Oracle DBMS_REPUTIL package vulnerable to SQL injection

Overview An SQL injection vulnerability in the Oracle DBMSREPUTIL package may allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description Oracle DBMSREPUTIL package contains a SQL injection vulnerability.The details of this vulnerability are not clea...

Oracle Export component SQL injection vulnerability

Overview An SQL injection vulnerability in the Oracle Export component may allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description Oracle Export component contains a SQL injection vulnerability.The details of this vulnerability are not clear. We...

Linksys RT31P2 VoIP router denial of service vulnerabilities

Overview The Linksys RT31P2 VoIP router contains several vulnerabilities that may allow a remote, unauthenticated attacker to cause a denial of service. Description The Linksys RT31P2 is a broadband router that includes Voice over Internet Protocol VoIP telephone functionality. The RT31P2 unit...

Oracle Reporting Framework vulnerability

Overview An unspecified vulnerability in the Oracle Reporting Framework may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description Oracle Reporting Framework contains a vulnerability.The details of this vulnerability are not clear. However, Oracle...

Oracle Dictionary vulnerability

Overview An unspecified vulnerability in the Oracle Dictionary may allow a remote attacker to compromise system integrity and availability. Description Oracle Dictionary contains an unspecified vulnerability that, according to Oracle, can allow an attacker to easily compromise system integrity an...

Oracle Spatial SQL injection vulnerability

Overview Oracle Spatial is vulnerable to SQL injection, possibly allowing a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description Oracle Spatial fails to properly filter user-supplied input. This could allow a remote attacker to insert arbitrary SQL...

Oracle Collaboration Suite Email Server contains a vulnerability that may compromise system confidentiality

Overview An unspecified vulnerability in the Oracle Collaboration Suite Email Server may allow a remote, unauthenticated attacker to compromise system confidentiality. Description Oracle Collaboration Suite Email Server contains an unspecified vulnerability. Oracle states this issue can allow an...

Oracle Collaboration Suite Email Server vulnerability

Overview An unspecified vulnerability in the Oracle Collaboration Suite Email Server may allow a remote, unauthenticated attacker to compromise system integrity, confidentiality, and availability. Description Oracle Collaboration Suite Email Server contains a vulnerability.The details of this...

Mozilla products vulnerable to memory corruption via large regular expression in JavaScript

Overview A vulnerability in the way the JavaScript engine of Mozilla products and derivative programs handles a large regular expression could allow a remote attacker to crash the application or execute arbitrary code on a vulnerable system. Description A regular expression is a special text stri...

Mozilla display style vulnerability

Overview Mozilla products contain an unspecified vulnerability in the way they handle display styles. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description Mozilla products contain an unspecified vulnerability in the way they...

Mozilla XBL binding vulnerability

Overview Mozilla products fail to properly restrict access to privileged XBL bindings. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description XBL According to Mozilla, XBL "is a markup language that defines special new elements, or 'bindings' for XU...

Mozilla CSS integer overflow vulnerability

Overview Mozilla products contain an integer overflow that could allow a remote, unauthenticated attacker to execute arbitrary code. Description Cascading Style SheetsCSS is a mechanism for adding style to web documents. The problem Mozilla products contain an integer overflow in the CSS letter...

Mozilla JavaScript security bypass vulnerability

Overview Mozilla products fail to properly enforce security restrictions in JavaScript. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to Mozilla Foundation Security Advisory 2006-28:The security check in jsValueToFunctionObject ca...

Mozilla JavaScript cloned parent vulnerability

Overview Mozilla products fail to properly restrict access to a JavaScript functions cloned parent. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-15: it was possible to use the...

Mozilla products JavaScript engine fail to properly handle garbage-collection

Overview A vulnerability in the way the JavaScript engine of Mozilla products and derivative programs handles garbage collection could allow a remote attacker to execute arbitrary code on a vulnerable system. Description The JavaScript programming language uses a method of memory management known...

Mozilla products border-rendering code vulnerability using CSS

Overview A vulnerability in the way Mozilla products and derivative programs handle certain CSS methods could allow a remote attacker to crash the application or execute arbitrary code on a vulnerable system. Description The Mozilla browser and derived products include support for Content Style...

