Lucene search
K

3702 matches found

CERT
CERT
•added 2004/07/09 12:0 a.m.•33 views

Cisco Collaboration Server (CCS) ServletExec allows arbitrary file uploading

Overview There is a vulnerability in the ServletExec subcomponent of the Cisco Collaboration Server CCS that could allow an attacker to upload arbitrary files to the server. Description The Cisco Collaboration Server CCS is designed to provide interactive customer support web page sharing,...

7.4AI score
Exploits0References5
CERT
CERT
•added 2004/07/09 12:0 a.m.•37 views

Mozilla fails to restrict access to the "shell:" URI handler

Overview A vulnerability in the way Mozilla and its derived programs handle certain types of links could allow an attacker to run local programs on a vulnerable system. Description Versions of the Mozilla, Firefox, and Thunderbird programs for Microsoft Windows will handle URIs of the form shell:...

10CVSS5.8AI score0.05262EPSS
Exploits0References6
CERT
CERT
•added 2004/06/30 12:0 a.m.•33 views

Juniper JUNOS Packet Forwarding Engine (PFE) IPv6 memory leak

Overview The Juniper JUNOS Packet Forwarding Engine PFE leaks memory when certain IPv6 packets are submitted for processing. If an attacker submits multiple packets to a vulnerable router running IPv6-enabled PFE, the router can be repeatedly rebooted, essentially creating a denial of service for...

5CVSS6.5AI score0.03193EPSS
Exploits0References3
CERT
CERT
•added 2004/06/28 12:0 a.m.•22 views

Sun Solaris vulnerable to DoS when the Basic Security Module (BSM) is configured to perform auditing of specific classes

Overview There is a vulnerability in Sun Solaris that could allow local users to cause a denial of service when the Basic Security Module BSM is configured to perform auditing of specific audit classes. Description Sun Microsystems describes the Basic Security Module BSM as a "security auditing...

6.7AI score
Exploits0References4
CERT
CERT
•added 2004/06/24 12:0 a.m.•15 views

Sun Solaris patches may cause passwords to be logged in clear text

Overview Sun Solaris contains a vulnerability in which systems configured as kerberos clients that have specific patches installed may log passwords in clear text. Description Sun Microsystems released patches 112908-12 and 115168-03 to address issues in kerberos. There is a vulnerability in thes...

7AI score
Exploits0References2
CERT
CERT
•added 2004/06/22 12:0 a.m.•35 views

ISC DHCP contains C Includes that define vsnprintf() to vsprintf() creating potential buffer overflow conditions

Overview The Internet Systems Consortium's ISC Dynamic Host Configuration Protocol DHCP 3 application contains a vulnerability that introduces several potential buffer overflow conditions. Exploitation of this vulnerability can cause a denial-of-service condition to the DHCP Daemon DHCPD and may...

10CVSS7.8AI score0.16773EPSS
Exploits0
CERT
CERT
•added 2004/06/22 12:0 a.m.•36 views

ISC DHCP contains a stack buffer overflow vulnerability in handling log lines containing ASCII characters only

Overview The Internet Systems Consortium's ISC Dynamic Host Configuration Protocol DHCP 3 application contains a buffer overflow vulnerability. Exploitation of this vulnerability can cause a denial of service condition to the DHCP Daemon DHCPD and may permit a remote attacker to execute arbitrary...

10CVSS7.8AI score0.45333EPSS
Exploits0
CERT
CERT
•added 2004/06/21 12:0 a.m.•29 views

Apple Mac OS X vulnerable to privilege escalation when using Directory Services

Overview A vulnerability in Mac OS X may permit a local authenticated user with physical access to the machine to gain elevated privileges. Description Mac OS X permits the remote authentication of users via directory sevices lookups. When a user logs in to a machine configured to use the Directo...

