3704 matches found
Yahoo Messenger YMailAttach ActiveX control buffer overflow
Overview The Yahoo Messenger YMailAttach ActiveX control contains a buffer overflow, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo Messenger is an instant messaging application. Yahoo Messenger includes several ActiveX...
Microsoft Word malformed pointer vulnerability
Overview A vulnerability in Microsoft Word could allow an attacker to compromise a vulnerable system. Description Data used by Microsoft Word to construct a destination address for a memory copy routine is embedded within a Word document itself. If an attacker constructs a Word document with a...
Microsoft Remote Installation Service Writable Path Vulnerability
Overview A vulnerability in the way Microsoft Remote Installation Service handles TFTP may allow a remote, unauthorized attacker to create or overwrite arbitrary operating system files. Description Microsoft Remote Installation Service contains a vulnerability in the way that it provides TFTP...
Microsoft Internet Explorer Script Error Handling Memory Corruption Vulnerability
Overview A vulnerability in the way Microsoft Internet Explorer handles certain script errors may lead to memory corruption that may allow remote execution of arbitrary code. Description Microsoft Internet Explorer contains a memory corruption vulnerability that could be exploited when handling...
Microsoft Windows SNMP Memory Corruption Vulnerability
Overview A vulnerability in the way Microsoft Windows handles SNMP may allow a buffer overflow that may allow remote execution of arbitrary code. Description Microsoft Windows contains a buffer overflow that may occur when handling malformed SNMP packets. According to Microsoft Security Bulletin...
Microsoft Internet Explorer TIF Folder arbitrary file access vulnerability
Overview A vulnerability in the way Microsoft Internet Explorer handles drag and drop operations may allow access of arbitrary files within the Temporary Internet Files folder. Description Microsoft Internet Explorer contains a vulnerability that could be exploited when handling drag and drop...
Sun Secure Global Desktop Software (SSGD) contains multiple cross-site scripting vulnerabilities
Overview The Sun Secure Global Desktop SSGD contains cross-site scripting vulnerabilities. Description Sun Secure Global Desktop formerly Tarantella contains multiple input validation vulnerabilities due to failure to properly sanitize user input. The following modules do not properly filter HTML...
MySpace fails to properly filter user-supplied content
Overview The MySpace web site fails to properly filter user-supplied content, which may allow for cross-site scripting. Description MySpace is a social networking web site that allows users to post blog entries, photos, videos, and other content. MySpace blocks user-supplied JavaScript and VBScri...
Microsoft Internet Explorer fails to properly handle malformed DHTML script function calls
Overview A vulnerability in the way Microsoft Internet Explorer handles malformed DHTML script function calls may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to Microsoft Security Bulletin MS06-072:When Internet Explorer interprets certain DHTML scrip...
Cisco Security Agent Management Center vulnerable to authentication bypass
Overview Cisco Security Agent Management Center CSAMC may be vulnerable to authentication bypass when configured to use an external Lightweight Directory Access Protocol LDAP server for authentication. Description Cisco Security Agent Management Center CSAMC is a component of the CiscoWorks VPN...
Microsoft Word malformed data structure vulnerability
Overview A vulnerability in Microsoft Word could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word fails to properly handle malformed data structures allowing memory corruption to occur. This vulnerability can be triggered by opening a specially crafte...
Madwifi wireless driver buffer overflow vulnerability
Overview A buffer overflow vulnerability exists in the Madwifi wireless driver. If successfully exploited, an attacker may be able to execute arbitrary code, or cause a denial-of-service condition. Description The Madwifi driver is a Linux kernel device driver for Atheros-based 802.11 a/b/g...
Microsoft Windows Media Player fails to properly handle malformed Windows Media Metafiles
Overview Windows Media Player does not properly handle malformed Windows Media Metafiles. This vulnerability may allow a remote attacker to execute arbitrary code or crash Windows Media Player. Description Windows Media Player WMP is a multimedia application that comes with Microsoft Windows...
Adobe Download Manager buffer overflow
Overview Adobe Download Manager contains a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to run arbitrary code with the privileges of the affected user or cause a denial-of-service condition. Description Adobe Download Manager ADM ADM is a utility that Adobe...
The Ipswitch IMail Server is vulnerable to a buffer overflow
Overview The Ipswitch IMail Server is vulnerable to a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description According to Ipswitch Security Advisory 20061101:A vulnerability that allowed remote...
Microsoft Word malformed string vulnerability
Overview A vulnerability in Microsoft Word could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word contains a vulnerability that could be exploited when Word opens a specially crafted document. It is possible that the vulnerability can be exploited by...
