3704 matches found
OpenBSD IPv6 kernel buffer overflow vulnerability
Overview A vulnerability in the OpenBSD kernel could allow a remote attacker to execute arbitrary code on a vulnerable system or cause the system to crash. Description The OpenBSD kernel contains a flaw in its handling of kernel memory buffers when processing IPv6 packets. This flaw results in a...
Apple Mac OS X DMG UFS byte_swap_sbin() function Integer Overflow
Overview The Apple Mac OS X byteswapsbin function contains an integer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Description DMG files are disk images that can contain a variety of...
Apple Mac OS X ImageIO integer overflow vulnerability
Overview Apple's ImageIO framework contains an integer overflow vulnerability that may allow an attacker to execute code on a vulnerable system. Description Graphics Interchange Format GIF is a popular image format supported by many Apple Mac OS X applications. The ImageIO framework allows...
Apple Mac OS X fails to properly handle corrupted Universal Mach-O Binaries
Overview A vulnerability in the way Apple Mac OS X handles corrupted Universal Mach-O Binaries may result in execution of arbitrary code or denial of service. Description Apple Mac OS X uses the Mach-O file format's ability to support more than one type of machine code to create Mac OS X Universa...
Apple Mac OS X DirectoryService may allow arbitrary users to change the root password
Overview A vulnerabilty in the Apple Mac OS X DirectoryService may allow unprivileged users to change the root password. Description The Apple Mac OS X DirectoryService contains a vulnerability that may allow unprivileged LDAP users to change the local root password. According to Apple security...
Apple ColorSync buffer overflow vulnerability
Overview Apple ColorSync contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description ColorSync is Apple's color management API. OS X applications and devices can use ColorSync profiles to determine how colors in images should be interpreted.ColorSync...
Apple QuickDraw Manager heap buffer overflow vulnerability
Overview Apple QuickDraw contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description PICT is a graphics file format that was used by Apple Macintosh systems prior to Mac OS X as their standa...
Mac OS X kernel "fpathconf()" syscall fails to properly handle unknown file types
Overview A vulnerability in the Mac OS X kernel could allow an authenticated local attacker to cause a denial of service. Description The fpathconf system call provides a method for applications to determine the current value of a configurable system limit or option variable associated with a fil...
Apple Mac OS X ImageIO memory corruption vulnerability
Overview Apple's ImageIO framework contains an memory corruption vulnerability that may allow an attacker to execute code on a vulnerable system. Description The RAW Image file format is a popular image format supported by many Apple Mac OS X applications. The ImageIO framework allows application...
Apple CrashDump privilege escalation
Overview CrashReporter contains a privilege escalation vulnerability that may allow authenticated users to run commands as root. Description CrashReporter is a debugging facility in Apple OS X that logs information program crashes.CrashReporter contains a privilege escalation vulnerability. This...
Linux Kernel vulnerable to DoS via the ipv6_getsockopt_sticky() function
Overview The Linux Kernel contains a vulnerability that may allow a remote attacker to create a denial-of-service condition. Description Internet Protocol version 6 IPv6 is a IP standard that is designed to replace the Internet Protocol version 4 IPv4. The Linux kernel provides IPv6 support, and...
Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures
Overview Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures. This vulnerability may allow an attacker to cause a denial-of-service condition. Description Hierarchical File System HFS+ is a file system that supports files that use 32-bit block addresses and Unicode file a...
Novell Netmail WebAdmin buffer overflow vulnerability
Overview Novell NetMail contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description Novell NetMail is an email and messenging software package developed by Novell. It is designed to offer mail and calendaring services to large groups of users.WebAdmi...
Mozilla Network Security Services (NSS) fails to properly handle the client master key
Overview A vulnerability in the way Mozilla Network Security Services NSS handles the client master key may lead to execution of arbitrary code. Description The SSLv2 protocol uses a client master key to generate all subsequent session keys. The validity of the client master key is determined...
Mozilla Network Security Services (NSS) fails to properly process malformed SSLv2 server messages
Overview A vulnerability in the way Mozilla Network Security Services NSS handles malformed SSLv2 server messages may lead to execution of arbitrary code. Description The SSLv2 protocol uses a client master key to generate all subsequent session keys. The client master key is created using a publ...
Microsoft Windows fails to properly handle malformed OLE documents
Overview A vulnerability exists in a Microsoft Windows library that is used to handle OLE documents. The complete impact of this vulnerability is not clear, but may include the execution of arbitrary code as well as a denial of service. Description Microsoft OLE documents include summary...
