Ruby library contains vulnerable default value

Overview Ruby includes a vulnerable default value that may be used to bypass security restrictions and execute arbitrary code. Description Ruby is vulnerable to an attack on applications using the XML-RPC services via XMLRPC.iPIMethods, due to an insecure default value in utils.rb. Any program or...

AIX "getconf" contains buffer overflow vulnerability

Overview IBM AIX getconf contains a buffer overflow vulnerability that may lead to arbitrary code execution. Description IBM AIX contains the getconf command that provides information about system configuration. An unspecified buffer overflow condition has been identified in getconf and may lead ...

Helix Player format string vulnerability

Overview Helix Player, and media players based on the Helix Player, contain a format string vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Helix Player is used to play various types of media files on UNIX systems. The Helix Media Playe...

Apple Mac OS X QuickDraw Manager fails to properly handle corrupt PICT files

Overview Apple Mac OS X QuickDraw Manager contains a buffer overflow that may allow a remote attacker to execute arbitrary code. Description Apple Mac OS X QuickDraw is a 2D graphics library. It is used by several applications, including Safari, Mail, and Finder. QuickDraw is used to render PICT...

Apple Mac OS X ImageIO fails to properly handle corrupt GIF files

Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code. Description Apple ImageIO is an image processing framework that was introduced in OS X 10.4 Tiger. ImageIO is used by several applications, including WebCore and...

Clam AntiVirus contains a buffer overflow vulnerability

Overview A buffer overflow in Clam AntiVirus ClamAV may allow a remote attacker to execute arbitrary code. Description Clam AntiVirus is a UNIX-based, anti-virus toolkit often deployed with mail servers to detect malicious attachments. A signedness error in ClamAV libclamav/upx.c may allow a buff...

VERITAS Storage Exec DCOM servers contain multiple buffer overflows

Overview VERITAS Storage Exec contains several buffer overflows, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description VERITAS Storage Exec is software package that performs storage management. Multiple DCOM server components provided by Storage Exec...

VERITAS StorageCentral DCOM servers contain multiple buffer overflows

Overview VERITAS StorageCentral DCOM servers contains several buffer overflows, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description VERITAS StorageCentral is software package that performs storage management. Multiple DCOM server components provided by...

Mozilla Firefox fails to properly sanitize user-supplied URIs via shell script

Overview A lack of input validation in a supplemental shell script included with some Mozilla browsers may allow a remote, unauthenticated attacker to execute arbitrary commands. Description The Linux versions of the Mozilla Firefox and Mozilla Suite web browsers include a wrapper shell script fo...

unace buffer overflow vulnerability

Overview A buffer overflow in the unace compression library may allow a remote attacker to execute arbitrary code. Description The unace compression library is used to decompress ace archives .ace file extension. A lack of input validation on filenames in an ace archive may allow a buffer overflo...

TWiki does not properly sanitize URI parameters

Overview A lack of input validation in the TWiki revision control function may allow a remote, unauthenticated attacker to execute arbitrary commands. Description TWiki is a web-based collaborative publishing environment. TWiki does not sanitize user-controlled URI parameters supplied to the...

Check Point Firewall rules may improperly handle network traffic

Overview Check Point Firewall CIFS service group may allow unintended traffic to pass through the firewall. Description Check Point Firewall contains a set of predefined service groups designed to handle different types of traffic associated with a service or collection of protocols. For instance...

Multiple X servers fail to properly allocate memory for large pixmaps

Overview Multiple X Window System servers contain a pixmap memory allocation flaw that may allow local users to execute code with elevated privileges. Description Multiple X Window System server applications share code that may contain a flaw in the memory allocation for large pixmaps. The affect...

mod_ssl fails to properly enforce client certificates authentication

Overview modssl, the Apache web server module for Secure Socket Layer SSL communications, may not properly authenticate client certificates. Description modssl provides Secure Socket Layer SSL communications for the Apache web server. SSL is designed to provide the ability to encrypt and...

Mozilla-based browsers contain a buffer overflow in handling URIs containing a malformed IDN hostname

Overview A vulnerability in the way Mozilla products and derivative programs handle certain malformed URIs could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mozilla products, including the Mozilla Suite, and Mozilla Firefox are vulnerable to a buffer...

Cisco IOS Firewall Authentication Proxy vulnerable to buffer overflow via specially crafted user authentication credentials

Overview A buffer overflow vulnerability in Cisco IOS Firewall Authentication Proxy may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service. Description Cisco IOS Firewall Authentication Proxy is a feature that allows network administrators to apply...

DameWare Mini Remote Control vulnerable to buffer overflow via specially crafted authentication requests

Overview A vulnerability in DameWare Mini Remote Control may permit an unauthenticated attacker to execute arbitrary code on the system. Description DameWare Mini Remote Control is a lightweight remote control program intended primarily for administrators and help desks to manage desktop systems....