Mozilla DHTML memory corruption vulnerabilities

Overview Mozilla products contain multiple unspecified vulnerabilities in the way they handle DHTML. These vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description Mozilla products fail to properly handle DHTML. This may allow memor...

Mozilla products vulnerable to memory corruption via a particular sequence of HTML tags

Overview A vulnerability in the way Mozilla products and derivative programs handle certain HTML tags could allow a remote attacker to execute arbitrary code on a vulnerable system. Description A vulnerability has been discovered in the way that Mozilla and derived programs handle certain HTML...

Mozilla crypto.generateCRMFRequest() vulnerability

Overview A vulnerability exists in the Mozilla JavaScript routine generateCRMFRequest that may allow a remote attacker to execute arbitrary code. Description The crypto object and generateCRMFRequest The crypto object is used to provide services related to cryptography, such as handling digital...

Mozilla products vulnerable to privilege escalation via XBL.method.eval

Overview A vulnerability in the way Mozilla products and derivative programs handle certain XBL methods could allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Mozilla browser and derived products include support for the Extensible Bindings Language XBL, a...

SunnComm MediaMax privilege elevation vulnerability

Overview SunnComm MediaMax contains a privilege elevation vulnerability, which may allow a user with limited rights to execute code with elevated privileges. Description SunnComm MediaMax SunnComm MediaMax is copy protection software that is automatically installed by some audio CDs. Sony BMG has...

Microsoft Internet Explorer fails to properly handle embedded objects

Overview Microsoft Internet Explorer IE does not properly handle embedded dynamic objects. This vulnerability may allow a remote attacker to execute arbitrary code. Description IOleClientSite interface According to Microsoft Security Bulletin MS06-013, The IOleClientSite interface is the primary...

Microsoft Internet Explorer fails to properly handle HTML elements with a specially crafted tag

Overview Microsoft Internet Explorer IE fails to properly handle HTML element tags, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description IE fails to properly handle HTML element tags. When a specially crafted HTML file is opened in IE, system memory can be...

Microsoft Windows fails to properly handle COM objects

Overview Microsoft Windows fails to properly handle COM Objects. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft COM Microsoft COM is a technology that allows programmers to create reusable software components...

Microsoft Internet Explorer fails to properly handle double-byte characters in specially crafted URLs

Overview Microsoft Internet Explorer IE fails to properly handle double-byte characters in URLs, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description IE fails to properly handle double-byte characters in URLs. When a specially crafted HTML file is opened in IE...

RDS.Dataspace ActiveX control bypasses ActiveX security model

Overview The Microsoft RDS.Dataspace ActiveX control bypasses the ActiveX security model, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveX ActiveX is a technology that allows programmers to create reusable software components...

Microsoft Internet Explorer may automatically execute HTA files

Overview Microsoft Internet Explorer IE fails to properly handle HTA files. This vulnerability may allow a remote attacker to execute arbitrary code. Description HTML Application HTA HTML Applications HTAs are HTML documents that are executed as trusted applications. HTAs can run script, Java, or...

Microsoft Internet Explorer contains overflow in processing script action handlers

Overview A vulnerability in the Microsoft Internet Explorer web browser could allow a remote attacker to crash the browser or possibly execute arbitrary code on a vulnerable system. Description A programming error in the way that Internet Explorer handles multiple event handlers in an HTML elemen...

Microsoft Internet Explorer fails to handle specially crafted, invalid HTML

Overview Microsoft Internet Explorer IE fails to properly handle malformed HTML. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description IE fails to properly handle specially crafted HTML. When a specially crafted, malformed HTML file is opened...

RealNetworks products fail to properly handle chunked data

Overview Numerous RealNetworks products do not properly handle chunked data. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description RealNetworks RealPlayer RealNetworks RealPlayer is a multimedia application that allows users to view local and...

eBay contains a cross-site scripting vulnerability

Overview The eBay web site contains a cross-site scripting vulnerability. Description eBay is a popular auction web site. When an eBay user posts an auction, eBay allows SCRIPT tags to be included in the auction description. This creates a cross-site scripting vulnerability in the eBay website...

RealNetworks products vulnerable to buffer overflow via specially crafted flash media file

Overview Numerous RealNetworks products are vulnerable to a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description RealNetworks RealPlayer RealNetworks RealPlayer is a multimedia application that allows users to view local and remote...

