3695 matches found
OpenOffice.org may fail to recognize embedded Basic macros
Overview The OpenOffice.org team has reported a vulnerability in how the 1.1 and 2.0 versions of OpenOffice.org process basic macros. Description A vulnerability in OpenOffice.org may allow an attacker to inject basic code into documents such that the code will be executed when the document is...
Adobe Acrobat fails to properly convert files to PDF
Overview A vulnerability exists in Adobe Acrobat that may allow an attacker to execute arbitrary code. Description Adobe Acrobat contains a buffer overflow in the code that converts files to PDF. If an attacker can convince a user to create a PDF using specially-crafted input, that attacker may b...
Microsoft Server Service may disclose information used to store SMB traffic
Overview A vulnerability in the Microsoft Server service may allow an attacker to view fragments of memory used to store SMB traffic. Description Microsoft Server Service The Microsoft Server service supports file, print, and named-pipe sharing over the network. Server Message Block Server Messag...
OpenOffice.org may fail to properly contain certain Java applets
Overview The OpenOffice.org team has reported a vulnerability in how the 1.1 and 2.0 versions of OpenOffice.org handle certain Java applets. Description OpenOffice.org is an office suite that is available for multiple operating systems, including Windows, Linux, Apple Mac OS X, and BSD. It includ...
Samba fails to properly handle multiple share connection requests
Overview There is a vulnerability in the smbd process which may allow an attacker to create a denial of service condition. Description Samba Samba is an open-source implementation of SMB/CIFS file and print services. It is frequently included in UNIX and Linux distributions and is typically used...
Microsoft PowerPoint does not properly handle malformed shapes
Overview Microsoft PowerPoint contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoint opens a specially crafted document. Accordin...
Linux kernel fails to properly handle malformed SCTP packets
Overview It is possible to cause a denial of service of the Linux kernel by sending a SCTP packet containing no chunks. Description The Stream Control Transmission Protocol SCTP, RFC 2960 is a transport layer protocol which provides reliable, sequential transport of message streams with congestio...
Cisco Router Web Setup (CRWS) contains an insecure default IOS configuration
Overview A vulnerability in the Cisco Router Web Setup CRWS web configuration tool on some Cisco 800 and SOHO series routers may allow remote execution of system-level commands with no authentication. Description Cisco Router Web Setup Tool The Cisco Router Web Setup tool, or CRWS, provides a GUI...
Adobe Flash Player fails to properly handle malformed SWF files
Overview Adobe Flash Player fails to properly handle malformed SWF files resulting in a memory corruption vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description Adobe Flash Player is a player for the Flash media format and enables...
Microsoft Server Service Mailslot vulnerable to heap overflow
Overview A buffer overflow vulnerability in the Microsoft mailslot server service may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mailslot A mailslot is a temporary mechanism that can facilitate data transfer between hosts. Mailslots messages are limited ...
Microsoft DHCP Client service contains a buffer overflow
Overview Microsoft DHCP Client service contains a buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Dynamic Host Configuration Protocol DHCP As described in RFC 2131, "The Dynamic Host Configuration Protocol DHCP provides...
Microsoft Office fails to properly handle GIF images
Overview Microsoft Office applications fail to properly handle GIF images. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office applications fail to properly parse GIF images. When an Office document containing a malformed G...
Microsoft Office fails to properly handle PNG images
Overview Microsoft Office applications fail to properly handle PNG images. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office applications fail to properly parse PNG images. When an Office document containing a malformed P...
Microsoft Internet Information Services vulnerable to remote code execution via specially crafted ASP file
Overview Microsoft Internet Information Services IIS contains a buffer overflow vulnerability. This may allow a remote, authenticated attacker to execute arbitrary code on a vulnerable system. Description IIS IIS is a web server that comes with Microsoft Windows. ASP ASP Active Server Pages is a...
Microsoft Office string parsing vulnerability
Overview Microsoft Office fails to properly parse strings. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly parse strings. When an Office document containing malformed string is opened with an Office application...
Microsoft Office fails to properly handle document properties
Overview Microsoft Office contains a buffer overflow when handling specially crafted document properties. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly validate property fields resulting in a buffer overflow...
Microsoft Office fails to properly handle malformed strings
Overview Microsoft Office fails to properly handle specially crafted strings. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly validate strings. When an Office document containing malformed string is opened with...
