IPv6 Type 0 Route Headers allow sender to control routing

Overview IPv6 Type 0 Route Headers allow the sender to control packet routing. This vulnerability may allow an attacker to cause a denial-of-service condition. Description Routing header options provided by IPv6 allow packet senders to indicate specific nodes through which the packet should trave...

Macrovision FLEXnet Connect Software Manager DWUpdateService ActiveX control contains dangerous methods

Overview The Macrovision FLEXnet Connect Software Manager DWUpdateService ActiveX control fails to restrict access to its methods, which can allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system. Description Macrovision FLEXnet Connect is a software package...

Logitech VideoCall multiple ActiveX controls contain stack buffer overflows

Overview Logitech VideoCall ActiveX controls contain multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Logitech VideoCall is video conferencing software for Windows. Logitech VideoCall includes...

Authentium Command Antivirus odapi.dll multiple ActiveX buffer overflows

Overview Authentium Command Antivirus contains multiple ActiveX vulnerabilities, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Authentium Command Antivirus provides multiple ActiveX controls. Many of the ActiveX controls provided ...

Mozilla Layout Engine memory corruption vulnerabilities

Overview The Mozilla layout engine contains multiple vulnerabilities that may lead to memory corruption. These vulnerabilities may allow an attacker to execute code or cause a denial-of-service condition. Description The Mozilla Layout Engine contains an multiple vulnerabilities that may result i...

Mozilla products vulnerable to memory corruption in the JavaScript engine

Overview A vulnerability in the Mozilla JavaScript engine may allow execution of arbitrary code or denial of service. Description The Mozilla JavaScript engine contains an unspecified vulnerability that may result in memory corruption. The impact of this memory corruption is unclear. According to...

Apple QuickTime for Java security bypass vulnerability

Overview Apple QuickTime for Java fails to properly restrict the instantiation and manipulation of Java objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime includes the ability to integrate QuickTim...

Sun Java System Web Proxy Server fails to properly process malformed packets

Overview A vulnerability in the way Sun Java System Web Proxy Server processes malformed packets may allow execution of arbitrary code. Description SOCKS is a network protocol that provides a framework that allows client-server applications to securely use network firewall services. A vulnerabili...

Apple QuickTime for Java information disclosure vulnerability

Overview Apple QuickTime for Java fails to properly clear memory. As a result, sensitive information may be exposed to unintended parties. Description Apple QuickTime includes the ability to integrate QuickTime into Java applications and applets. This feature is known as QuickTime for Java. Apple...

Media Technology Group CDPass ActiveX control stack buffer overflows

Overview The Media Technology Group CDPass ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Media Technology Group CDPass is software that provides bonus content for music CDs...

British Telecommunications Business Connect webhelper ActiveX control buffer overflows

Overview The British Telecommunications Business Connect webhelper ActiveX control contains multiple buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The registration process for British Telecommunications BT intern...

British Telecommunications Consumer webhelper ActiveX control buffer overflows

Overview The British Telecommunications Consumer webhelper ActiveX control contains multiple buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The registration process for British Telecommunications BT internet...

Avast! antivirus buffer overflow vulnerability

Overview Avast! antivirus contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute code a vulnerable system. Description Avast! antivirus is an antivirus application that can scan different types of files. The Symbian Installer Format SIS file format is used b...

Zenturi ProgramChecker ActiveX buffer overflow vulnerabilities

Overview Zenturi ProgramChecker contains multiple ActiveX buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Zenturi ProgramChecker is a set of "... easy to use tools to analyze, validate, authenticate and research th...

Apple Mac OS X iChat UPnP buffer overflow

Overview A vulnerabilty in the way Apple Mac OS X iChat handles specially crafted UPnP packets may allow execution of arbitrary code or denial of service. Description Apple iChat contains a vulnerability that could be exploited by an attacker on the local network when it attempts to handle...

Apple Mac OS X mDNSResponder buffer overflow vulnerability

Overview Apple Mac OS X mDNSresponder contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description mDNS uses IP multicast with DNS to provide the functionality of a DNS server for service discovery in networks that do not have a DNS server...

RSA BSAFE libraries denial of service vulnerability

Overview The RSA BSAFE Crypto-C and Cert-C libraries contain a denial-of-service vulnerability. Description RSA BSAFE products include software libraries that developers can use to implement cryptography in their applications. The RSA BSAFE Crypto-C and Cert-C libraries contain a denial-of-servic...

