3704 matches found
Mozilla products vulnerable to heap overflow via miscalculated size during conversion of an image
Overview A vulnerability exists in Mozilla products that may allow a remote attacker to execute arbitrary code or cause a denial of service. Description Mozilla products contain a vulnerability in the CSS cursor property on Microsoft Windows that may result in a crash when handling malicious...
Mozilla LiveConnect vulnerable to crash finalizing JS objects
Overview A vulnerability exists in the Mozilla LiveConnect that may allow a remote attacker to cause a denial of service. Description Mozilla LiveConnect, which allows communication between Java applets and web JavaScript, contains a vulnerability in the way freed objects are re-used that may...
Novell NetMail IMAP vulnerable to buffer overflow when processing command continuation requests
Overview A vulnerability in the way Novell Netmail handles IMAP command continuation requests may cause a buffer overflow that may allow remote execution of arbitrary code. Description Novell Netmail's IMAP server, imapd.exe, fails to properly check user input. A buffer overflow may occur when...
Novell NetMail IMAP server vulnerable to buffer overflow when processing "APPEND" commands
Overview A vulnerability in the way Novell NetMail handles IMAP "APPEND" commands may cause a buffer overflow that may allow remote execution of arbitrary code. Description Novell NetMail's IMAP server contains a buffer overflow that may occur when processing parameters supplied to the "APPEND"...
Sun Microsystems Java GIF image processing buffer overflow
Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...
Novell NetMail IMAP vulnerable to DoS when processing "APPEND" commands
Overview A vulnerability in the way Novell Netmail handles IMAP APPEND commands may allow a denial of service. Description Novell Netmail's IMAP server contains a buffer overflow that may occur when processing parameters supplied to the APPEND command. An attacker must login to an affected system...
Novell NetMail IMAP vulnerable to buffer overflow when processing "SUBSCRIBE" commands
Overview A vulnerability in the way Novell Netmail handles IMAP SUBSCRIBE commands may cause a buffer overflow that may allow remote execution of arbitrary code. Description Novell Netmail's IMAP server contains a buffer overflow that may occur when processing parameters supplied to the SUBSCRIBE...
Oracle SYS.DBMS_AQ package vulnerable to PL/SQL injection
Overview The Oracle SYS.DBMSAQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle SYS.DBMSAQ package fails to properly sanitize user input.This ma...
Novell NetMail NMAP vulnerable to buffer overflow when processing "STOR" commands
Overview A vulnerability in the way Novell NetMail handles NMAP "STOR" commands may cause a buffer overflow that may allow remote execution of arbitrary code. Description Novell NetMail's implementation of the Network Messaging Application Protocol NMAP contains a buffer overflow that may occur...
SISCO OSI stack fails to properly handle malformed packets
Overview A vulnerability exists in the SISCO OSI stack. If this vulnerability is successfully exploited, an attacker could cause a denial-of-service condition. Description The SISCO OSI stack is a component of the SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP products. The...
Apple Mac OS X UFS filesystem integer overflow vulnerability
Overview There is an integer overflow in the ffsmountfs function, which is used by Apple's OS X operating system to handle UFS disc images. Description Unix File System UFS is a file system used by Unix and other similar operating systems. Apple OS X supports UFS, partitions, and images. There is...
Cisco Secure Access Control Server vulnerable to a stack-based buffer overflow via a specially crafted "HTTP GET" request
Overview A vulnerability in the web administrative server supplied with Cisco Secure ACS products could allow a remote attacker to execute arbitrary code on an affected system. Description Cisco Secure ACS is a Remote Access Dial-In User Service RADIUS and Terminal Access Controller Access Contro...
Cisco Secure Access Control Server fails to properly handle a specially crafted RADIUS Accounting-Request packet
Overview A vulnerability in the RADIUS server supplied with Cisco Secure ACS products could allow a remote attacker to execute arbitrary code on an affected system. Description Cisco Secure ACS is a Remote Access Dial-In User Service RADIUS and Terminal Access Controller Access Control System Plu...
Cisco Secure Access Control Server fails to properly handle specially crafted Access-Request messages
Overview Several vulnerabilities in the RADIUS server supplied with Cisco Secure ACS products could allow a remote attacker to execute arbitrary code on an affected system. Description Cisco Secure ACS is a Remote Access Dial-In User Service RADIUS and Terminal Access Controller Access Control...
