3695 matches found
BlackBerry Enterprise Server fails to properly handle Microsoft Word attachments
Overview A buffer overflow vulnerability in BlackBerry Enterprise Server may allow a remote attacker to execute arbitrary code. Description A buffer overflow vulnerability exists in the BlackBerry Attachment Service component of BlackBerry Enterprise Server. This vulnerability may allow a remote...
Xsan Filesystem fails to properly process path names
Overview A buffer overflow vulnerability in Apple's Xsan product may allow a local attacker to run arbitrary code with root privileges or create a denial-of-service condition. Description Xsan FilesystemXsan is a Storage Area Network SAN filesystem designed for use by Apple OS X and OS X Server...
Symantec Veritas Backup Exec for Windows Server vulnerable to heap-based buffer overflow
Overview Symantec Veritas Backup Exec for Windows Server contains multiple heap-based buffer overflow vulnerabilities which can allow a remote, authenticated attacker to cause a denial of service or execute arbitrary code. Description VERITAS Backup Exec for Windows Server is a data backup and...
Drivers for the Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability
Overview Microsoft Windows drivers for Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Intel 2100 PRO/Wireless Network Connection Hardware The Inte...
X.Org server fails to properly test for effective user ID
Overview A vulnerability in the X.Org server could allow a local attacker to gain administrative privileges or cause a denial of service on an affected system. Description The X.Org server program provides several command-line options that are meant to be parsed only when the program is running a...
MIT Kerberos (krb5) ftpd and ksu do not properly validate seteuid() calls
Overview Privilege escalation vulnerabilities in MIT krb5 ftpd and ksu may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 ftpd and ksu programs contain multiple privilege escalation vulnerabilities. These vulnerabilities are dependent on the host operating...
McAfee Subscription Manager ActiveX control vulnerable to stack buffer overflow
Overview The McAfee Subscription Manager ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description ActiveXActiveX is a technology that allows programmers to create reusable software components that can be incorporated int...
Ruby on Rails fails to properly verify input passed via the URL
Overview Ruby on Rails fails to properly validate input. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Ruby on Rails is a web application programming framework. Ruby on Rails 1.1.4 and earlier contain a vulnerability in the processing of user input...
Sun ONE and Sun Java System Applications vulnerable to cross-site scripting via default error page
Overview A cross-site scripting vulnerability in Sun ONE and Sun Java System Applications may allow an attacker to read or modify data in web pages and cookies. Description From Sun Alert Notification 102164: A Cross Site Scripting XSS vulnerability in various releases of the Sun Java System Web...
Microsoft Windows Kernel vulnerable to privilege escalation
Overview Microsoft Windows contains a privilege escalation vulnerability that could allow an authenticated, local attacker to gain complete control of the affected system. Description Winlogon is the component of Microsoft Windows responsible for interactive, security related functions. Upon logo...
Microsoft Internet Explorer fails to properly handle chained Cascading Style Sheets
Overview Microsoft Internet Explorer fails to properly handle chained Cascading Style Sheets CSS. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description CSS is a mechanism for adding style to web documents. Microsoft Internet Explorer contains a vulnerabili...
Microsoft Windows Server service buffer overflow
Overview A stack-based buffer overflow exists in the Microsoft Server service. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code with SYSTEM privileges. Description Microsoft Server ServiceMS06-040 includes the following information: The Server service...
Microsoft Internet Explorer fails to properly interpret layout positioning
Overview Microsoft Internet Explorer fails to properly handle certain combinations of layout positioning. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the handling of certain combinations of...
Microsoft PowerPoint fails to properly handle malformed records
Overview Microsoft PowerPoint fails to properly handle malformed records allowing a buffer overflow to occur. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint fails to properly handle malformed records. Specifically,...
Microsoft Windows kernel fails to properly manage exception handling
Overview An exception handling vulnerability in the Microsoft Windows kernel may allow a remote attacker to execute arbitrary code. Description Microsoft Windows kernel contains an exception handling vulnerability that can allow a remote attacker to execute arbitrary code with privileges of the...
Microsoft DNS Client buffer overflow
Overview The Microsoft DNS Client service contains a remote code execution vulnerability that could allow a remote attacker to take complete control of the affected system. Description From Microsoft TechNet: The Domain Name System DNS client service resolves and caches DNS names. The DNS client...