LEAD Technologies JPEG 2000 ActiveX control buffer overflow

Overview The LEAD Technologies JPEG 2000 ActiveX control contains a buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description LEAD Technologies provides imaging software for Windows. The LEAD JPEG 2000 ActiveX control, which ...

OPeNDAP filesystem enumeration vulnerability

Overview The OPeNDAP server version 4 contains a file enumeration vulnerability. This vulnerability may allow an attacker to enumerate filesystem contents. Description OPeNDAP is a software package designed to help researchers exchange data sets that are stored in different formats. The most rece...

OPeNDAP arbitrary command execution vulnerability

Overview The BES daemon in OPeNDAP server version 4 contains a vulnerability. This vulnerability may allow an attacker to execute arbitrary commands, or upload files to a remote server. Description OPeNDAP is a software package designed to help researchers exchange data sets that are stored in...

libpng denial of service vulnerability

Overview The libpng library contains a denial-of-service vulnerability. Description The libpng library can be used to allow other applications to render PNG images.The libpng library contains a denial-of-service vulnerability. From the Libpng-1.2.16-ADVISORY: This vulnerability could be used to...

Symantec Norton Internet Security 2004 ISAlertDataCOM ActiveX control stack buffer overflow

Overview The Symantec Norton Internet Security 2004 ISAlertDataCOM ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Symantec Norton Internet Security is a software package for Windows...

Samba command injection vulnerability

Overview Samba fails to properly filter input to /bin/sh. This vulnerability may allow a remote, authenticated attacker to execute arbitrary code on a Samba server. Description Samba provides file and print services for Microsoft Windows, Unix, Linux, and OS X clients. Samba can also act as a...

HTTP content scanning systems full-width/half-width Unicode encoding bypass

Overview Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems. Description Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP...

Samba NDR MS-RPC heap buffer overflow

Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...

Computer Associates AntiVirus InoTask buffer overflow vulnerability

Overview Computer Associates AntiVirus for the Enterprise and Threat Manager products contain a buffer overflow vulnerability that may be exploited by local users to execute code with elevated privileges. Description Computer Associates eTrust Antivirus v8 includes a component called InoTask...

Computer Associates eTrust AntiVirus Server buffer overflow

Overview Computer Associates eTrust AntiVirus Server contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code, or create a denial of service condition. Description Computer Associates eTrust AntiVirus Server is an antivirus product distributed b...

Microsoft Windows Media Services NMSA Session Description Object ActiveX control contains dangerous methods

Overview The Microsoft Windows Media Services NMSA Session Description Object ActiveX control fails to restrict access to dangerous methods. This vulnerability could allow a remote attacker to execute arbitrary code on an affected system. Description Microsoft Windows Media Services is a software...

Trend Micro ServerProtect SpntSvc buffer overflow vulnerability

Overview Trend Micro ServerProtect contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Trend Micro ServerProtect is an anti-virus application that is designed to run on Windows-based servers. The...

Microsoft Word fails to properly parse crafted rich text content

Overview Microsoft Word fails to properly parse rich text content and may allow a remote, unauthenticated attacker to execute arbitrary code. Description Microsoft Word does not properly validate rich text within the contents of a file. When Word opens and parses a specially crafted file, memory...

Trend Micro ServerProtect EarthAgent buffer overflow vulnerability

Overview Trend Micro ServerProtect contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Trend Micro ServerProtect is an anti-virus application that is designed to run on Windows-based servers. The...

Microsoft Exchange Outlook Web Access UTF character set label script injection vulnerability

Overview Microsoft Exchange Outlook Web Access OWA fails to properly handle the UTF character set label, which can allow a remote, unauthenticated attacker to execute script within the security context of the OWA user. Description OWA allows users to access their email accounts on a Microsoft...

Research In Motion TeamOn Import Object ActiveX control buffer overflow

Overview The Research In Motion TeamOn Import Object ActiveX control contains a buffer overflow, which could allow an attacker to execute arbitrary code on a vulnerable system. Description The Research In Motion TeamOn Import Object is an ActiveX control, which is provided by the file TOImport.dl...

Microsoft Office drawing object vulnerability

Overview Microsoft Office fails to properly handle malformed drawing objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description Microsoft Office fails to properly handle malformed drawing objects embedded within Office documents. By convincing ...