Microsoft Windows Print Spooler service fails to properly handle RPC requests
Overview The Microsoft Windows Print Spooler fails to properly handle malformed RPC requests. This vulnerability may allow a remote attacker to cause a denial-of-service condition. Description The Microsoft Print Spooler service manages printing operations on a system. The Print Spooler service...
Google Mini and Google Search Appliance vulnerable to cross-site scripting
Overview Google Mini and Google Search Appliance fail to properly handle UTF-7 encoded URIs. This vulnerability may allow a remote attacker to read or modify data in web pages. Description Google Mini and Google Search Appliance fail to properly handle UTF-7 encoded URIs, possibly allowing a remo...
Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists
Overview Apple Mac OS X Security Framework Online Certificate Status Protocol OCSP service is unable to retrieve certificate revocation lists on systems that are configured to use an HTTP proxy. This vulnerability may result in the use of revoked certificates. Description The Online Certificate...
Autonomy Ultraseek default configuration does not adequately restrict in-document highlighting
Overview A vulnerability exists in the Ultraseek /highlight/index.html script. Successful exploitation of this vulnerability may allow an attacker to enumerate and access content from non-public servers or execute cross-site scripting attacks. Description Ultraseek is a search engine used on...
Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI
Overview Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI. Description According to Apple Security Update 2006-007:By enticing a user to access a maliciously crafted FTP URI, an attacker can cause the user's FTP client to issue arbitrary FTP commands ...
Apple AirPort driver fails to properly handle probe response frames
Overview A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Description Apple Airport products are 802.11b and 802.11g compatible wireless devices that are produced by Apple. Airport...
Apple Mac OS X Security Framework Secure Transport may not negotiate the best cipher available
Overview Apple Mac OS X Security Framework Secure Transport may not negotiate the best cipher available. This vulnerability may allow traffic to be weakly encrypted. Description Secure Transport refers to Apple’s implementation of SSL and TLS that is used by Mac OS X to create secure connections...
Apple Mac OS X Apple Type Services server fails to securely create error log files
Overview The Apple Mac OS X Apple Type Services server insecurely creates error log files, which may allow a local attacker to overwrite or create files with system privileges. Description Apple Mac OS X Apple Type Services server fails to securely create error log files. A local attacker may be...
Wireshark contains an unspecified vulnerability in the XOT dissector
Overview Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. Description Wireshark contains a vulnerability in the XOT dissector that may allow the application to allocate a large amount of memory and cause the application to crash. This vulnerability...
Newtone ImageKit ActiveX buffer overflow vulnerabilities
Overview The Newtone ImageKit ActiveX controls contain several buffer overflow vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Newtone ImageKit is a set of ActiveX controls that provide image processing, scanning, a...
Apple Mac OS X Apple Type Services server contains multiple buffer overflows
Overview The Apple Mac OS X Apple Type Services server contains multiple buffer overflow vulnerabilities. These vulnerabilities may allow a local attacker to execute arbitrary code with system privileges. Description The Apple Mac OS X Apple Type Services server fails to properly validate service...
Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input
Overview The Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input to its methods. This could allow an attacker to cause the application using the ActiveX control to crash. Description Adobe Acrobat and Adobe Reader provide an ActiveX control to allow applications such as...
Apple Mac OS X ftpd may allow arbitrary users to determine account name validity
Overview Apple Mac OS X ftpd may allow arbitrary users to determine account name validity. This vulnerability may reveal protected information or allow an attacker to cause a denial-of-service condition. Description According to Apple Security Update 2006-007:When attempting to authenticate a val...
Apple Mac OS X WebKit deallocated object access vulnerability
Overview Apple Safari WebKit fails to properly deallocate objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to Apple: WebKit is the open source core of Apple's Safari web browser. It is available as a framework in Mac OS X fo...
Apple Type Services server font processing buffer overflow
Overview A stack-based buffer overflow in Apple Type Services server may allow attackers to execute arbitrary code. Description The Apple Type Services server fails to properly handle malformed font files possibly allowing a stack-based buffer overflow to occur. Note that according to Apple, font...
Apple Mac OS X Finder fails to properly handle malformed .DS_Store files
Overview Apple Finder fails to properly handle malformed .DSStore files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description .DSStore files are hidden files used by Apple Finder to control the display of a folder and its contents.According to App...
