Airodump-ng buffer overflow vulnerability

Overview The airodump-ng program, which is a part of the aircrack-ng suite, contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute code. Description The aircrack-ng suite is a group of related programs that can be used to recover W...

HP-UX sendmail vulnerable to denial of service

Overview HP-UX contains an unspecified vulnerability in sendmail, which may allow a remote, unauthenticated attacker to cause a denial of service. Description HP-UX systems running sendmail are vulnerable to an unspecified denial of service. According to HP technical document c00841370, the...

Microgaming Download Helper ActiveX control stack buffer overflow

Overview The Microgaming Download Helper ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microgaming provides software for online gaming, including online casinos. The Microgaming...

McAfee VirusScan Enterprise heap buffer overflow vulnerability

Overview The McAfee VirusScan progream contains a buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to arbitrary execute code. Description McAfee VirusScan Enterprise includes an anti-virus, firewall, and host-based intrusion protection system. The on-demand...

Apple Macintosh OS X fails to properly mount WebDAV filesystems

Overview A vulnerability in the way that Apple Macintosh OS X mounts WebDAV filesystems could allow a local attacker to execute commands with elevated privileges. Description Web-based Distributed Authoring and Versioning WebDAV is a set of extensions to the HTTP protocol which allows collaborati...

Apple Macintosh OS X VideoConference SIP heap buffer overflow

Overview The Apple VideoConference framework contains a buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to execute code. Description Apple's VideoConference framework is used in iChat and other applications to stream video. iChat uses SIP to make and receive...

Apple AFP Client privilege escalation vulnerability

Overview The Apple File Protocol AFP Client fails to properly clean its environment before executing commands. This vulnerability may allow a local attacker execute commands with elevated privileges. Description The Apple File Protocol service allows Apple Mac OS clients to access files remotely...

Google Reader cross-site request forgery vulnerability

Overview Google Reader is vulnerable to a persistent cross-site request forgery attack that may be exploited by a specially crafted RSS feed. Description Google Reader is an online RSS feed reader. It can display text and images when displaying RSS feeds.Google Reader contains a cross-site reques...

Oracle Database vulnerable to privilege escalation

Overview A vulnerability in Oracle Database for Microsoft Windows could allow a remote attacker to log on to the system with elevated privileges. Description A vulnerability exists in Oracle Database's Core Relational Database Management System RDBMS that may allow a remote attacker to log on to...

Second Sight Software ActiveMod ActiveX control stack buffer overflow

Overview The Second Sight Software ActiveMod ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Second Sight Software ActiveMod is a music player that is provided as an ActiveX control...

Second Sight Software ActiveGS ActiveX control stack buffer overflows

Overview The Second Sight Software ActiveGS ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Second Sight Software ActiveGS is an Apple IIGS emulator that is provided as an...

Microsoft Content Management Server fails to properly process crafted HTTP requests

Overview A vulnerability in the way Microsoft Content Managment Server handles HTTP requests may lead to execution of arbitrary code. Description Microsoft Content Managment Server CMS contains a vulnerability that could be exploited when it attempts to process specially crafted HTTP requests...

Akamai Download Manager ActiveX control buffer overflow

Overview The Akamai Download Manager ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Akamai Download Manager is software designed to enhance the ability to download content. The Akamai...

The Wizz RSS Reader chrome access vulnerability

Overview The Wizz RSS Reader contains a vulnerability that may allow an attacker to take any action that Mozlla Firefox can. Description The Mozilla Firefox user interface components outside of the content area are created using chrome. This includes toolbars, menu bars, progress bars, and window...

Microsoft Windows DNS RPC buffer overflow

Overview The Microsoft DNS service Remote Procedure Call RPC implementation contains a stack buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code with SYSTEM privileges. Description The Microsoft Windows DNS service uses RPC to facilitate remote management. Th...

PhpWiki fails to properly restrict uploaded files

Overview PhpWiki fails to properly restrict uploaded files, which can allow a remote attacker to execute arbitrary commands on a vulnerable system. Description PhpWiki is Wiki software that is implemented in PHP. PhpWiki includes an "UpLoad" feature that allows users to upload files. Files with a...

HP Mercury Interactive Quality Center Spider Module ActiveX control stack buffer overflow

Overview The HP Mercury Interactive Quality Center Spider Module ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description HP Mercury Interactive Quality Center includes an ActiveX control...