Acer LunchApp ActiveX Control fails to properly restrict access to methods
Overview The Acer LunchApp ActiveX control contains methods that can allow a remote, unauthenticated attacker to run arbitrary commands on a vulnerable system. Description The Acer LunchApp ActiveX control is provided by LunchApp.ocx. It contains a method called Run, which takes three parameters:...
Microsoft Outlook vulnerable to DoS via a malformed email message
Overview There is a vulnerability in the way Microsoft Outlook handles malformed email messages that may allow a remote, unauthenticated attacker to cause a denial of service. Description Microsoft Outlook contains a vulnerability in the way that it handles certain email message headers. Accordin...
Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability
Overview Web browsers running the Apple QuickTime plugin may allow remote web sites to reference content on the local filesystem. This may allow an attacker to execute script within the security context of the local machine. Description Web browser plugins that allow remote web sites to reference...
CA BrightStor ARCserve Backup Message Engine RPC buffer overflow
Overview The Computer Associates BrightStor ARCserve Backup Message Engine contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retention tool that...
CA BrightStor ARCserve Backup Tape Engine RPC buffer overflow
Overview The Computer Associates BrightStor ARCserve Backup Tape Engine RPC service contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retention...
CA BrightStor ARCserve Backup Tape Engine directly calls user supplied data in RPC requests
Overview The Computer Associates BrightStor ARCserve Backup Tape Engine contains a vulnerability in its Tape Engine RPC service. If successfully exploited, this vulnerability may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retenti...
Microsoft Excel fails to properly parse malformed Palette records
Overview A vulnerability in the way that Microsoft Excel handles malformed Palette records could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly handle Palette records embedded in Excel documents. When a file containing a malformed...
Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
Overview A vulnerability exists in the way Microsoft Outlook handles Office Saved Searches .oss. This vulnerability may allow a remote attacker to execute arbitrary code. Description Office Saved Searches .oss contain views of e-mail items that satisfy previous search criteria.Microsoft Outlook...
Sun Java JRE vulnerable to privilege escalation
Overview A vulnerability in the Sun Java Runtime Environment may allow a malicious applet to gain elevated privileges. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for multiple operati...
Kerberos administration daemon may free uninitialized pointers
Overview A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Description The MIT krb 5 administration daemon...
Microsoft Excel fails to properly process a malformed Column record
Overview Microsoft Excel contains a memory corruption vulnerability that could enable an attacker to exectue arbitrary code and gain complete control of the vulnerable system. Description Microsoft Excel fails to properly handle malformed Column records. When an Excel file is opened, Excel does n...
Microsoft Outlook fails to properly process a VEVENT record
Overview Microsoft Outlook contains a memory corruption vulnerability that could enable an attacker to execute arbitrary code and gain complete control of the vulnerable system. Description Microsoft Outlook fails to properly handle malformed VEVENT records. When an .iCal meeting request containi...
Sun Java JRE vulnerable to arbitrary code execution via an undetermined error
Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...
Microsoft Excel fails to properly handle malformed IMDATA records
Overview A vulnerability in the way that Microsoft Excel handles malformed image records could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate the size of IMDATA records. When a file containing a malformed IMDATA record is...
Mozilla denial of service vulnerability
Overview Certain Mozilla products contain a denial-of-service vulnerability. Description Certain Mozilla products contain a denial-of-service vulnerability that occurs because of an infinite loop in the jsdtoa function. Mozilla Firefox versions prior to 2.0.0.1, Thunderbird prior to 1.5.0.9, and...
Microsoft Excel vulnerable to arbitrary code execution via malformed record
Overview A vulnerability in Microsoft Excel may allow an attacker to execute arbitrary code on a vulnerable system. Description A vulnerability exists in the way Microsoft Excel handles malformed records.Per Microsoft Security Bulletin MS07-002: A remote code execution vulnerability exists in...
Microsoft Internet Explorer VML buffer overflow
Overview Microsoft Internet Explorer IE fails to properly handle Vector Markup Language tags. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft IE version 5.0 and higher supports the Vector Markup Language VML,...
Kerberos administration daemon fails to properly initialize function pointers
Overview The Kerberos administration daemon fails to properly initialize pointers. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the Kerberos administration daemon handles...
Sun Java JRE vulnerable to arbitrary code execution via an unspecified error
Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...
OpenOffice fails to properly process WMF and EMF files
Overview Multiple buffer overflow vulnerabilities exist in the OpenOffice.org office suite. If successfully exploited, these vulnerabilities may allow an attacker to execute arbitrary code on a vulnerable system. Description OpenOffice.org is a free office suite that is available for multiple...