RealNetworks products vulnerable to buffer overflow via specially crafted MBC file

Overview Numerous RealNetworks products are vulnerable to a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description RealNetworks RealPlayer RealNetworks RealPlayer is a multimedia application that allows users to view local and remote...

Symantec VERITAS NetBackup Catalog daemon buffer overflow

Overview The NetBackup Catalog daemon contains a stack-based buffer overflow that could allow a remote attacker to execute arbitrary code on a NetBackup master server. Description VERITAS NetBackup Netbackup is a data backup and recovery solution with support for "over the network" backup...

Symantec VERITAS NetBackup contains a buffer overflow vulnerability in the Sharepoint Services daemon

Overview The Symantec VERITAS NetBackup Volume Manager daemon contains a buffer overflow vulnerability which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The Sharepoint Services...

Symantec VERITAS NetBackup Volume Manager daemon buffer overflow

Overview The Symantec VERITAS NetBackup Volume Manager daemon contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Symantec VERITAS NetBackup Symantec VERITAS NetBackup is a client/server based backup software solution...

Pubcookie application server modules contain cross-site scripting vulnerabilities

Overview Cross-site scripting vulnerabilities in the Pubcookie application server modules could allow a remote attacker to gain access to sensitive information. Description Pubcookie is a software package that provides intra-institutional single-sign-on authentication for end-users over the web...

Pubcookie login server contains cross-site scripting vulnerabilities

Overview Cross-site scripting vulnerabilities in the Pubcookie login server could allow a remote attacker to gain access to sensitive information. Description Pubcookie is a software package that provides intra-institutional single-sign-on authentication for end-users over the web. The Pubcookie...

Microsoft Internet Explorer createTextRange() vulnerability

Overview Microsoft Internet Explorer IE fails to properly handle the createTextRange DHTML method, possibly allowing a remote, unauthenticated attacker to execute arbitrary code. Description DHTML, TextRanges, and the createTextRange Method According to Microsoft:Dynamic HTML DHTML is built on an...

Sendmail signal I/O race condition

Overview A race condition in Sendmail may allow a remote attacker to execute arbitrary code. Description Sendmail Sendmail is a widely used mail transfer agent MTA. Mail Transfer Agents MTA MTAs are responsible for sending an receiving email messages over the internet. They are also referred to a...

Apple Mail buffer overflow vulnerability

Overview Apple Mail contains a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Apple Mail Mac OS X includes the Mail application Mail.app for handling electronic mail. The Problem Apple Mail contains a buffer overflow caused by lack o...

Adobe Flash products contain multiple vulnerabilities

Overview Several vulnerabilities in Adobe Macromedia Flash products may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web...

Microsoft Office routing slip buffer overflow

Overview Microsoft Office contains a buffer overflow in the parsing of routing slips, which may allow an attacker to execute arbitrary code on a vulnerable system. Description Routing slips According to Microsoft Security Bulletin MS06-012: Microsoft Office applications have the ability to add a...

Microsoft Excel malformed description memory corruption vulnerability

Overview Microsoft Excel contains a memory corruption vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate description fields in Excel data files. When a file with a malformed...

Microsoft Excel malformed parsing format file memory corruption vulnerability

Overview Microsoft Excel contains a memory corruption vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate parsing format files. When a file with a malformed parsing format files is...

Microsoft Excel malformed graphic memory corruption vulnerability

Overview Microsoft Excel contains a memory corruption vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate graphics in Excel data files. When a file with a malformed graphic file is...

Microsoft Excel malformed record memory corruption vulnerability

Overview Microsoft Excel contains a memory corruption vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate records in data files. When a file with a malformed record is opened in Exce...

Microsoft Excel fails to properly perform range validation when parsing document files

Overview Microsoft Excel contains an error in range validation, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate ranges in data files. When a file with a malformed range is opened in Excel,...

LISTSERV contains multiple buffer overflow vulnerabilities in the WA CGI script

Overview Several buffer overflow vulnerabilities have been discovered in LISTSERV. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description L-Soft's LISTSERV is an email list management software package. It includes a Web Archive and...

Apple Safari vulnerable to buffer overflow

Overview Apple Safari is vulnerable to a stack-based buffer overflow. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Safari Apple Safari is a web browser that comes with the Mac OS X operating system. The Problem Apple Safari contains a stack-based...