3702 matches found
Mozilla products fail to properly handle frame references
Overview Mozilla products fail to properly handle frame or window references. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description JavaScript references are not properly cleared after an object is deleted. An attacker may be able to use the reference to a...
Mozilla products VCard attachment buffer overflow
Overview Mozilla products fail to properly handle malformed VCard attachments, which allows a buffer overflow to occur. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-49:A VCard...
Mozilla products contain a race condition
Overview Mozilla products contain a race condition. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Mozilla products JavaScript garbage collection process may delete a variable while that variable is still in use. This may corrupt...
Mozilla fails to properly release JavaScript references
Overview Mozilla products fail to properly release memory. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products fail to properly release JavaScript references. This may corrupt memory in a way that can allow an attacker to...
Tamarack MMSd components fail to properly handle malformed packets
Overview Tamarack MMSd components do not properly handle malformed RFC 1006 packets. This vulnerability may allow a remote, unauthenticated attacker to cause a denial of service condition. Description ISO Transport Service over TCP TPKT, RFC 1006 RFC 1006 specifies how to run the OSI transport...
Mozilla fails to properly handle garbage collection
Overview The Mozilla JavaScript engine fails to properly perform garbage collection, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Garbage collection According to Mozilla: Garbage collection is generally used to refer to algorithms that 1 determin...
Mozilla fails to properly handle simultaneous XPCOM events
Overview Mozilla products are vulnerable to memory corruption via simultaneous XPCOM events. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description XPCOMXPCOM is a cross-platform component object model similar to Microsoft COM or CORBA. XPCOM provides the...
OpenOffice.org may fail to recognize embedded Basic macros
Overview The OpenOffice.org team has reported a vulnerability in how the 1.1 and 2.0 versions of OpenOffice.org process basic macros. Description A vulnerability in OpenOffice.org may allow an attacker to inject basic code into documents such that the code will be executed when the document is...
Adobe Acrobat fails to properly convert files to PDF
Overview A vulnerability exists in Adobe Acrobat that may allow an attacker to execute arbitrary code. Description Adobe Acrobat contains a buffer overflow in the code that converts files to PDF. If an attacker can convince a user to create a PDF using specially-crafted input, that attacker may b...
OpenOffice.org may fail to properly contain certain Java applets
Overview The OpenOffice.org team has reported a vulnerability in how the 1.1 and 2.0 versions of OpenOffice.org handle certain Java applets. Description OpenOffice.org is an office suite that is available for multiple operating systems, including Windows, Linux, Apple Mac OS X, and BSD. It includ...
Microsoft Server Service may disclose information used to store SMB traffic
Overview A vulnerability in the Microsoft Server service may allow an attacker to view fragments of memory used to store SMB traffic. Description Microsoft Server Service The Microsoft Server service supports file, print, and named-pipe sharing over the network. Server Message Block Server Messag...
Samba fails to properly handle multiple share connection requests
Overview There is a vulnerability in the smbd process which may allow an attacker to create a denial of service condition. Description Samba Samba is an open-source implementation of SMB/CIFS file and print services. It is frequently included in UNIX and Linux distributions and is typically used...
Microsoft PowerPoint does not properly handle malformed shapes
Overview Microsoft PowerPoint contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoint opens a specially crafted document. Accordin...
Linux kernel fails to properly handle malformed SCTP packets
Overview It is possible to cause a denial of service of the Linux kernel by sending a SCTP packet containing no chunks. Description The Stream Control Transmission Protocol SCTP, RFC 2960 is a transport layer protocol which provides reliable, sequential transport of message streams with congestio...
Cisco Router Web Setup (CRWS) contains an insecure default IOS configuration
Overview A vulnerability in the Cisco Router Web Setup CRWS web configuration tool on some Cisco 800 and SOHO series routers may allow remote execution of system-level commands with no authentication. Description Cisco Router Web Setup Tool The Cisco Router Web Setup tool, or CRWS, provides a GUI...
Adobe Flash Player fails to properly handle malformed SWF files
Overview Adobe Flash Player fails to properly handle malformed SWF files resulting in a memory corruption vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description Adobe Flash Player is a player for the Flash media format and enables...
Microsoft Internet Information Services vulnerable to remote code execution via specially crafted ASP file
Overview Microsoft Internet Information Services IIS contains a buffer overflow vulnerability. This may allow a remote, authenticated attacker to execute arbitrary code on a vulnerable system. Description IIS IIS is a web server that comes with Microsoft Windows. ASP ASP Active Server Pages is a...