UMN Gopher vulnerable to buffer overflow via overly long "+VIEWS:"

Overview The University of Minnesota Gopher client may be vulnerable to a buffer overflow when handling overly long "+VIEWS:" reply messages sent from a malicious server. Description The UMN Gopher suite includes a Gopher client for navigating Gopherspace. However, the Gopher client may incorrect...

simpleproxy format string vulnerability

Overview A format string vulnerability in the simpleproxy TCP proxy may allow a remote attacker to execute arbitrary code on a vulnerable system. Description simpleproxy, a basic open source TCP proxy, contains a format string vulnerability in an unspecified HTTP proxy request handling routine. I...

Reflection for Secure IT Windows Server can allow login to renamed built-in accounts

Overview WRQ Reflection for Secure IT Windows Server 6.0 can allow a user to login to a Windows built-in account with the default name Administrator and Guest after they are renamed. Description Microsoft Windows includes the built-in accounts Administrator and Guest. If those accounts are rename...

Reflection for Secure IT Windows Server 6.0 changed case sensitivity of allow and deny lists

Overview Reflection for Secure IT Windows Server version 6.0 uses different case-sensitivity in evaluating the allow and deny lists as previous versions, potentionally allowing unintended access. Description Reflection for Secure IT Windows Server version 6.0, an SSH server from WRQ formerly know...

pam_ldap authentication bypass vulnerability

Overview An error in the pamldap password policy control may allow a remote attacker to gain access to a system. Description pamldap provides LDAP authentication services for UNIX-based systems. A vulnerability in pamldap may allow a remote attacker to bypass the authentication mechanism. If a...

Computer Associates Message Queuing software vulnerable to buffer overflows

Overview Computer Associates Message Queuing software contains buffer overflow conditions, which may allow a remote attacker to execute arbitrary code with elevated privileges. Description Computer Associates Message Queuing CAM / CAFT is a software component that provides messaging services. CAM...

Microsoft Internet Explorer can use any COM object

Overview Microsoft Internet Explorer IE will attempt to use COM objects that were not intended to be used in the web browser. This can cause a variety of impacts, such as causing IE to crash. Description Microsoft COMMicrosoft COM is a technology that allows programmers to create reusable softwar...

Microsoft DDS Library Shape Control (msdds.dll) COM object contains an unspecified vulnerability

Overview Microsoft DDS Library Shape Control COM object contains an unspecified vulnerability, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft COMMicrosoft COM is a technology that allows programmers to create reusable software components...

Apple Mac OS X Directory Services contains a buffer overflow

Overview A buffer overflow in Apple Mac OS X Directory Service's authentication process may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple Mac OS X Server Directory Service provides reading, writing, and authentication services within...

Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow

Overview Apple Mac OS X Server servermgrd contains an unspecified buffer overflow vulnerability in the authentication handling routines. This vulnerability may lead to remote execution of arbitrary code. Description Mac OS X Server contains the servermgrd application for back-end management...

Apple Safari fails to perform security checks on links in rich text content

Overview Apple Safari fails to perform security checks on hyperlinks in rich text content, which may allow an attacker to execute arbitrary commands on a vulnerable system. Description Mac OS X includes the Safari web browser, which can display rich text RTF files directly. When Safari opens a ri...

Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files

Overview A buffer overflow vulnerability exists in a component of Apple's Mac OS X operating system that handles rich text files. Description The Cocoa Application Framework also referred to as the Application Kit, or AppKit is one of the core Cocoa frameworks supplied with Apple's Mac OS X...

Apple Mac OS X AppKit vulnerable to buffer overflow via maliciously crafted Microsoft Word files

Overview A buffer overflow vulnerability exists in a component of Apple's Mac OS X operating system that handles Microsoft Word files. Description The Cocoa Application Framework also referred to as the Application Kit, or AppKit is one of the core Cocoa frameworks supplied with Apple's Mac OS X...

Apple Mac OS X Safari vulnerable to arbitrary command execution via URLs in PDF files

Overview Apple Mac OS X WebKit and Safari security controls may be bypassed, possibly allowing remote command execution. Description Mac OS X includes the Safari web browser, which can display Portable Document Format PDF files directly. This functionality is part of the WebKit system framework...

EMC Legato NetWorker uses weak AUTH_UNIX authentication

Overview EMC Legato NetWorker uses weak AUTHUNIX authentication, allowing a remote attacker to execute arbitrary commands, gain elevated privileges, or cause a denial of service. Description EMC Legato NetWorker is a cross-platform backup and recovery application. It is also repackaged by Sun...

Adobe Acrobat contains a remotely exploitable buffer overflow

Overview A buffer overflow in Adobe Acrobat/Acrobat Reader may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition Description Adobe Acrobat is a suite of applications that allow users to manipulate PDF Portable Document Format files. A buffer within a core...

EMC Legato NetWorker database services use insufficient authentication

Overview The EMC Legato NetWorker database services use weak authentication, allowing a remote attacker to gain root access to the server. Description EMC Legato NetWorker is a cross-platform backup and recovery application. It is also repackaged by Sun Microsystems as Solstice Backup and StorEdg...