7.2CVSS6.2AI score0.00447EPSS
Exploits0References4
CERT
CERT
•added 2004/06/16 12:0 a.m.•27 views

BGP implementations do not adequately handle malformed BGP OPEN and UPDATE messages

Overview Multiple implementations of the Border Gateway Protocol BGP contain vulnerabilities related to the processing of UPDATE and OPEN messages. The impacts of these vulnerabilities appear to be limited to denial of service. Description BGP RFC 1771 is designed to exchange network reachability...

4.3CVSS7.2AI score0.0302EPSS
Exploits0References6
CERT
CERT
•added 2004/06/15 12:0 a.m.•24 views

Cisco CatOS TCP ACK handling vulnerability

Overview A vulnerability in Cisco CatOS may allow a remote attacker to cause a denial of service on an affected device. Description Cisco's CatOS is an operating system that runs on some Cisco Catalyst switch products. A vulnerability in the way that TCP services on CatOS handle malformed...

5CVSS6.6AI score0.03131EPSS
Exploits0References1
CERT
CERT
•added 2004/06/15 12:0 a.m.•56 views

Linux kernel fails to properly handle floating point signals generated by "fsave" and "frstor"

Overview The Linux kernel contains a denial-of-service vulnerability that allows local users to disable affected hosts. Description Several versions of the Linux kernel contain a defect in their use of the Intel processor instruction set. The "fsave" and "frstor" instructions are used to store an...

7.3AI score
Exploits0References3
CERT
CERT
•added 2004/06/11 12:0 a.m.•38 views

BEA WebLogic Server contains vulnerability in handling of certain tags when editing "weblogic.xml"

Overview BEA WebLogic Server contains a vulnerability in the way Weblogic Builder and the SecurityRoleAssignmentMBean.toXML method parse certain tags in the weblogic.xml file. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing,...

7.2AI score
Exploits0References3
CERT
CERT
•added 2004/06/09 12:0 a.m.•54 views

Microsoft Internet Explorer does not properly validate source of redirected frame

Overview Microsoft Internet Explorer IE does not adequately validate the security context of a frame that has been redirected by a web server. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone...

10CVSS7.4AI score0.61057EPSS
Exploits0References19
CERT
CERT
•added 2004/06/09 12:0 a.m.•20 views

Cisco IPsec VPNSM vulnerable to DoS via malformed IKE packet

Overview A vulnerability in a Cisco VPN module can allow a remote attacker to cause a denial-of-service to the device in which the module is installed. Description The Cisco IP Security IPsec VPN Services Module VPNSM is a high-speed module for the Cisco Catalyst 6500 Series Switch and the Cisco...

7AI score
Exploits0References1
CERT
CERT
•added 2004/06/09 12:0 a.m.•26 views

Perl vulnerable to buffer overflow in win32_stat()

Overview A flaw in a standard function in some Perl distributions could allow an attacker to execute arbitrary code on the vulnerable system. Description The stat Perl function, similar to the standard C stat function, returns a list giving the status info for a file. Since the stat function is...

10CVSS7.3AI score0.0686EPSS
Exploits0References1
CERT
CERT
•added 2004/06/07 12:0 a.m.•27 views

Oracle E-Business Suite SQL Injection vulnerabilities

Overview Oracle E-Business Suite fails to filter user input permiting the exploitation of SQL injection vulnerabilities. These vulnerabilities may allow a remote attacker to execute procedures or SQL queries and updates on the vulnerable database application. Description According to the Oracle...

10CVSS7.5AI score0.0702EPSS
Exploits0References2
CERT
CERT
•added 2004/06/02 12:0 a.m.•22 views

MIT Kerberos 5 krb5_aname_to_localname() contains several heap overflows

Overview MIT Kerberos 5 contains several heap buffer overflow vulnerabilities in code that translates Kerberos principal names to local UNIX account names. An authenticated, remote attacker could execute arbitrary code on a vulnerable system with root privileges. Description MIT Kerberos 5 contai...