Apple Mac OS X PPP driver fails to properly validate PADI packets
Overview The Apple Mac OS X PPP driver fails to properly handle PPPoE Active Discovery Initiation PADI packets. This vulnerability may allow a remote attacker to execute arbitrary code with system privileges. Description The Apple Mac OS X PPP driver fails to properly handle PADI packets allowing...
GNU gv buffer overflow vulnerability
Overview A buffer overflow vulnerability exists in the GNU gv viewer application. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description From the GNU gv website:GNU gv allows to view and navigate through...
NetGear wireless driver fails to properly process specially-crafted 802.11 management frames
Overview A buffer overflow vulnerability exists in the Netgear WG311ND5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The WG311ND5.SYS driver is a wireless 802.11g device driv...
Apple Mac OS X fails to properly handle corrupted DMG image structures
Overview Apple Mac OS X fails to properly handle corrupted DMG image structures. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. Description A vulnerability in the way Mac OS X com.apple.AppleDiskImageController handles...
Computer Associates BrightStor ARCserve Backup Tape Engine fails to properly handle RPC requests
Overview A vulnerability exists in the Computer Associates BrightStor ARCserve Backup Tape Engine. If successfully exploited, this vulnerability may allow a remote attacker to execute arbitrary code. Description BrightStor ARCserve Backup is a backup and data retention tool that integrates with...
NaviCOPA Web Server fails to properly handle certain HTTP requests
Overview A vulnerability exists in the NaviCOPA Web Server. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code. Description NaviCOPA Web Server is an HTTP server that is available for multiple versions of Microsoft Windows including Windows 98, NT, 2000,...
NetGear wireless driver fails to properly process certain 802.11 management frames
Overview A buffer overflow vulnerability exists in the Netgear MA521nd5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The MA521nd5.SYS driver is a wireless 802.11b device driv...
NetGear wireless driver fails to properly process certain 802.11 management frames
Overview A buffer overflow vulnerability has been reported in the Netgear WG111v2.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The WG111v2.SYS driver is a wireless 802.11...
Sky Software FileView ActiveX control buffer overflow vulnerability
Overview The Sky Software FileView ActiveX control contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Sky Software FileView object is an ActiveX control that is provided with several...
Sky Software FileView ActiveX control allows arbitrary command execution via unsafe methods
Overview The Sky Software FileView ActiveX control contains unsafe methods, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Sky Software FileView object is an ActiveX control that is provided with several applications, such as...
Microsoft Workstation Service fails to properly parse malformed network messages
Overview A vulnerability in the way Microsoft Workstation Service parses malformed network messages may lead to execution of arbitrary code. Description Microsoft Workstation Service contains a vulnerability that could be exploited when Workstation Service attempts to parse specially crafted...
Microsoft Internet Explorer fails to properly interpret HTML with certain layout combinations
Overview A vulnerability in the way Microsoft Internet Explorer interprets malformed Web pages may lead to execution of arbitrary code. Description Microsoft Internet Explorer contatins a vulnerabilty that could be exploited when Internet Explorer attempts to interpret specially crafted Web pages...
Microsoft DirectAnimation Path ActiveX control Spline method integer overflow
Overview A vulnerability in the Microsoft DirectAnimation ActiveX controls may allow a remote attacker to execute arbitrary code on an affected system. Description Microsoft's DirectAnimation is a suite of development functionality, predating Microsoft DirectX, that provides animation support for...
Microsoft Agent fails to properly handle specially crafted .ACF files
Overview Microsoft Agent fails to properly handle specially crafted .ACF files and may allow a remote attacker to execute arbitrary code. Description Microsoft Agent is a software technology that enables an enriched form of user interaction that can make using and learning to use a computer easie...
Broadcom wireless driver fails to properly process 802.11 probe response frames
Overview A buffer overflow vulnerability exists in the Broadcom BCMWL5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The BCMWL5.SYS driver is a wireless 802.11 device driver...
Citrix Access Gateway LDAP authentication bypass
Overview An error with LDAP authentication in Citrix Access Gateway appliances may allow an attacker to successfully authenticate without providing correct login credentials. Description Citrix Access Gateway appliances use SSL VPN technology to give remote users secure access shared resources...
Symantec Automated Support Assistant ActiveX control buffer overflow
Overview The Symantec Automated Support Assistant ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Symantec Automated Support Assistant control is an ActiveX control that comes with...
Mozilla products contain several unspecified errors in the layout engine
Overview The Mozilla layout engine contains several unspecified vulnerabilities that may allow an attacker to execute arbitrary code or crash the vulnerable application. Description The Mozilla layout engine, also known as Gecko, is responsible for parsing HTML, XML, CSS, layout, and rendering...