Juniper JUNOS IPv6 denial-of-service vulnerability
Overview Juniper JUNOS Internet Software contains a vulnerability in IPv6 handling that could allow a remote attacker to cause a denial of service. Description Juniper router operating system software JUNOS does not properly free memory allocated for certain IPv6 packets. If a fixed amount of...
Webmin and Usermin fail to sanitize user input
Overview Webmin and Usermin do not properly sanitize user input. This vulnerability may allow a remote, unauthenticated user to view any file on the system running Webmin or Usermin. Description Webmin Webmin is popular web-based administration tool for Unix and Linux servers that allows system...
Microsoft Internet Explorer vulnerable to heap overflow via the HTML Help Control "Image" property
Overview The HTML Help ActiveX control contains a heap overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to create reusable software components that can be...
Dell Openmanage CD launches unauthenticated services
Overview Dell Openmanage CD launches X11 and SSH daemons that permit unauthenticated users full access. Description The Dell Openmanage CD gives system administrators using Dell servers access to drivers, diagnostic tools, remote system control, and other utilities. When loaded, the CD launches X...
eBay Enhanced Picture Services ActiveX control buffer overflow
Overview The eBay Enhanced Picture Services EPUImageControl Class ActiveX control contains a buffer overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to...
Apple iTunes fails to properly parse AAC files
Overview Apple iTunes does not properly parse AAC files. This vulnerability may allow a remote attacker to execute arbitrary code. Description Apple iTunes Apple iTunes is a digital media player available for the Microsoft Windows and Mac OS X operating systems. Advanced Audio Coding AAC file...
Apple Mac OS X vulnerable to stack-based buffer overflow via specially crafted TIFF file
Overview Apple has reported a vulnerability in the way Mac OS X 10.4 systems handle TIFF images that could cause affected applications to crash or allow remote code execution.. Description TIFF Image File Format The TIFF image file format is a widely supported file format used for storing images...
Microsoft Internet Explorer fails to properly handle CLSID extensions
Overview Microsoft Internet Explorer fails to properly handle directories with CLSID extensions. This may allow an attacker to bypass the warning dialog that Internet Explorer should display before executing downloaded code. Description CLSID According to Microsoft MSDN, A CLSID is a "globally...
Cisco Access Point Web Browser Interface contains a vulnerability
Overview A vulnerability in the HTTP management interface for some configurations of Cisco wireless access points could allow a remote attacker to take complete control over the affected device. Description Cisco wireless access points allow administrators to create more than one set of...
Microsoft Internet Explorer HTML Document object cross-domain vulnerability
Overview Microsoft Internet Explorer contains a cross-domain vulnerability in how it handles redirected object data. This could allow an attacker to access the content of a web page in a different domain. Description The Cross-Domain Security Model IE uses a cross-domain security model to maintai...
Apple Mac OS X Open Directory server vulnerable to DoS via an invalid LDAP request
Overview Apple has reported a vulnerability in their version of OpenLDAP that is included in Apple Mac OS X and Mac OS X Server versions 10.4 to 10.4.6. If successfully exploited, this vulnerability would allow an attacker to create a denial-of-service condition. Description OpenLDAP is a popular...
ClamAV vulnerable to buffer overflow via malicious database mirror
Overview The Open Source anti-virus program ClamAV's update engine, freshclam, contains a buffer overflow vulnerability. If exploited, an attacker could create a denial-of-service condition, or possibly run arbitrary code with the privileges of the freshclam process. Description Freshclam is a...
Gracenote CDDB ActiveX control buffer overflow
Overview The Gracenote CDDB ActiveX control contains a buffer overflow vulnerability, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description CDDB CDDB CD Data Base is an internet database provided by Gracenote. CDDB contains track lists and other informati...
WinSCP URI handlers fails to properly parse command line switches
Overview A vulnerability has been found in WinSCP, which can be exploited by an attacker to overwrite or add files to the victim's computer. Description WinSCP is an open source SFTP client for Microsoft windows. It supports a file-manager user interface, and uses the SSH protocol to transfer fil...
Microsoft Hyperlink Object Library stack buffer overflow
Overview The Microsoft Windows system library for handling hyperlinks contains a buffer overflow. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Description Microsoft Hyperlink Object Library HLINK.DLL The Hyperlink Object Library provides interfaces for...
X.Org server buffer overflow in Xrender extension
Overview A vulnerability in the X.Org X server could allow an attacker to execute arbitrary code with the privileges of the server. Description The X Window System provides a number of components to support graphical user interfaces, primarily on Unix-like operating systems. It features a...