7.9AI score
Exploits0References3
CERT
CERT
•added 2004/05/26 12:0 a.m.•20 views

HP OpenView Select Access fails to properly decode UTF-8 encoded unicode characters in URLs

Overview There is a vulnerability in the way HP OpenView Select Access decodes UTF-8 encoded unicode characters in URLs. This vulnerability could allow a remote user to gain access to resources the user would otherwise be unauthorized to access. Description HP OpenView Select Access is a software...

7.1AI score
Exploits0References4
CERT
CERT
•added 2004/05/21 12:0 a.m.•35 views

Apple Mac OS X help system may interpret inappropriate local script files

Overview A vulnerability has been reported in the default URI protocol handler in Apple's Mac OS X help system. Exploitation of this vulnerability may permit a remote attacker to execute arbitrary scripts on the local system. Description A vulnerability has been reported in Apple's Mac OS X...

6.7AI score
Exploits0References4
CERT
CERT
•added 2004/05/21 12:0 a.m.•30 views

Apple Mac OS X "disk://" URI handler stores arbitrary files in a known location

Overview A vulnerability has been reported in the default "disk://" protocol handler installed on Apple Mac OS X systems. Remote attackers may potentially use this vulnerability to create files on the local system without explicit user consent. We have not independently verified the scope of this...

7.3AI score
Exploits0References2
CERT
CERT
•added 2004/05/21 12:0 a.m.•15 views

Symantec Norton AntiVirus 2004 ActiveX control fails to properly validate input

Overview There is a vulnerability in an ActiveX control provided by Norton AntiVirus 2004 that could allow an attacker to execute arbitrary programs, launch a browser window containing an unauthorized URL, or cause a denial of service on a vulnerable system. Description Norton AntiVirus 2004 is a...

7.8AI score
Exploits0References4
CERT
CERT
•added 2004/05/19 12:0 a.m.•78 views

CVS contains a heap overflow in the handling of flag insertion

Overview A heap overflow vulnerability in the Concurrent Versions System CVS could allow a remote attacker to execute arbitrary code on a vulnerable system. Description CVS is a source code maintenance system that is widely used by open-source software development projects. There is a heap memory...

7.5CVSS7.5AI score0.67525EPSS
Exploits1References4
CERT
CERT
•added 2004/05/14 12:0 a.m.•30 views

Sun Java Runtime Environment vulnerable to DoS

Overview The Sun Java Runtime Environment JRE contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service condition in the Java Virtual Machine JVM. Description The Sun Java Runtime Environment provides the libraries and components necessary to run...

7AI score
Exploits0References4
CERT
CERT
•added 2004/05/13 12:0 a.m.•32 views

Multiple Symantec firewall products contain a buffer overflow in the processing of DNS resource records

Overview There is a buffer overflow vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted Domain Name Service DNS packet could allow an unauthenticated, remote attacker to execute arbitrary code with kernel privileges. Description Symantec offers a...

10CVSS7.9AI score0.12798EPSS
Exploits0References3
CERT
CERT
•added 2004/05/13 12:0 a.m.•24 views

Multiple Symantec firewall products contain a heap corruption vulnerability in the handling of NBNS response packets

Overview There is a heap corruption vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted NetBIOS Name Service NBNS response packet could allow an unauthenticated, remote attacker to execute arbitrary code with kernel privileges. Description Symante...

10CVSS7.8AI score0.12798EPSS
Exploits0References3
CERT
CERT
•added 2004/05/13 12:0 a.m.•28 views

Multiple Symantec firewall products fail to properly process DNS response packets

Overview There is a vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted Domain Name Service DNS response packet could allow an unauthenticated, remote attacker to cause a denial of service condition. Description Symantec offers a suite of corporat...

2.6CVSS6.8AI score0.11048EPSS
Exploits0References3
CERT
CERT
•added 2004/05/13 12:0 a.m.•31 views

Multiple Symantec firewall products fail to properly process NBNS response packets

Overview There is a buffer overflow vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted NetBIOS Name Service NBNS response packet could allow an unauthenticated, remote attacker to execute arbitrary code with kernel privileges. Description Symante...