Microsoft Word fails to properly process crafted array data

Overview Microsoft Word contains a remote code execution vulnerability that could enable an attacker to execute arbitrary code and gain complete control of the vulnerable system. Description Microsoft Word fails to properly handle malformed data within an array. When a Word file is opened, Word...

Microsoft Exchange Server fails to properly decode MIME email messages

Overview Microsoft Exchange Server contains a remote code execution vulnerability that could enable an attacker to execute arbitrary code and gain complete control of the vulnerable system. Description Microsoft Exchange Server fails to properly process MIME messages. When an email message...

Microsoft Cryptographic API Component Object Model Certificates ActiveX control contains a remote code execution vulnerability

Overview Microsoft Cryptographic API Component Object Model CAPICOM Certificates ActiveX control contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Microsoft Cryptographic API Component Object Model CAPICOM Certificates ActiveX...

Microsoft Excel fails to properly process files with crafted filter records

Overview A vulnerability in Microsoft Excel could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to validate certain filter records contained in Excel documents. This flaw results in an unspecified memory corruption vulnerability that...

Axis Communications CamImage ActiveX control stack buffer overflow

Overview The Axis Communications CamImage ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to run arbitrary code on a vulnerable system. Description Axis Communications provides an ActiveX control for viewing motion JPEG streams in Microsoft...

LiveData Protocol Server fails to properly handle requests for WSDL files

Overview The LiveData Protocol Server fails to properly handle requests. This vulnerability may allow a remote attacker to execute arbitrary code. Description The LiveData Protocol Server is real-time data acquisition and processing software used to record and transmit data among process control...

ISC BIND denial of service vulnerability

Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. BIND version 9.4.0...

Cisco ASA clientless SSL VPN denial of service vulnerability

Overview The Cisco ASA firewall's SSL VPN component contains an denial-of-service vulnerability. Description The Cisco Adaptive Security Appliance ASA is firewall that includes routing, intrusion prevention system IPS, and VPN components. The clientless SSL VPN allows remote users with a web...

LiveData Server fails to properly handle Connection-Oriented Transport Protocol packets

Overview The LiveData Server fails to handle malformed Connection-Oriented Transport Protocol COTP packets. This vulnerability may allow a remote attacker to crash the LiveData Server. Description The LiveData Server records and transmits data between two or more control systems. The...

Cisco ASA fails to properly process DHCP relay packets

Overview The Cisco Adaptive Security Appliance contains a memory exhaustion vulnerability that may occur when the DHCP service relay is enabled. Description The Cisco Adaptive Security Appliance ASA is firewall that includes routing and intrusion prevention system IPS features. DHCP relay allows...

Cisco PIX and ASA authentication bypass vulnerability

Overview The Cisco ASA and PIX firewalls contain an authentication bypass vulnerability. This vulnerability may allow a remote attacker to gain unauthorized access to the internal network or firewall. Description The Cisco Adaptive Security Appliance ASA is firewall that includes routing and...

Apple QuickTime for Java QTPointerRef heap memory corruption vulnerability

Overview Apple QuickTime for Java contains a heap memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime includes the ability to integrate QuickTime into Java applications and applets. This...

OPeNDAP code execution vulnerability

Overview OPeNDAP server version 3 contains a vulnerability that allows an attacker to execute comands on the server. Description From the OPenNDAP website:OPeNDAP provides software which makes local data accessible to remote locations regardless of local storage format. OPeNDAP also provides tool...

Cisco NetFlow Collection Engine contains known default passwords

Overview A vulnerability in the Cisco NetFlow Collection Engine could allow a remote attacker to gain access to a vulnerable system. Description The Cisco Network Services CNS NetFlow Collection Engine NFC is a software package for supported UNIX platforms and is used to collect and monitor NetFl...

IncrediMail IMMenuShellExt ActiveX control stack buffer overflow vulnerability

Overview The IncrediMail IMMenuShellExt ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description IncrediMail is an email application that includes animations and 1000's of emoticons...

CA BrightStor ARCserve Backup Media Server RPC service buffer overflows

Overview The CA BrightStor ARCserve Backup Media Server contains multiple buffer overflows in the RPC service, which can allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Description BrightStor ARCserve Backup is a backup and data retention tool that...