Microsoft Excel vulnerability
Overview An unspecified vulnerability in Microsoft Excel could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel contains a vulnerability that could be exploited when Excel opens a specially crafted document. It is possible that the vulnerability can ...
Sendmail fails to handle malformed multipart MIME messages
Overview Sendmail does not properly handle malformed multipart MIME messages. This vulnerability may allow a remote, unauthenticated attacker to cause a denial-of-service condition. Description Sendmail Sendmail is a widely used mail transfer agent MTA. Mail Transfer Agents MTA MTAs are responsib...
Yahoo! Mail script injection vulnerability
Overview A script injection vulnerability exists in Yahoo! Mail. Description Yahoo! Mail is vulnerable to script injection. Specifically, Yahoo! Mail fails to properly filter the body of email messages for script code. If a remote attacker can persuade a user to open a specially crafted email...
Microsoft Remote Access Connection Manager service vulnerable to buffer overflow
Overview A vulnerability in the Microsoft Remote Access Connection Manager may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft describes the Routing and Remote Access Service RRAS as follows:RRAS makes it possible for a computer to function as a...
Microsoft Windows Media Player PNG processing buffer overflow
Overview Microsoft Windows Media Player contains a stack-based buffer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Windows Media Player Windows Media Player is a multimedia application that comes with...
Microsoft Routing and Remote Access does not properly handle RPC requests
Overview There is a vulnerability in the Microsoft Windows Routing and Remote Access Service that could allow an attacker to take control of the affected system. Description The Routing and Remote Access Service RRAS allows computers running the Windows 2000, XP, and Server 2003 operating systems...
Microsoft Outlook Web Access for Exchange Server script injection vulnerability
Overview A script injection vulnerability exists in Microsoft Exchange Server running Outlook Web Access. Description Microsoft Outlook Web Access OWA is a service of Exchange Server. OWA allows authorized users to read and send email, manage their calendar, and perform other functions on an...
Microsoft Graphics Rendering Engine fails to properly handle WMF images
Overview Microsoft Windows Graphics Rendering Engine contains a vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats including Windows Metafile WMF. An...
Microsoft DXImageTransform Light filter fails to validate input
Overview The Microsoft DXImageTransform Light COM object fails to validate input, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft COMMicrosoft COM is a technology that allows programmers to create reusable software components that can be...
Microsoft PowerPoint malformed record vulnerability
Overview Microsoft PowerPoint fails to properly handle malformed records. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint Microsoft PowerPoint is presentation software that is available on Microsoft Windows and Apple Mac platform...
Microsoft JScript memory corruption vulnerability
Overview Microsoft JScript contains a memory corruption vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft JScript According to Microsoft Security Bulletin MS06-023: JScript is the Microsoft...
Microsoft IP Source Route Vulnerability
Overview A vulnerability in Microsoft Windows could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Source routing is a technique to determine the network route for a packet based on information supplied by the sender in the IP packet. The TCP/IP driver in so...
Microsoft Windows ART image handling buffer overflow
Overview Microsoft Windows ART image handling routines are vulnerable to a heap-based buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ART Images According to Microsoft Security Bulletin MS06-022: ART is...
Microsoft Internet Explorer UTF-8 decoding vulnerability
Overview Microsoft Internet Explorer fails to properly decode UTF-8 encoded HTML. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Unicode The Unicode character set contains more than 96,000 characters. Because of this, Unicode can be...
Microsoft Internet Explorer exception handling vulnerability
Overview Microsoft Internet Explorer fails to properly handle exception conditions. This may allow a remote, unauthenticated attacker to execute arbitrary code. Description Internet Explorer allows objects to register exception handlers. These handlers may not properly handle some conditions, whi...
Linux Kernel may fail to properly handle SNMP packets
Overview A memory freeing vulnerability in the Linux kernel module ipnatsnmpbasic can be exploited to create a denial-of-service condition. Description ipnatsnmpbasic The ipnatsnmpbasic IP NAT module is intended for use with SNMP network discovery and monitoring applications where target networks...
Skype URI handler fails to properly parse parameters
Overview A remote attacker could potentially retrieve files from Skype users running the Microsoft Windows version of the Skype software. Description Skype is an application that allows users to communicate with voice or messaging across the Internet or local area networks. Skype also features th...