Microsoft Office fails to properly handle malformed strings
Overview Microsoft Office fails to properly handle specially crafted strings. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly validate strings. When an Office document containing malformed string is opened with...
Microsoft Office fails to properly handle document properties
Overview Microsoft Office contains a buffer overflow when handling specially crafted document properties. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly validate property fields resulting in a buffer overflow...
Microsoft Office fails to properly handle GIF images
Overview Microsoft Office applications fail to properly handle GIF images. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office applications fail to properly parse GIF images. When an Office document containing a malformed G...
Microsoft Office fails to properly handle PNG images
Overview Microsoft Office applications fail to properly handle PNG images. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office applications fail to properly parse PNG images. When an Office document containing a malformed P...
Juniper JUNOS IPv6 denial-of-service vulnerability
Overview Juniper JUNOS Internet Software contains a vulnerability in IPv6 handling that could allow a remote attacker to cause a denial of service. Description Juniper router operating system software JUNOS does not properly free memory allocated for certain IPv6 packets. If a fixed amount of...
Microsoft Server Service Mailslot vulnerable to heap overflow
Overview A buffer overflow vulnerability in the Microsoft mailslot server service may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mailslot A mailslot is a temporary mechanism that can facilitate data transfer between hosts. Mailslots messages are limited ...
Microsoft DHCP Client service contains a buffer overflow
Overview Microsoft DHCP Client service contains a buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Dynamic Host Configuration Protocol DHCP As described in RFC 2131, "The Dynamic Host Configuration Protocol DHCP provides...
Microsoft Office string parsing vulnerability
Overview Microsoft Office fails to properly parse strings. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly parse strings. When an Office document containing malformed string is opened with an Office application...
Webmin and Usermin fail to sanitize user input
Overview Webmin and Usermin do not properly sanitize user input. This vulnerability may allow a remote, unauthenticated user to view any file on the system running Webmin or Usermin. Description Webmin Webmin is popular web-based administration tool for Unix and Linux servers that allows system...
Dell Openmanage CD launches unauthenticated services
Overview Dell Openmanage CD launches X11 and SSH daemons that permit unauthenticated users full access. Description The Dell Openmanage CD gives system administrators using Dell servers access to drivers, diagnostic tools, remote system control, and other utilities. When loaded, the CD launches X...
Microsoft Internet Explorer vulnerable to heap overflow via the HTML Help Control "Image" property
Overview The HTML Help ActiveX control contains a heap overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to create reusable software components that can be...
eBay Enhanced Picture Services ActiveX control buffer overflow
Overview The eBay Enhanced Picture Services EPUImageControl Class ActiveX control contains a buffer overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to...
Apple iTunes fails to properly parse AAC files
Overview Apple iTunes does not properly parse AAC files. This vulnerability may allow a remote attacker to execute arbitrary code. Description Apple iTunes Apple iTunes is a digital media player available for the Microsoft Windows and Mac OS X operating systems. Advanced Audio Coding AAC file...
Apple Mac OS X vulnerable to stack-based buffer overflow via specially crafted TIFF file
Overview Apple has reported a vulnerability in the way Mac OS X 10.4 systems handle TIFF images that could cause affected applications to crash or allow remote code execution.. Description TIFF Image File Format The TIFF image file format is a widely supported file format used for storing images...
Cisco Access Point Web Browser Interface contains a vulnerability
Overview A vulnerability in the HTTP management interface for some configurations of Cisco wireless access points could allow a remote attacker to take complete control over the affected device. Description Cisco wireless access points allow administrators to create more than one set of...
Microsoft Internet Explorer fails to properly handle CLSID extensions
Overview Microsoft Internet Explorer fails to properly handle directories with CLSID extensions. This may allow an attacker to bypass the warning dialog that Internet Explorer should display before executing downloaded code. Description CLSID According to Microsoft MSDN, A CLSID is a "globally...
Apple Mac OS X Open Directory server vulnerable to DoS via an invalid LDAP request
Overview Apple has reported a vulnerability in their version of OpenLDAP that is included in Apple Mac OS X and Mac OS X Server versions 10.4 to 10.4.6. If successfully exploited, this vulnerability would allow an attacker to create a denial-of-service condition. Description OpenLDAP is a popular...
