3695 matches found
TIBCO Hawk Monitoring Agent vulnerable to buffer overflow via the configuration interface
Overview A vulnerability in the TIBCO Hawk Monitoring Agent configuration interface may allow a local attacker to execute arbitrary code with elevated privileges. Description TIBCO Hawk is a tool for monitoring and managing distributed applications and systems throughout an enterprise. A buffer...
TIBCO Rendezvous daemon components contain a buffer overflow in the HTTP administrative interface
Overview A vulnerability in the TIBCO Rendezvous daemon components may allow a remote attacker to execute arbitrary code on an affected system. Description TIBCO Rendezvous is a distributed messaging software platform. A buffer overflow vulnerability has been discovered in the HTTP administrative...
Mozilla privilege escalation using addSelectionListener
Overview A privilege escalation vulnerability exists in the Mozilla addSelectionListener method. This may allow a remote attacker to execute arbitrary code. Description addSelectionListener Web content can add a SelectionListener to the Selection object by using addSelectionListener method of the...
Mozilla may associate persisted XUL attributes with an incorrect URL
Overview Mozilla can allow persisted XUL attributes to associate with the wrong URL. This may allow a remote attacker to execute arbitrary code. Description XULXUL is an XML-based user interface language, which is used by Mozilla. Persisted XUL XUL elements with the persist attribute maintain the...
Mozilla may process content-defined setters on object prototypes with elevated privileges
Overview Mozilla allows content-defined setters on object prototypes to execute with elevated privileges. This may allow a remote attacker to execute arbitrary code. Description Setters A setter is a method in JavaScript that sets the value of a property. The problem The setters in Mozilla are...
Mozilla contains multiple memory corruption vulnerabilities
Overview Mozilla contains several memory corruption vulnerabilities. This may allow a remote attacker to execute arbitrary code. Description Mozilla team members have discovered multiple vulnerabilities that cause the browser engine to crash. In certain circumstances, these vulnerabilities may...
Mozilla contains a buffer overflow vulnerability in crypto.signText()
Overview Mozilla products contain a buffer overflow in the crypto.signText method. This may allow a remote attacker to execute arbitrary code. Description crypto.SignText JavaScript contains a crypto.signText method, which allows the user to digitally sign a text string. The problem The Mozilla...
Secure Elements Class 5 AVR client fails to validate source address of messages
Overview The Secure Elements Class 5 AVR client fails to validate the source address of messages. This may allow an attacker to execute arbitrary code with root privileges on a vulnerable client system. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...
Secure Elements Class 5 AVR server fails to properly authenticate registration messages
Overview The Secure Elements Class 5 AVR server fails to properly authenticate registration messages. This may allow an attacker to cause a denial-of-service condition on the server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that...
Secure Elements Class 5 AVR server fails to enforce integrity of message digests
Overview The Secure Elements Class 5 AVR server fails to enforce integrity of message digests. This may allow a remote attacker to replay and modify messages without knowledge of any keys. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produc...
Secure Elements Class 5 AVR client generates predictable CEIDs
Overview The Secure Elements Class 5 AVR client generates predictable CEIDs. This may allow an attacker to guess the unique identifier of a protected asset. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces...
Secure Elements Class 5 AVR server fails to properly authenticate session start messages
Overview The Secure Elements Class 5 AVR server fails to properly authenticate "session start" messages. This may allow an attacker to cause the server to initiate TCP connections to arbitrary destinations, which can cause a denial of service to both the server and the specified target. Descripti...
Secure Elements Class 5 AVR server fails to properly validate peer certificate when downloading updates
Overview The Secure Elements Class 5 AVR server fails to properly validate the peer certificate when downloading updates. This may allow a remote attacker to distribute malicious updates to the clients. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...
Symantec products vulnerable to buffer overflow
Overview Symantec products are vulnerable to a stack-based buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description Symantec Client Security and Symantec Antivirus Corporate Edition contain a stack-based buffer overflow. For informati...
WeOnlyDo! SFTP ActiveX control fails to properly restrict access to methods
Overview The WeOnlyDo! SFTP ActiveX control is incorrectly marked safe for scripting. This may allow a remote unauthenticated attacker to upload arbitrary files from a vulnerable system to an SFTP server or download arbitrary files from an SFTP server to a vulnerable system. Description...
Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session
Overview Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session. This may allow an attacker to discover some information about encrypted messages. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...
Secure Elements Class 5 AVR client fails to properly validate pathnames supplied in messages
Overview The Secure Elements Class 5 AVR client fails to properly validate pathnames supplied in messages, which may allow an attacker to overwrite any file on a vulnerable client as root. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produc...
Secure Elements Class 5 AVR client fails to properly validate a messages target CEID
Overview The Secure Elements Class 5 AVR client fails to properly validate a message's target CEID. This makes attacks easier, as the attacker does not need to guess the victim's true CEID. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produ...
Secure Elements Class 5 AVR server fails to properly validate pathnames when downloading updates
Overview The Secure Elements Class 5 AVR server fails to properly validate pathnames when downloading updates. This may allow an attacker to overwrite arbitrary files on the server system. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produc...
Secure Elements Class 5 AVR server sends messages in cleartext
Overview The Secure Elements Class 5 AVR server sends messages in cleartext. This may allow an attacker to read traffic to an asset. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces security policies on networ...
Secure Elements Class 5 AVR server fails to validate source address of messages
Overview The Secure Elements Class 5 AVR server fails to validate the source address of messages it receives. This may allow an attacker to forge messages to the server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and...
Secure Elements Class 5 AVR client fails to enforce integrity of message digests
Overview The Secure Elements Class 5 AVR client fails to enforce integrity of message digests. This may allow an attacker to replay modified messages to a vulnerable client. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors...
Secure Elements Class 5 AVR server fails to properly enforce access controls on console operations
Overview The Secure Elements Class 5 AVR server fails to properly enforce access controls on console operations. This may allow a remote attacker to gain unauthorized administrative access to a server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...
Secure Elements Class 5 AVR server contains hard-coded user ID and password
Overview The Secure Elements Class 5 AVR server contains a hard-coded user ID and password. This may allow a remote unauthenticated attacker to gain access to the server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors an...
Secure Elements Class 5 AVR client sends messages in cleartext
Overview The Secure Elements Class 5 AVR client sends messages in cleartext. This may allow an attacker to read traffic from an asset. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces security policies on...
Secure Elements Class 5 AVR client fails to properly validate the size of EM_SET_CE_PARAMETER messages
Overview The Secure Elements Class 5 AVR client fails to properly handle the size of EMSETCEPARAMETER messages. This may allow an attacker to cause a buffer overflow and reveal process memory. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security...
Secure Elements Class 5 AVR uses the same RSA key for all installations
Overview Secure Elements Class 5 AVR uses the same RSA key for all installations. This may allow a remote attacker to decrypt communications between systems. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces...
Secure Elements Class 5 AVR client fails to properly validate the size of EM_GET_CE_PARAMETER messages
Overview The Secure Elements Class 5 AVR client fails to properly handle the size of EMGETCEPARAMETER messages. This may allow an attacker to cause a buffer overflow and reveal process memory. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security...
Microsoft Word object pointer memory corruption vulnerability
Overview A memory corruption vulnerability in Microsoft Word could allow a remote attacker to execute arbitrary code with the privileges of the user running Word. Description Microsoft Word contains a memory corruption vulnerability. According to Microsoft Security Bulletin MS06-027:When a user...
WeOnlyDo! Software wodSSHServer ActiveX component fails to properly validate key exchange algorithm strings
Overview The WeOnlyDo! Software wodSSHServer ActiveX component fails to properly validate the length of key exchange algorithm strings. This may allow a remote, unauthenticated attacker to execute arbitrary code. Description wodSSHServerActiveX component According to the wodSSHServer ActiveX...
Apple QuickTime MPEG-4 movie buffer overflow
Overview Apple QuickTime fails to properly handle MPEG-4 movie files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and...
RealVNC Server does not validate client authentication method
Overview The RealVNC Server fails to properly authenticate clients. This may allow a remote attacker to bypass authentication and gain access to the VNC server. Description TheVirtual Network ComputingVNC Protocol According to RealVNC, "The VNC protocol is a simple protocol for remote access to...
