3704 matches found
IBM Access Support eGatherer ActiveX control buffer overflow
Overview The IBM Access Support eGatherer ActiveX control contains a buffer overflow vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The IBM Access Support eGatherer ActiveX control has the ability to collect system...
Microsoft Word 2000 malformed record vulnerability
Overview Microsoft Word 2000 contains a memory corruption vulnerability. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running Word 2000. Description Microsoft Word 2000 fails to properly handle malformed records leadin...
BIND vulnerable to an INSIST failure via sending of multiple recursive queries
Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A flaw exists in the...
BIND vulnerable to an assertion failure when querying for SIG records
Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A flaw exists in the...
Retro64 / Miniclip CR64Loader ActiveX control buffer overflow
Overview The Retro64 / Miniclip CR64Loader ActiveX control contains a buffer overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The CR64Loader Object is an ActiveX control developed by Retro64. The web sites...
Barracuda Spam Firewall contains hardcoded default login credentials
Overview Barracuda Spam Firewalls from version 3.3.01.001 to 3.3.02.053 have default login credentials that can not be modified by an administrator. Description Barracuda Spam Firewall appliances provide ingress and egress spam filtering for local area networks. An administrator will typically lo...
VMware ESX Server management interface logs passwords in cleartext in a world-readable file
Overview Certain versions of VMware ESX Server store passwords in a cleartext file that all users have read permissions to. Description Per the VMware ESX Server datasheet:ESX Server installs directly on the server hardware, or “bare metal,” and inserts a robust virtualization layer between the...
HP OpenView Storage Data Protector may allow an attacker to execute arbitrary commands
Overview A vulnerability in HP OpenView Storage Data Protector may allow an attacker to issue arbitrary commands on an affected system. Description HP OpenviewHP Openview is a range of products, distributed and developed by Hewlett Packard, that are used for enterprise system and network...
Microsoft Internet Explorer long URL buffer overflow
Overview Microsoft Internet Explorer is vulnerable to a buffer overflow when processing a long URL on a web site that uses HTTP 1.1 compression. This could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer 6 Service...
Xsan Filesystem fails to properly process path names
Overview A buffer overflow vulnerability in Apple's Xsan product may allow a local attacker to run arbitrary code with root privileges or create a denial-of-service condition. Description Xsan FilesystemXsan is a Storage Area Network SAN filesystem designed for use by Apple OS X and OS X Server...
Symantec Veritas Backup Exec for Windows Server vulnerable to heap-based buffer overflow
Overview Symantec Veritas Backup Exec for Windows Server contains multiple heap-based buffer overflow vulnerabilities which can allow a remote, authenticated attacker to cause a denial of service or execute arbitrary code. Description VERITAS Backup Exec for Windows Server is a data backup and...
BlackBerry Enterprise Server fails to properly handle Microsoft Word attachments
Overview A buffer overflow vulnerability in BlackBerry Enterprise Server may allow a remote attacker to execute arbitrary code. Description A buffer overflow vulnerability exists in the BlackBerry Attachment Service component of BlackBerry Enterprise Server. This vulnerability may allow a remote...
Drivers for the Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability
Overview Microsoft Windows drivers for Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Intel 2100 PRO/Wireless Network Connection Hardware The Inte...
X.Org server fails to properly test for effective user ID
Overview A vulnerability in the X.Org server could allow a local attacker to gain administrative privileges or cause a denial of service on an affected system. Description The X.Org server program provides several command-line options that are meant to be parsed only when the program is running a...
MIT Kerberos (krb5) ftpd and ksu do not properly validate seteuid() calls
Overview Privilege escalation vulnerabilities in MIT krb5 ftpd and ksu may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 ftpd and ksu programs contain multiple privilege escalation vulnerabilities. These vulnerabilities are dependent on the host operating...
McAfee Subscription Manager ActiveX control vulnerable to stack buffer overflow
Overview The McAfee Subscription Manager ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description ActiveXActiveX is a technology that allows programmers to create reusable software components that can be incorporated int...
Ruby on Rails fails to properly verify input passed via the URL
Overview Ruby on Rails fails to properly validate input. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Ruby on Rails is a web application programming framework. Ruby on Rails 1.1.4 and earlier contain a vulnerability in the processing of user input...