Microsoft Internet Explorer HTML Document object cross-domain vulnerability
Overview Microsoft Internet Explorer contains a cross-domain vulnerability in how it handles redirected object data. This could allow an attacker to access the content of a web page in a different domain. Description The Cross-Domain Security Model IE uses a cross-domain security model to maintai...
ClamAV vulnerable to buffer overflow via malicious database mirror
Overview The Open Source anti-virus program ClamAV's update engine, freshclam, contains a buffer overflow vulnerability. If exploited, an attacker could create a denial-of-service condition, or possibly run arbitrary code with the privileges of the freshclam process. Description Freshclam is a...
Gracenote CDDB ActiveX control buffer overflow
Overview The Gracenote CDDB ActiveX control contains a buffer overflow vulnerability, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description CDDB CDDB CD Data Base is an internet database provided by Gracenote. CDDB contains track lists and other informati...
WinSCP URI handlers fails to properly parse command line switches
Overview A vulnerability has been found in WinSCP, which can be exploited by an attacker to overwrite or add files to the victim's computer. Description WinSCP is an open source SFTP client for Microsoft windows. It supports a file-manager user interface, and uses the SSH protocol to transfer fil...
Microsoft Hyperlink Object Library stack buffer overflow
Overview The Microsoft Windows system library for handling hyperlinks contains a buffer overflow. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Description Microsoft Hyperlink Object Library HLINK.DLL The Hyperlink Object Library provides interfaces for...
X.Org server buffer overflow in Xrender extension
Overview A vulnerability in the X.Org X server could allow an attacker to execute arbitrary code with the privileges of the server. Description The X Window System provides a number of components to support graphical user interfaces, primarily on Unix-like operating systems. It features a...
Microsoft Excel vulnerability
Overview An unspecified vulnerability in Microsoft Excel could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel contains a vulnerability that could be exploited when Excel opens a specially crafted document. It is possible that the vulnerability can ...
Yahoo! Mail script injection vulnerability
Overview A script injection vulnerability exists in Yahoo! Mail. Description Yahoo! Mail is vulnerable to script injection. Specifically, Yahoo! Mail fails to properly filter the body of email messages for script code. If a remote attacker can persuade a user to open a specially crafted email...
Sendmail fails to handle malformed multipart MIME messages
Overview Sendmail does not properly handle malformed multipart MIME messages. This vulnerability may allow a remote, unauthenticated attacker to cause a denial-of-service condition. Description Sendmail Sendmail is a widely used mail transfer agent MTA. Mail Transfer Agents MTA MTAs are responsib...
Microsoft Routing and Remote Access does not properly handle RPC requests
Overview There is a vulnerability in the Microsoft Windows Routing and Remote Access Service that could allow an attacker to take control of the affected system. Description The Routing and Remote Access Service RRAS allows computers running the Windows 2000, XP, and Server 2003 operating systems...
Microsoft Remote Access Connection Manager service vulnerable to buffer overflow
Overview A vulnerability in the Microsoft Remote Access Connection Manager may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft describes the Routing and Remote Access Service RRAS as follows:RRAS makes it possible for a computer to function as a...
Microsoft Windows ART image handling buffer overflow
Overview Microsoft Windows ART image handling routines are vulnerable to a heap-based buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ART Images According to Microsoft Security Bulletin MS06-022: ART is...
Microsoft Internet Explorer UTF-8 decoding vulnerability
Overview Microsoft Internet Explorer fails to properly decode UTF-8 encoded HTML. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Unicode The Unicode character set contains more than 96,000 characters. Because of this, Unicode can be...
Microsoft IP Source Route Vulnerability
Overview A vulnerability in Microsoft Windows could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Source routing is a technique to determine the network route for a packet based on information supplied by the sender in the IP packet. The TCP/IP driver in so...
Microsoft Outlook Web Access for Exchange Server script injection vulnerability
Overview A script injection vulnerability exists in Microsoft Exchange Server running Outlook Web Access. Description Microsoft Outlook Web Access OWA is a service of Exchange Server. OWA allows authorized users to read and send email, manage their calendar, and perform other functions on an...
Microsoft Graphics Rendering Engine fails to properly handle WMF images
Overview Microsoft Windows Graphics Rendering Engine contains a vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats including Windows Metafile WMF. An...