HP-UX ICMP vulnerable to DoS via ICMP Path Maximum Transmission Unit (PMTU) Discovery

Overview A vulnerability in HP-UX may allow a remote attacker to cause a denial of service by sending a specially crafted ICMP packet. Description A number of widely accepted Internet standards describe different aspects of the relationships between the Internet Control Message Protocol ICMP and...

Microsoft Windows Agent fails to properly process crafted URLs

Overview Microsoft Agent fails to properly handle specially crafted URLs, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Agent is software that provides animated characters to enhance interaction with computer systems...

Microsoft Windows Kernel vulnerable to privilege escalation

Overview The Microsoft Windows Kernel contains a privilege escalation vulnerability that may allow a local attacker to take control of the system. Description The Microsoft Windows Kernel fails to properly set permissions when mapping to a memory segment. By running a specially crafted applicatio...

Microsoft Windows Vista CSRSS privilege escalation vulnerability

Overview The Microsoft Windows Client/Server Run-time Subsystem CSRSS process fails to properly handle error messages. This vulnerability may allow an attacker to execute arbitrary code. Description The Microsoft Client/Server Run-time Subsystem CSRSS is an essential subsystem. CSRSS is responsib...

Microsoft Windows CSRSS error handling vulnerability

Overview The Microsoft Windows Client/Server Run-time Subsystem CSRSS process fails to properly handle error messages. This vulnerability may allow a remote attacker to execute arbitrary code. Description According to Microsoft Security Bulletin MS07-021:CSRSS is the user-mode portion of the Win3...

Yahoo! Messenger AudioConf ActiveX Control buffer overflow vulnerability

Overview The Yahoo! Messenger AudioConf ActiveX control contains a buffer overflow, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Messenger is an instant messaging application. Yahoo! Messenger includes several ActiveX...

Internet Pictures Corporation iPIX Image Well ActiveX controls contain buffer overflows

Overview The Internet Pictures Corporation iPIX Image Well ActiveX controls contain buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Internet Pictures Corporation has produced equipment and software to create 360...

Intel Centrino wireless drivers fail to properly process malformed frames

Overview Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow an attacker to execute arbitrary code. Description The Microsoft Windows drivers for Intel Centrino 2200BG and 2915ABG PRO wireless adapters fail to...

AOL SuperBuddy ActiveX fails to properly validate method arguments

Overview The AOL SuperBuddy ActiveX control does not properly validate arguments to the LinkSBIcons method. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The AOL SuperBuddy ActiveX control Sb.SuperBuddy.1 is a compone...

MIT Kerberos 5 GSS-API library double-free vulnerability

Overview The GSS-API library provided with MIT krb5 contains a vulnerability that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability in the way the GSS-API library provided with MIT krb5 handles messages with an invalid...

SolidWorks sldimdownload ActiveX control fails to restrict access to methods

Overview The SolidWorks sldimdownload ActiveX control contains methods that can allow a remote, unauthenticated attacker to run arbitrary code on a vulnerable system. Description SolidWorks provides 3D CAD software solutions. The SolidWorks sldimdownload ActiveX control is provided by the file...

MIT Kerberos 5 administration daemon stack overflow in krb5_klog_syslog()

Overview The Kerberos administration daemon contains a buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the krb5klogsyslog function used by the Kerberos administration daemon handl...

MIT Kerberos 5 telnet daemon allows login as arbitrary user

Overview A vulnerability exists in the version of the telnet daemon included with the MIT Kerberos 5 distribution that may allow a remote, unauthorized attacker to log on to the system with elevated privileges. Description A vulnerability exists version of the telnet daemon included with the MIT...

CA Brightstor ARCserve Backup fails to properly process RPC requests

Overview The Computer Associates BrightStor ARCserve Backup contains a buffer overflow in the handling of RPC data that may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retention tool that integrates with other BrightStor Data...

Microsoft Windows animated cursor stack buffer overflow

Overview Microsoft Windows contains a stack buffer overflow in the handling of animated cursor files. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description Animated cursor files .ani contain animated graphics for icons and...

IBM Lotus Domino LDAP server DN message heap buffer overflow

Overview The IBM Lotus Domino LDAP server is vulnerable to a heap buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description IBM Lotus Domino server software provides email, calendar, scheduling, and collaboration...

file integer overflow vulnerability

Overview The file program contains a vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description file is a program for Unix-like operating systems that is used to determine what type of data is contained in a file.file contains a buffer...