Citrix ICA Client ActiveX control buffer overflow
Overview A vulnerability in an ActiveX control provided with the Citrix Presentation Server Client could allow a remote attacker to execute arbitrary code on an affected system. Description The Citrix Presentation Server Client software provides an ActiveX control that can be used to integrate th...
Adobe Acrobat Plug-In cross domain violation
Overview The Adobe Acrobat Plug-In fails to properly validate user-supplied content, which may allow for cross-site scripting. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the Adobe Acrobat Plug-In to allow users to view...
ICONICS Dialog Wrapper Module ActiveX control vulnerable to buffer overflow
Overview ICONICS Dialog Wrapper Module ActiveX control contains a buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description OLE for Process Control OPC is a specification for a standard set of OLE COM objects for use in the proce...
Apple QuickTime RTSP buffer overflow
Overview Apple QuickTime may allow remote arbitrary code to be executed via a long src parameter in RTSP URL strings. Description A vulnerability exists in the way Apple QuickTime handles specially crafted Real Time Streaming Protocol RTSP URL strings. An attacker may be able to craft a QTL file ...
Wireshark HTTP dissector vulnerability
Overview Wireshark contains a vulnerability in the HTTP dissector that may allow an attacker to cause a denial of service condition. Description Wireshark contains a vulnerability in the HTTP dissector that may allow an attacker to cause a denial of service condition. This vulnerability may be...
Mozilla SVG memory corruption vulnerability
Overview Mozilla products contain a memory corruption vulnerability related to SVG processing. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Scalable Vector Graphics SVG processing code in Mozilla Firefox and SeaMonke...
Mozilla Layout Engine vulnerability
Overview A vulnerability exists in the Mozilla Layout Engine that may allow a remote attacker to compromise a vulnerable system. Description The Mozilla Layout Engine contains an unspecified vulnerability that may result in memory corruption. The impact of this memory corruption is unclear...
Mozilla mail products vulnerable to heap buffer overflow via Content-Type headers
Overview Mozilla mail products contain a heap buffer overflow vulnerability in the way they process Content-Type headers. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Mozilla Thunderbird and SeaMonkey contain a buffer overflow...
Novell NetWare Client for Windows EnumPrinters() function vulnerable to buffer overflow
Overview A vulnerability exists in the Novell NetWare client that could allow a remote attacker to execute arbitrary code on an affected system. Description NetWare is a network operating system produced and maintained by Novell. Novell provides NetWare clients for Microsoft Windows and Linux...
Novell NetWare Client for Windows OpenPrinter() function vulnerable to buffer overflow
Overview A vulnerability exists in the Novell NetWare client that could allow a remote attacker to execute arbitrary code on an affected system. Description NetWare is a network operating system produced and maintained by Novell. Novell provides NetWare clients for Microsoft Windows and Linux...
NeoScale Systems CryptoStor 700 series appliances fail to properly perform two-factor authentication
Overview NeoScale Systems CryptoStor 700 series appliances fail to properly perform two-factor authentication. This can make it easier to bypass the CryptoStor authentication process. Description NeoScale Systems CryptoStor Tape units are tape backup encryption appliances. CryptoStor 700 series...
Intel network drivers privilege escalation vulnerability
Overview A buffer overflow vulnerability in Intel PRO Ethernet drivers may allow local attackers to execute code with elevated privileges. Description Intel network adapter drivers are developed and maintained by Intel for Windows and Linux operating systems. A buffer overflow vulnerability exist...
GnuPG vulnerable to remote data control
Overview A vulnerability in GnuPG could allow a remote attacker to execute arbitrary code on an affected system. Description GNU Privacy Guard GnuPG is the GNU project's implementation of the OpenPGP standard as defined by RFC2440.OpenPGP messages are processed by GnuPG using data structures call...
Yahoo Messenger YMailAttach ActiveX control buffer overflow
Overview The Yahoo Messenger YMailAttach ActiveX control contains a buffer overflow, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo Messenger is an instant messaging application. Yahoo Messenger includes several ActiveX...
Symantec Veritas NetBackup bpcd.exe CONNECT_OPTIONS buffer overflow
Overview Symantec Veritas NetBackup contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon is...
Symantec Veritas NetBackup bpcd daemon fails to properly validate commands
Overview Symantec Veritas NetBackup is vulnerable to command chaining, which may allow a remote, authenticated attacker to execute arbitrary commands on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon fails t...