Microsoft Management Console cross-site scripting vulnerability
Overview Microsoft Management Console MMC is vulnerable to cross-site scripting, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description MMCMMC is an application that allows a user to perform administrative tasks. Through the use of various snap-ins, MMC ca...
Microsoft Windows fails to properly parse the MHTML protocol
Overview Microsoft Windows fails to properly handle MHTML. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description MHTML According to Microsoft Security Bulletin MS06-043: MHTML extends HTML to embed encoded objects, such as images, in the HTML...
Microsoft Visual Basic for Applications buffer overflow
Overview Microsoft Visual Basic for Applications fails to properly validate document properties. This vulnerability could allow a remote attacker to execute arbitrary code. Description Visual Basic For Applications VBA According to Microsoft Security Bulletin MS06-047: Microsoft VBA is a...
Microsoft Internet Explorer source element cross-domain vulnerability
Overview Microsoft Internet Explorer fails to properly handle redirects for source elements. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Cross-Domain Security Model IE uses a cross-domain security model to maintain separation between browser...
Microsoft Internet Explorer HTML layout rendering vulnerability
Overview Microsoft Internet Explorer fails to properly render certain HTML layout combinations. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the rendering of certain HTML layout combinations...
Microsoft Winsock buffer overflow
Overview A buffer overflow vulnerability in Microsoft Winsock may allow a remote attacker to execute arbitrary code on an affected system. Description Winsock Windows Socket 2 allows network applications to relay data across a network regardless of the network protocol being used. Microsoft's...
Microsoft Hyperlink Object Library buffer overflow
Overview A vulnerability in Microsoft Hyperlink Object Library may allow a remote attacker to execute arbitrary code on an affected system. Description The Hyperlink Object Library is a collection of application programming interfaces that provide functionality for handling hyperlinks. The...
MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls
Overview Privilege escalation vulnerabilities in MIT krb5 krshd and v4rcp may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 krshd and v4rcp programs contain multiple privilege escalation vulnerabilities. MIT krb5 Security Advisory 2006-001 states that the...
Intel Centrino wireless network drivers fail to properly handle malformed frames
Overview Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Microsoft Windows drivers for Intel Centrino 2200BG and 2915ABG PRO wireless...
Apple Mac OS X Image RAW vulnerable to buffer overflow via specially crafted Canon RAW image
Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description RAW image files provide access to image information directly from a camera's sensor prior to in-camera processing, retaining the...
Apple Mac OS X AFP server vulnerable to DoS via maliciously crafted AFP request
Overview A vulnerability in the Apple Mac OS X AFP server may allow an attacker to cause a denial-of-service condition on an affected system. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to access files remotely from a server. Apple's Mac OS X AFP server contains ...
Apple Mac OS X AFP server vulnerable to an integer overflow when file sharing is enabled
Overview A vulnerability in Apple Mac OS X AFP server may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition on an affected system. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to remotely access files from a server. Apple's M...
Multiple D-Link routers fail to properly process UPnP M-SEARCH requests
Overview A buffer overflow vulnerability in the software that operates certain models of D-Link routers could allow a remote attacker to execute arbitrary code on the affected device. Description UPnP Universal Plug and Play UPnP is a system that allows network devices to operate together. M-SEAR...
Apple Mac OS X AFP server stores reconnect keys in a world-readable file
Overview A vulnerability in Apple Mac OS X AFP server may allow an authenticated local user to access files or folders with the credentials of another user. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to remotely access files from a server. In Apple's Mac OS X...
Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted GIF image
Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to process...
Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted Radiance image
Overview The Apple Mac OS X ImageIO framework contains an integer overflow that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to process...
Apple Mac OS X Bom vulnerable to memory corruption via specially crafted ZIP file
Overview A memory corruption vulnerability in the Mac OS X Bom could allow a remote attacker to execute arbitrary code on an affected system. Description Apple's Bom is the archive file handler in the Mac OS X operating system. It features the ability to handle file archives in a number of...