Sun ONE and Sun Java System Applications vulnerable to cross-site scripting via default error page
Overview A cross-site scripting vulnerability in Sun ONE and Sun Java System Applications may allow an attacker to read or modify data in web pages and cookies. Description From Sun Alert Notification 102164: A Cross Site Scripting XSS vulnerability in various releases of the Sun Java System Web...
Microsoft Windows Kernel vulnerable to privilege escalation
Overview Microsoft Windows contains a privilege escalation vulnerability that could allow an authenticated, local attacker to gain complete control of the affected system. Description Winlogon is the component of Microsoft Windows responsible for interactive, security related functions. Upon logo...
Microsoft Windows kernel fails to properly manage exception handling
Overview An exception handling vulnerability in the Microsoft Windows kernel may allow a remote attacker to execute arbitrary code. Description Microsoft Windows kernel contains an exception handling vulnerability that can allow a remote attacker to execute arbitrary code with privileges of the...
MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls
Overview Privilege escalation vulnerabilities in MIT krb5 krshd and v4rcp may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 krshd and v4rcp programs contain multiple privilege escalation vulnerabilities. MIT krb5 Security Advisory 2006-001 states that the...
Microsoft PowerPoint fails to properly handle malformed records
Overview Microsoft PowerPoint fails to properly handle malformed records allowing a buffer overflow to occur. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint fails to properly handle malformed records. Specifically,...
Microsoft Winsock buffer overflow
Overview A buffer overflow vulnerability in Microsoft Winsock may allow a remote attacker to execute arbitrary code on an affected system. Description Winsock Windows Socket 2 allows network applications to relay data across a network regardless of the network protocol being used. Microsoft's...
Microsoft Management Console cross-site scripting vulnerability
Overview Microsoft Management Console MMC is vulnerable to cross-site scripting, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description MMCMMC is an application that allows a user to perform administrative tasks. Through the use of various snap-ins, MMC ca...
Microsoft Hyperlink Object Library buffer overflow
Overview A vulnerability in Microsoft Hyperlink Object Library may allow a remote attacker to execute arbitrary code on an affected system. Description The Hyperlink Object Library is a collection of application programming interfaces that provide functionality for handling hyperlinks. The...
Microsoft Visual Basic for Applications buffer overflow
Overview Microsoft Visual Basic for Applications fails to properly validate document properties. This vulnerability could allow a remote attacker to execute arbitrary code. Description Visual Basic For Applications VBA According to Microsoft Security Bulletin MS06-047: Microsoft VBA is a...
Microsoft Internet Explorer fails to properly interpret layout positioning
Overview Microsoft Internet Explorer fails to properly handle certain combinations of layout positioning. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the handling of certain combinations of...
Microsoft DNS Client buffer overflow
Overview The Microsoft DNS Client service contains a remote code execution vulnerability that could allow a remote attacker to take complete control of the affected system. Description From Microsoft TechNet: The Domain Name System DNS client service resolves and caches DNS names. The DNS client...
Microsoft Windows Server service buffer overflow
Overview A stack-based buffer overflow exists in the Microsoft Server service. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code with SYSTEM privileges. Description Microsoft Server ServiceMS06-040 includes the following information: The Server service...
Microsoft Windows fails to properly parse the MHTML protocol
Overview Microsoft Windows fails to properly handle MHTML. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description MHTML According to Microsoft Security Bulletin MS06-043: MHTML extends HTML to embed encoded objects, such as images, in the HTML...
Microsoft Internet Explorer fails to properly handle chained Cascading Style Sheets
Overview Microsoft Internet Explorer fails to properly handle chained Cascading Style Sheets CSS. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description CSS is a mechanism for adding style to web documents. Microsoft Internet Explorer contains a vulnerabili...
Microsoft Internet Explorer source element cross-domain vulnerability
Overview Microsoft Internet Explorer fails to properly handle redirects for source elements. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Cross-Domain Security Model IE uses a cross-domain security model to maintain separation between browser...
Microsoft Internet Explorer HTML layout rendering vulnerability
Overview Microsoft Internet Explorer fails to properly render certain HTML layout combinations. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the rendering of certain HTML layout combinations...