McAfee ePolicy Orchestrator and ProtectionPilot ActiveX control buffer overflow vulnerability

Overview A vulnerability in an ActiveX control provided with the McAfee ePolicy Orchestrator and ProtectionPilot software could allow a remote attacker to execute arbitrary code on an affected system. Description The McAfee ePolicy Orchestrator and ProtectionPilot are applications that are design...

InterActual Player SyscheckObject ActiveX controls contain stack buffer overflows

Overview InterActual Player provides multiple ActiveX controls that are vulnerable to buffer overflows. This can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems...

NETxAutomation NETxEIB OPC Server fails to properly validate OPC server handles

Overview The NETxAutomation NETxEIB OPC Server contains a vulnerability that may allow a remote attacker to execute arbitary code or cause a denial-of-service. Description OLE for Process Control OPC is a specification for a standard set of OLE COM objects for use in the process control and...

Takebishi Electric DeviceXPlorer OPC Server fails to properly validate OPC server handles

Overview The Takebishi Electric DeviceXPlorer OPC server contains a vulnerability that may allow a remote attacker to execute arbitary code or cause a denial-of-service. Description OLE for Process Control OPC is a specification for a standard set of OLE COM objects for use in the process control...

CA BrightStor ARCserver Tape Engine memory corruption vulnerability

Overview The Computer Associates BrightStor ARCserve Backup Tape Engine contains a memory corruption vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description BrightStor ARCserve Backup is a...

CA BrightStor ARCserver Tape Engine denial-of-service vulnerability

Overview The Computer Associates BrightStor ARCserve Backup Tape Engine contains a vulnerability. If successfully exploited, this vulnerability may allow a remote attacker to shut down the tape engine interface. Description BrightStor ARCserve Backup is a backup and data retention tool that...

Apple Mac OS X fails to properly handle crafted AppleSingleEncoding disk images

Overview A vulnerabilty in the Apple Mac OS X AppleSingleEncoding disk image handler may allow execution of arbitrary code or denial of service. Description Apple Mac OS X contains a vulnerability that may be exploited when a user mounts a specially crafted AppleSingleEncoding disk image file...

OpenBSD IPv6 kernel buffer overflow vulnerability

Overview A vulnerability in the OpenBSD kernel could allow a remote attacker to execute arbitrary code on a vulnerable system or cause the system to crash. Description The OpenBSD kernel contains a flaw in its handling of kernel memory buffers when processing IPv6 packets. This flaw results in a...

Apple Mac OS X DMG UFS byte_swap_sbin() function Integer Overflow

Overview The Apple Mac OS X byteswapsbin function contains an integer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Description DMG files are disk images that can contain a variety of...

Apple ColorSync buffer overflow vulnerability

Overview Apple ColorSync contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description ColorSync is Apple's color management API. OS X applications and devices can use ColorSync profiles to determine how colors in images should be interpreted.ColorSync...

Apple Mac OS X ImageIO memory corruption vulnerability

Overview Apple's ImageIO framework contains an memory corruption vulnerability that may allow an attacker to execute code on a vulnerable system. Description The RAW Image file format is a popular image format supported by many Apple Mac OS X applications. The ImageIO framework allows application...

Apple Mac OS X fails to properly handle corrupted Universal Mach-O Binaries

Overview A vulnerability in the way Apple Mac OS X handles corrupted Universal Mach-O Binaries may result in execution of arbitrary code or denial of service. Description Apple Mac OS X uses the Mach-O file format's ability to support more than one type of machine code to create Mac OS X Universa...

Mac OS X kernel "fpathconf()" syscall fails to properly handle unknown file types

Overview A vulnerability in the Mac OS X kernel could allow an authenticated local attacker to cause a denial of service. Description The fpathconf system call provides a method for applications to determine the current value of a configurable system limit or option variable associated with a fil...

Apple Mac OS X DirectoryService may allow arbitrary users to change the root password

Overview A vulnerabilty in the Apple Mac OS X DirectoryService may allow unprivileged users to change the root password. Description The Apple Mac OS X DirectoryService contains a vulnerability that may allow unprivileged LDAP users to change the local root password. According to Apple security...

Apple Mac OS X ImageIO integer overflow vulnerability

Overview Apple's ImageIO framework contains an integer overflow vulnerability that may allow an attacker to execute code on a vulnerable system. Description Graphics Interchange Format GIF is a popular image format supported by many Apple Mac OS X applications. The ImageIO framework allows...

Apple QuickDraw Manager heap buffer overflow vulnerability

Overview Apple QuickDraw contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description PICT is a graphics file format that was used by Apple Macintosh systems prior to Mac OS X as their standa...