EMC Legato NetWorker portmapper allows remote calls to "pmap_set" and "pmap_unset"

Overview The EMC Legato NetWorker PortMapper allows remote access to pmapset and pmapunset. This could allow a remote attacker to cause a denial of service or potentially to eavesdrop on communications between NetWorker programs. Description EMC Legato NetWorker is a cross-platform backup and...

Novell eDirectory iMonitor vulnerable to buffer overflow

Overview Novell eDirectory iMonitor contains a buffer overflow that can be remotely exploited to allow execution of arbitrary code or crash an affected system. Description Novell eDirectory iMonitor is a service for monitoring servers in an eDirectory installation. A buffer overflow exists in...

GNOME gedit contains format string vulnerability

Overview gedit has a format string vulnerability in some error dialogs that can occur when a file is opened for editing. Description gedit is the official text editor of the GNOME desktop environment. gedit 2.10.2 has a format string error in some some error dialogs that can occur when a file is...

VERITAS Backup Exec uses hard-coded authentication credentials

Overview The VERITAS Backup Exec Remote Agent uses hard-coded authentication credentials. An attacker with knowledge of these credentials could access arbitrary files on a vulnerable system. Description VERITAS Backup Exec Remote Agent is a data backup and recovery solution with support for...

Microsoft Windows domain controller denial of service in Kerberos message handling

Overview Microsoft Windows domain controllers do not properly handle some Kerberos messages, potentially allowing a remote, authenticated attacker to cause a denial-of-service condition. Description Microsoft Windows domain controllers running Windows 2000 Server and Server 2003 use the Kerberos...

Multiple COM objects cause memory corruption in Microsoft Internet Explorer

Overview Microsoft Internet Explorer IE allows instantiation of COM objects not designed for use in the browser, which may allow a remote attacker to execute arbitrary code or crash IE. Description Microsoft COMMicrosoft COM is a technology that allows programmers to create reusable software...

Microsoft Windows Remote Desktop Protocol service input validation vulnerability

Overview An input validation error in the Microsoft Remote Desktop Protocol RDP service may allow a remote attacker to cause a denial-of-service condition. Description Microsoft describes the Remote Desktop Protocol RDP as follows.RDP is based on, and is an extension of, the T.120 protocol family...

Microsoft Print Spooler service contains a buffer overflow

Overview A buffer overflow in the Microsoft Print Spooler service may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Microsoft, the Print Spooler service is ...an executable file that is installed as a service. The spooler is loaded when the...

Microsoft Plug and Play contains a buffer overflow vulnerability

Overview Microsoft Plug and Play contains a flaw in the handling of message buffers that may result in local or remote arbitrary code execution or denial-of-service conditions. Description The following is from the Microsoft Plug and Play description: Plug and Play PnP allows the operating system...

Microsoft Internet Explorer JPEG rendering library vulnerable to buffer overflow

Overview A vulnerability in the Microsoft Internet Explorer JPEG image rendering routines may allow an attacker to remotely execute arbitrary code. Description Microsoft Internet Explorer is a web browser that is available for a variety of platforms and devices. A flaw in the image rendering...

Computer Associates BrightStor ARCserve Backup Discovery Service vulnerable to buffer overflow

Overview The Computer Associates BrightStor ARCserve Backup Discovery Service contains a buffer overflow, which may allow a remote attacker to execute arbitrary code. Description Computer Associates BrightStor ARCserve Backup is a cross-platform backup and recovery application. The ARCserve Backu...

Computer Associates BrightStor ARCserve Backup Discovery Service SERVICEPC vulnerable to buffer overflow

Overview The Computer Associates BrightStor ARCserve Backup Discovery Service contains a buffer overflow, which may allow a remote attacker to execute arbitrary code. Description Computer Associates BrightStor ARCserve Backup is a cross-platform backup and recovery application. The ARCserve Backu...

Computer Associates BrightStor ARCserve Backup Agents vulnerable to buffer overflow

Overview Several Computer Associates BrightStor ARCserve Backup Agents contain a buffer overflow, which may allow a remote attacker to execute arbitrary code. Description Computer Associates BrightStor ARCserve Backup is a cross-platform backup and recovery application. Backup Agents are availabl...

Cisco IOS OSPF neighbor IO buffer overflow

Overview Cisco Internetwork Operating System IOS is the operating system for the majority of Cisco routers. Open Shortest-Path First OSPF is a interior routing protocol. A flaw in some Cisco IOS versions can allow a buffer overflow when handling a large number of OSPF neighbor connection requests...

Mozilla Firefox insecurely handles content from external applications

Overview Mozilla Firefox does not properly enforce domain restrictions on content sent by external applications, allowing a remote attacker to execute code on a vulnerable system. Description Mozilla Firefox can accept links from external applications, such as Flash and Quicktime. When such an...

Mozilla insecurely clones objects and member functions

Overview Mozilla fails to enforce security restrictions on cloned base objects. This may allow a remote attacker to execute arbitrary code on a vulnerable web browser. Description Mozilla supports the use of JavaScript to perform client side scripting. JavaScript uses prototyping as a way to...