Intel Centrino wireless network drivers fail to properly handle malformed frames
Overview Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Microsoft Windows drivers for Intel Centrino 2200BG and 2915ABG PRO wireless...
Apple Mac OS X AFP server vulnerable to DoS via maliciously crafted AFP request
Overview A vulnerability in the Apple Mac OS X AFP server may allow an attacker to cause a denial-of-service condition on an affected system. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to access files remotely from a server. Apple's Mac OS X AFP server contains ...
Apple Mac OS X AFP server vulnerable to an integer overflow when file sharing is enabled
Overview A vulnerability in Apple Mac OS X AFP server may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition on an affected system. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to remotely access files from a server. Apple's M...
Apple Mac OS X Image RAW vulnerable to buffer overflow via specially crafted Canon RAW image
Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description RAW image files provide access to image information directly from a camera's sensor prior to in-camera processing, retaining the...
Apple Mac OS X AFP server stores reconnect keys in a world-readable file
Overview A vulnerability in Apple Mac OS X AFP server may allow an authenticated local user to access files or folders with the credentials of another user. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to remotely access files from a server. In Apple's Mac OS X...
Multiple D-Link routers fail to properly process UPnP M-SEARCH requests
Overview A buffer overflow vulnerability in the software that operates certain models of D-Link routers could allow a remote attacker to execute arbitrary code on the affected device. Description UPnP Universal Plug and Play UPnP is a system that allows network devices to operate together. M-SEAR...
Apple Mac OS X Bom vulnerable to memory corruption via specially crafted ZIP file
Overview A memory corruption vulnerability in the Mac OS X Bom could allow a remote attacker to execute arbitrary code on an affected system. Description Apple's Bom is the archive file handler in the Mac OS X operating system. It features the ability to handle file archives in a number of...
Apple Mac OS X bootpd vulnerable to stack-based buffer overflow
Overview A buffer overflow vulnerability in the Apple Mac OS X bootp daemon may allow an attacker to execute arbitrary code on an affected system. Description bootpd The bootp daemon bootpd is used to send clients network and IP address configuration settings. It can also work in combination with...
Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted Radiance image
Overview The Apple Mac OS X ImageIO framework contains an integer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to process...
Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted GIF image
Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to process...
Apple Mac OS X WebKit may allow code execution when visiting a malicious website
Overview A vulnerability in Apple Mac OS X WebKit may allow an attacker to execute arbitrary code on an affected system. Description WebKit From the OpenDarwin WebKit project description, WebKit is an open source web browser engine. WebKit is also the name of the Mac OS X system framework version...
Apple Mac OS X ImageIO contains undetected memory failure in GIF image handling
Overview The Apple Mac OS X ImageIO framework contains a memory allocation flaw that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to...
eIQnetworks Enterprise Security Analyzer Syslog server buffer overflow
Overview The eIQnetworks Enterprise Security Analyzer Syslog server contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Enterprise Security Analyzer eIQnetworks Enterprise Security Analyzer ESA...
Mozilla Firefox fails to properly handle the "XPCNativeWrapper(window).Function(...)"
Overview Certain Mozilla products contain a cross-site scripting vulnerability because of a vulnerability in the XPCNativeWrapper function. Description XPCNativeWrapper Per Mozilla, XPCNativeWrapper is a way to wrap up an object so that it is safe to access from privileged code. It is used to all...
Mozilla Firefox may allow chrome URLs to reference remote files
Overview Mozilla products allow chrome URLs to reference remote files. This allows a remote attacker to execute code. Description Chrome The Mozilla user interface components outside of the content area are created using chrome. This includes toolbars, menu bars, progress bars, and window title...
Apache mod_rewrite contains off-by-one error in ldap scheme handling
Overview A vulnerability in a common Apache HTTP server module, modrewrite, could allow a remote attacker to execute arbitrary code on an affected web server. Description The Apache HTTP server distribution includes a number of supplemental modules that provide additional functionality to the web...
Mozilla fails to properly handle simultaneous XPCOM events
Overview Mozilla products are vulnerable to memory corruption via simultaneous XPCOM events. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description XPCOMXPCOM is a cross-platform component object model similar to Microsoft COM or CORBA. XPCOM provides the...