10CVSS7.9AI score0.12798EPSS
Exploits0References4
CERT
CERT
•added 2004/05/13 12:0 a.m.•29 views

IEEE 802.11 wireless network protocol DSSS CCA algorithm vulnerable to denial of service

Overview The IEEE 802.11 wireless networking protocol contains a vulnerability that could allow a remote attacker to cause a denial of service to any wireless device within range. Description IEEE 802.11 wireless network protocols use a Clear Channel Assessment CCA algorithm to determine whether ...

5CVSS6.6AI score0.02336EPSS
Exploits0References5
CERT
CERT
•added 2004/05/11 12:0 a.m.•27 views

Microsoft Help and Support Center (HCP) fails to properly validate HCP URLs

Overview The Microsoft Help and Support Center HCP fails to properly handle HCP URL validation. Exploitation of this vulnerability may permit remote attackers to execute arbitrary code on the system with the privileges of the current user. Description Microsoft Windows XP and Server 2003 Help and...

5.1CVSS6.9AI score0.26133EPSS
Exploits1References2
CERT
CERT
•added 2004/05/10 12:0 a.m.•26 views

Gaim contains a buffer overflow vulnerability in the Extract Info Field function

Overview There is a buffer overflow vulnerability in the gaimmarkupextractinfofield function, which could allow an unauthenticated, remote attacker to cause a denial of service or execute arbitrary code. Description Gaim is a multi-protocol instant messenger client available for a number of...

7.5CVSS9.9AI score0.07185EPSS
Exploits0References4
CERT
CERT
•added 2004/05/10 12:0 a.m.•25 views

Gaim contains an integer overflow vulnerability when parsing DirectIM packets

Overview There is an integer overflow vulnerability in the handlehdrodc function, which could allow an unauthenticated, remote attacker to cause a denial of service or potentially execute arbitrary code. Description Gaim is a multi-protocol instant messenger client available for a number of...

7.5CVSS9.8AI score0.08497EPSS
Exploits0References4
CERT
CERT
•added 2004/05/07 12:0 a.m.•55 views

Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests

Overview There is a buffer overflow vulnerability in the way Apple's AppleFileServer handles certain authentication requests. This vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code. Description The AppleFileServer provides Apple Filing Protocol AFP services f...

5.1CVSS8AI score0.41303EPSS
Exploits6References5
CERT
CERT
•added 2004/05/06 12:0 a.m.•26 views

Gaim contains a buffer overflow vulnerability in the gaim_url_parse() function

Overview There is a buffer overflow vulnerability in the Gaim gaimurlparse function, which could allow an unauthenticated, remote attacker to execute arbitrary code. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. There is a buffer overflow...

7.5CVSS9.8AI score0.07605EPSS
Exploits0References4
CERT
CERT
•added 2004/05/06 12:0 a.m.•25 views

Gaim contains a buffer overflow vulnerability in the http_canread() function

Overview There is a buffer overflow vulnerability in the Gaim httpcanread function, which could allow an unauthenticated, remote attacker to execute arbitrary code. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It provides a feature that allow...

7.5CVSS9.8AI score0.07605EPSS
Exploits0References4
CERT
CERT
•added 2004/05/06 12:0 a.m.•38 views

Gaim fails to properly validate the "name" parameter in the Yahoo login webpage

Overview There is a buffer overflow vulnerability in the way the Gaim yahoologinpagehash function parses the "name" parameter in the Yahoo login webpage. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of instant messaging...

7.5CVSS9.7AI score0.07605EPSS
Exploits0References4
CERT
CERT
•added 2004/05/06 12:0 a.m.•21 views

Gaim fails to properly parse cookies in Yahoo web connections

Overview There is a buffer overflow vulnerability in the way Gaim parses cookies for Yahoo web connections. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of instant messaging protocols, including the Yahoo Messenger YMSG...

