properly handle compressed content, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft IE version 5.0 and higher supports the Vector Markup Language VML, which is a set of XML tags for...

Microsoft GDI Windows Metafile AttemptWrite integer overflow

Overview Microsoft Windows GDI contains an integer overflow in the handling of Windows metafiles, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows GDI Graphics Device Interface enables applications to use graphics a...

IBM and Lenovo Access Support acpRunner ActiveX control format string vulnerability

Overview The IBM Lenovo Access Support acpRunner ActiveX control contains a format string vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...

Apache Tomcat fails to properly handle cookies containing single quotes

Overview Apache Tomcat fails to properly handle cookies that contain a single quote, which may allow session hijacking. Description Apache Tomcat is an implementation of the Java Servlet and JavaServer Page JSP technologies. Apache Tomcat incorrectly treats a single quote as a cookie delimiter...

IBM and Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures

Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...

Microsoft XML Core Services XMLDOM substringData() buffer overflow

Overview Microsoft XML Core Services contains an unspecified memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft XML Core Services MSXML allow developers who use JScript, Visual Basic Scripting...

Motive Communications ActiveUtils EmailData ActiveX control stack buffer overflows

Overview The Motive Communications ActiveUtils EmailData ActiveX control contains multiple stack buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description Motive Communications ActiveUtils is a software package used by multiple ISPs to provide...

IBM and Lenovo Access Support acpRunner ActiveX control fails to restrict access to methods

Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to restrict access to its methods, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes severa...

InterActual Player IAKey ActiveX control stack buffer overflow

Overview The InterActual Player IAKey ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

InterActual Player IAMCE ActiveX control stack buffer overflow

Overview The InterActual Player IAMCE ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

Microsoft DirectX Media 6.0 Live Picture Corporation DirectTransform FlashPix ActiveX control buffer overflow

Overview The Live Picture Corporation DirectTransform FlashPix ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft DirectX Media 6.0 SDK includes an ActiveX control that is...

Cisco IOS fails to properly handle Next Hop Resolution Protocol packets

Overview Cisco IOS fails to properly handle Next Hop Resolution Protocol packets, which could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description Cisco IOS is an operating system that is used on Cisco network devices. Cisco IOS supports a...

Atheros wireless network drivers may fail to properly handle malformed frames

Overview Atheros wireless drivers fail to properly handle malformed wireless frames. This vulnerability may allow a remote, unauthenticated attacker to create a denial-of-service condition. Description Some versions of the Microsoft Windows drivers for Atheros 802.11 a/b/g wireless adapters fail ...

RSA key reconstruction vulnerability

Overview Various implementations of RSA may contain a vulnerability that could allow an attacker to retrieve encryption keys. Description Some implementations of RSA may contain a vulnerability that could allow a local attacker to retrieve encryption keys. OpenSSL is a widely used open source...