Apple QuickTime QTIF heap buffer overflow
Overview Apple QuickTime is vulnerable to a heap buffer overflow which may allow an attacker to execute arbitrary code or crash the system. Description A vulnerability exists in the way Apple QuickTime handles specially crafted QuickTime Image QTIF files. According to Apple QuickTime 7.1.5 securi...
Apple QuickTime QTIF stack buffer overflow
Overview A vulnerabilty in the way Apple QuickTime processes QTIF files may allow execution of arbitrary code. Description A vulnerability exists in the way Apple QuickTime handles specially crafted QuickTime Image QTIF files. According to Apple QuickTime 7.1.5 security document 305149:A stack...
Apple QuickTime movie heap buffer overflow vulnerability
Overview The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description Apple QuickTime contains a heap buffer overflow vulnerability. This vulnerability may allow an...
Apple QuickTime fails to properly process specially crafted MIDI files
Overview The Apple Quicktime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description Apple QuickTime contains a heap buffer overflow vulnerability. This vulnerability may allow an...
Apple QuickTime PICT heap buffer overflow
Overview The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description PICT is a graphics file format that was used by Apple Macintosh systems prior to OS X as their...
Apple QuickTime UDTA atom integer overflow
Overview Apple QuickTime contains an integer overflow in handling UDTA atoms, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime User Data UDTA Atoms allow a user to "... define and store data associated with a QuickTim...
Apple QuickTime 3GP integer overflow
Overview A vulnerabilty in the way Apple QuickTime processes 3GP files may allow execution of arbitrary code. Description A vulnerability exists in the way Apple QuickTime handles specially crafted 3GP files. According to Apple QuickTime 7.1.5 security document 305149:An integer overflow exists i...
Apple QuickTime QTIF integer overflow
Overview A vulnerability in Apple QuickTime's handling of files in the QTIF format could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Apple's QuickTime is a player for files and streaming media in a variety of different formats, including QuickTime Image...
WordPress fails to properly sanitize input passed to the iz parameter in wp-includes/theme.php
Overview WordPress fails to properly sanitize input to the iz parameter in wp-includes/theme.php, which could allow a remote, unauthenticated attacker to execute arbitrary commands. Description WordPress is a blogging application that is written in PHP. WordPress 2.1.1 fails to properly sanitize...
Asterisk null pointer dereference remote pre-authentication DoS vulnerability
Overview Asterisk contains a null pointer dereference vulnerability that may allow a remote, unauthenticated attacker to cause a denial-of-service condition on a vulnerable system. Description Asterisk is a popular PBX application with VoIP support. Asterisk contains a null pointer dereference...
WordPress fails to properly sanitize input passed to the ix parameter in wp-includes/feed.php
Overview WordPress fails to properly sanitize input to the ix parameter in wp-includes/feed.php, which could allow a remote, unauthenticated attacker to execute arbitrary PHP code. Description WordPress is a blogging application that is written in PHP. WordPress 2.1.1 fails to properly sanitize...
EMC NetWorker Management Console weak authentication vulnerability
Overview A vulnerability in the authentication mechanism used by the Legato NetWorker Management Console may allow an attacker to execute arbitrary commands. Description The EMC NetWorker formerly Legato NetWorker family of products provides solutions for backup and recovery of data. It includes...
Citrix Presentation Server Client vulnerable to arbitrary code execution
Overview A vulnerability in the Citrix Presentation Server Client could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Independent Computing Architecture ICA is an application server protocol used by Citrix products. The Citrix Presentation Server Client for...
Cisco Catalyst Systems with a NAM may allow system access via spoofing the SNMP communication
Overview A vulnerabilty in Cisco Catalyst Systems that have a Network Analysis Module NAM installed may allow a remote, unauthenticated attacker to gain complete control of this device. Description Cisco Catalyst 6000, 6500, and Cisco 7600 series switches may utilize Cisco's NAM to monitor and...
Symantec Mail Security for SMTP arbitrary code execution vulnerability
Overview Symantec Mail Security for SMTP contains a vulnerability that may allow an attacker to execute arbitrary code, or create a denial of service condition. Description Symantec Mail Security for SMTP is an antispam, antivirus, and content filtering software package that scans email. Symantec...
HP Mercury products vulnerable to buffer overflow
Overview Some HP Mercury products are vulnerable to a buffer overflow and may allow an attacker to execute arbitrary code. Description The magentproc.exe service provided with some HP Mercury products fails to properly parse values in the serveripname field. If an overly long value is sent in thi...
Mozilla layout engine contains multiple vulnerabilities
Overview The Mozilla layout engine contains multiple memory corruption vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, or create a denial of service condition. Description The Mozilla Foundation supports several Open Source projects, including the Mozilla,...