LiveData ICCP Server heap buffer overflow vulnerability
Overview LiveData ICCP Server contains a heap-based buffer overflow. This vulnerability may allow a remote attacker to crash the server. Description Inter-Control Center Communications Protocol ICCP According to the LiveData ICCP Server white paper: The Inter-Control Center Communications Protoco...
EMC Retrospect Client buffer overflow vulnerability
Overview EMC Retrospect Client contains a buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description EMC Retrospect Backup and Recovery Software EMC Retrospect is a is a backup and recovery application designed for small to medium...
Apple QuickTime FlashPix integer overflow
Overview Apple QuickTime fails to properly handle FlashPix images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and remo...
Apple Quicktime JPEG integer overflow
Overview Apple QuickTime fails to properly handle JPEG images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and remote...
Apple Safari fails to properly handle archive files containing symbolic links
Overview Apple Safari fails to properly handle archive files that contain symbolic links, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Safari Apple Safari is a web browser that comes with the Mac OS X operating system. Symbolic links Symbolic links are...
Microsoft Exchange fails to properly handle vCal and iCal properties
Overview Microsoft Exchange Server does not properly handle the vCal and iCal properties of email messages. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on an Exchange Server. Description Microsoft Exchange Server Microsoft's Exchange...
MySQL fails to properly validate COM_TABLE_DUMP packets
Overview MySQL contains a buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code on a vulnerable server. Description MySQL and COMTABLEDUMPMySQL is an open-source database system available for Microsoft Windows, Linux, and other UNIX-based operating systems...
Juniper Networks IVE client ActiveX control buffer overflow
Overview The ActiveX control used by Juniper IVE OS devices contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable client. Description Juniper IVE OS is an operating system used by Juniper devices, such as the Juniper Networks Secu...
Oracle views fail to enforce table security settings
Overview A vulnerability in the way Oracle handles views may allow an attacker to modify privileged database information. Description Database Views A view is a queryable aggregation of data from one or more tables that is stored and maintained. The Problem A vulnerability in the way that Oracle...
Oracle DBMS_EXPORT_EXTENSION package vulnerable to SQL injection
Overview A vulnerability in Oracle PL/SQL Export Extensions may allow an attacker to modify privileged database information. Description Oracle Extensions, ODCIIndex Interface, andODCIIndexGetMetadata Oracle extensions are used to create customized Oracle database constructs. An indextype is an...
Mozilla Firefox designMode deleted object reference
Overview Mozilla Firefox contains a deleted object reference vulnerability. This may allow a remote attacker to execute arbitrary code. Description Mozilla Firefox contains a vulnerability that causes a deleted object to be referenced when designMode is set to "on." When Firefox attempts to use...
Symantec Scan Engine fails to properly perform authentication
Overview Symantec Scan Engine administrative web interface fails to properly authenticate users, which may allow a remote attacker to gain administrative access to the software. Description The Symantec Scan Engine provides a programming interface to Symantec content scanning and virus detection...
Multiple vulnerabilities in DNS implementations
Overview Numerous vulnerabilities have been reported in various Domain Name System DNS implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause a DNS implementation to behave in an unstable/unpredictable...
Winny contains a buffer overflow
Overview Winny contains a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Winny also referred to as WinNY is a popular Japanese peer-to-peer file sharing application. A flaw exists in this program due t...
Oracle Order Capture vulnerability
Overview An unspecified vulnerability in Oracle Order Capture may allow a remote, unauthenticated attacker to compromise system confidentiality. Description Oracle Order Capture contains a vulnerability. The details of this vulnerability are not clear. However, Oracle states this issue can allow ...
Oracle Application Object Library vulnerability
Overview An unspecified vulnerability in the Oracle Application Object Library may allow a remote, unauthenticated attacker to compromise system integrity and confidentiality. Description Oracle Application Object Library contains a vulnerability.The details of this vulnerability are not clear...
Oracle Advanced Replication SQL injection vulnerability
Overview An SQL injection vulnerability in the Oracle Advanced Replication component may allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description Oracle Advanced Replication component contains a SQL injection vulnerability.The details of this...
Oracle Diagnostics Interfaces vulnerability
Overview An unspecified vulnerability in Oracle Diagnostics Interfaces may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description Oracle Diagnostics Interfaces contains a vulnerability. The details of this vulnerability are not clear. However,...