Apple Mac OS X bootpd vulnerable to stack-based buffer overflow
Overview A buffer overflow vulnerability in the Apple Mac OS X bootp daemon may allow an attacker to execute arbitrary code on an affected system. Description bootpd The bootp daemon bootpd is used to send clients network and IP address configuration settings. It can also work in combination with...
Apple Mac OS X WebKit may allow code execution when visiting a malicious website
Overview A vulnerability in Apple Mac OS X WebKit may allow an attacker to execute arbitrary code on an affected system. Description WebKit From the OpenDarwin WebKit project description, WebKit is an open source web browser engine. WebKit is also the name of the Mac OS X system framework version...
Apple Mac OS X ImageIO contains undetected memory failure in GIF image handling
Overview The Apple Mac OS X ImageIO framework contains a memory allocation flaw that may allow a remote attacker to execute arbitrary code on an affected system. Description Apple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 Tiger. It includes the ability to...
Mozilla Firefox fails to properly handle the "XPCNativeWrapper(window).Function(...)"
Overview Certain Mozilla products contain a cross-site scripting vulnerability because of a vulnerability in the XPCNativeWrapper function. Description XPCNativeWrapper Per Mozilla, XPCNativeWrapper is a way to wrap up an object so that it is safe to access from privileged code. It is used to all...
eIQnetworks Enterprise Security Analyzer Syslog server buffer overflow
Overview The eIQnetworks Enterprise Security Analyzer Syslog server contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Enterprise Security Analyzer eIQnetworks Enterprise Security Analyzer ESA...
Mozilla Firefox may allow chrome URLs to reference remote files
Overview Mozilla products allow chrome URLs to reference remote files. This allows a remote attacker to execute code. Description Chrome The Mozilla user interface components outside of the content area are created using chrome. This includes toolbars, menu bars, progress bars, and window title...
Apache mod_rewrite contains off-by-one error in ldap scheme handling
Overview A vulnerability in a common Apache HTTP server module, modrewrite, could allow a remote attacker to execute arbitrary code on an affected web server. Description The Apache HTTP server distribution includes a number of supplemental modules that provide additional functionality to the web...
Mozilla JavaScript engine contains multiple integer overflows
Overview The Mozilla JavaScript engine contains multiple integer overflows. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products that use the Mozilla JavaScript engine are vulnerable to integer overflows. Specifically, the...
Mozilla products contain a race condition
Overview Mozilla products contain a race condition. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Mozilla products JavaScript garbage collection process may delete a variable while that variable is still in use. This may corrupt...
Mozilla fails to properly handle garbage collection
Overview The Mozilla JavaScript engine fails to properly perform garbage collection, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Garbage collection According to Mozilla: Garbage collection is generally used to refer to algorithms that 1 determin...
Mozilla fails to properly release JavaScript references
Overview Mozilla products fail to properly release memory. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products fail to properly release JavaScript references. This may corrupt memory in a way that can allow an attacker to...
Mozilla fails to properly handle simultaneous XPCOM events
Overview Mozilla products are vulnerable to memory corruption via simultaneous XPCOM events. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description XPCOMXPCOM is a cross-platform component object model similar to Microsoft COM or CORBA. XPCOM provides the...
Mozilla contains multiple memory corruption vulnerabilities
Overview Mozilla products contain multiple vulnerabilities that can cause memory corruption. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products contain multiple bugs that cause the application to crash. In some cases, a crash may be...
Mozilla products fail to properly handle frame references
Overview Mozilla products fail to properly handle frame or window references. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description JavaScript references are not properly cleared after an object is deleted. An attacker may be able to use the reference to a...
Mozilla products VCard attachment buffer overflow
Overview Mozilla products fail to properly handle malformed VCard attachments, which allows a buffer overflow to occur. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-49:A VCard...
Mozilla products fail to properly validate JavaScript constructors
Overview Mozilla products fail to properly validate references returned by JavaScript constructors. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-51: JavaScript functions have a...
Tamarack MMSd components fail to properly handle malformed packets
Overview Tamarack MMSd components do not properly handle malformed RFC 1006 packets. This vulnerability may allow a remote, unauthenticated attacker to cause a denial of service condition. Description ISO Transport Service over TCP TPKT, RFC 1006 RFC 1006 specifies how to run the OSI transport...