Apple iChat fails to properly handle crafted TXT key hashes
Overview A vulnerability in the way Apple iChat handles specially crafted TXT key hashes could lead to denial of service. Description Apple iChat is an instant message client for Apple Mac OS X. Apple iChat Agent is a back-end process that manages iChat sessions and available contacts. Apple...
Mozilla Firefox SVG viewer vulnerable to integer overflow
Overview The Mozilla SVG viewer contains an integer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code, or create a denial-of-service condition. Description Scalable Vector Graphics SVG is an XML markup language for describing and displaying animated or...
Mozilla JavaScript engine vulnerable to memory corruption
Overview The Mozilla JavaScript engine contains multiple memory corruption vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, or create a denial of service condition. Description The Mozilla Foundation supports several Open Source projects, including the...
SupportSoft ActiveX controls contain multiple buffer overflows
Overview The SupportSoft ActiveX controls contain multiple buffer overflow vulnerabilities, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SupportSoft provides multiple ActiveX packages that are used by third party vendors to...
Mozilla Firefox fails to properly handle JavaScript onUnload events
Overview Mozilla Firefox does not properly handle JavaScript onUnload events. This vulnerability may lead to memory corruption that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The JavaScript onUnload event is executed when the brows...
Macrovision FLEXnet Connect / InstallShield Update Service Agent ActiveX buffer overflows
Overview The Macrovision / InstallShield Update Service Web Agent ActiveX control contains buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description The InstallShield Update Service, now known as Macrovision FLEXnet Connect, contains an ActiveX...
Google Desktop vulnerable to cross-site scripting
Overview A cross-site scripting vulnerability exists in the Google Desktop Search application. This vulnerability may allow an attacker to take any action on a vulnerable system that the Google Desktop Search can. Description Google Desktop Search is a desktop search program that is integrated in...
Macrovision / InstallShield InstallFromTheWeb buffer overflows
Overview Macrovision / InstallShield InstallFromTheWeb contains multiple buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description InstallShield InstallFromTheWeb is a web-based software installation product for Microsoft Windows systems...
VeriSign Managed PKI Configuration Checker ActiveX control stack buffer overflow
Overview The VeriSign Configuration Checker ActiveX control contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The VeriSign Configuration Checker ActiveX control is provided by web-based digital...
Trend Micro ServerProtect CMON_NetTestConnection() stack buffer overflow
Overview Trend Micro ServerProtect contains a stack-based buffer overflow. Description Trend Micro ServerProtect fails to properly handle data passed to the CMONNetTestConnectionroutine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a specially...
Trend Micro ServerProtect STCommon stack buffer overflow
Overview Trend Micro ServerProtect contains a stack-based buffer overflow. Description Trend Micro ServerProtect fails to properly handle data passed to the CMONActiveUpdate and CMONActiveRollbackroutines possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by...
Trend Micro ServerProtect ENG_SendEMail() stack buffer overflow
Overview Trend Micro ServerProtect contains a stack-based buffer overflow. Description Trend Micro ServerProtect fails to properly handle data passed to the ENGSendEMail routine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a specially crafted...
Trend Micro ServerProtect fails ENG_SetRealTimeScanConfigInfo() stack buffer overflow
Overview Trend Micro ServerProtect contains a stack-based buffer overflow. Description Trend Micro ServerProtect fails to properly handle data passed to the ENGSetRealTimeScanConfigInforoutine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a...
Microsoft Internet Explorer fails to properly interpret certain responses from FTP servers
Overview A vulnerability in the way Microsoft Internet Explorer handles responses from FTP servers may lead to execution of arbitrary code. Description Microsoft Internet Explorer contains an unspecified vulnerability that could be exploited when it attempts to interpret responses from FTP server...
JBoss Application Server may not properly restrict access to the administrative interface
Overview The JBoss Application Server may allow unauthenticated, remote access to the administrative console. Description JBoss is an open source application server implemented in Java. Because it is Java-based, JBoss can be used on any operating system that supports Java. JBoss servers can be...
Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control buffer overflows
Overview The Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control contains multiple buffer overflows, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Trend Micro OfficeScan comes with a web-based administration console that makes use...
Microsoft Malware Protection Engine fails to properly process a specially crafted PDF File
Overview A vulnerability in the way Microsoft Malware Protection Engine processes PDF files may lead to execution of arbitrary code. Description Microsoft Malware Protection Engine contains a vulnerability that could be exploited when it attempts to process specially crafted PDF files. According ...