7.5CVSS9.8AI score0.07605EPSS
Exploits0References4
CERT
CERT
•added 2004/05/06 12:0 a.m.•25 views

Gaim fails to properly validate the "value" parameter in the Yahoo login webpage

Overview There is a buffer overflow vulnerability in the way the Gaim yahoologinpagehash function parses the "value" parameter in the Yahoo login webpage. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of instant messaging...

7.5CVSS9.7AI score0.07605EPSS
Exploits0References4
CERT
CERT
•added 2004/05/06 12:0 a.m.•22 views

Gaim contains a buffer overflow vulnerability in the yahoo_packet_read() function

Overview There is a buffer overflow vulnerability in the Gaim yahoopacketread function, which could allow an unauthenticated, remote attacker to execute arbitrary code. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of...

7.5CVSS9.8AI score0.07605EPSS
Exploits0References4
CERT
CERT
•added 2004/05/03 12:0 a.m.•29 views

Apple QuickTime contains an integer overflow in the "QuickTime.qts" extension

Overview Apple QuickTime contains an integer overflow vulnerability in the "QuickTime.qts" extension, which could result in arbitrary code execution. Description Apple's QuickTime Player is a player that allow users to view local and remote audio/video content. Other applications, such as web...

5.1CVSS7.3AI score0.03243EPSS
Exploits0References5
CERT
CERT
•added 2004/04/30 12:0 a.m.•18 views

libgcc contains multiple flaws that allow integer type range vulnerabilities to occur at runtime

Overview The libgcc runtime for the gcc and g++ compilers contain multiple flaws that can result in integer type range vulnerabilities in programs that are compiled using the -ftrapv option. Description Both gcc and g++ provide an -ftrapv compiler option that, according to the gcc man page,...

7.7AI score
Exploits0References4
CERT
CERT
•added 2004/04/30 12:0 a.m.•44 views

Gaim contains a buffer overflow vulnerability in the gaim_quotedp_decode() function

Overview There is a buffer overflow vulnerability in the Gaim gaimquotedpdecode function, which could cause a pointer to reference memory beyond the terminating null byte. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It includes a feature tha...

9.8CVSS9.7AI score0.11214EPSS
Exploits1References5
CERT
CERT
•added 2004/04/30 12:0 a.m.•25 views

Gaim contains an off-by-one buffer overflow vulnerability in the gaim_quotedp_decode() function

Overview There is an off-by-one buffer overflow vulnerability in the Gaim MIME decoder. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It includes a feature that requires Gaim to decode MIME-encoded data. There is an off-by-one buffer overflow...

9.8CVSS9.6AI score0.11214EPSS
Exploits1References5
CERT
CERT
•added 2004/04/30 12:0 a.m.•23 views

Gaim contains an off-by-one buffer overflow vulnerability in the yahoo_decode() function

Overview There is an off-by-one buffer overflow vulnerability in the Gaim yahoodecode function. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of instant messaging protocols, including the Yahoo Messenger YMSG protocol...

9.8CVSS9.7AI score0.11214EPSS
Exploits1References5
CERT
CERT
•added 2004/04/30 12:0 a.m.•20 views

Gaim contains a buffer overflow vulnerability in the yahoo_decode() function

Overview There is a buffer overflow vulnerability in the Gaim yahoodecode function, which could cause a pointer to reference memory beyond the terminating null byte. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of instan...

9.8CVSS9.7AI score0.11214EPSS
Exploits1References5
CERT
CERT
•added 2004/04/26 12:0 a.m.•17 views

BEA WebLogic Server contains a vulnerability in the URL pattern matching

Overview There is a vulnerability in the URL pattern matching functionality of BEA WebLogic Server that could allow URL restrictions to be bypassed. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and...

6.9AI score
Exploits0References3
CERT
CERT
•added 2004/04/23 12:0 a.m.•27 views

BEA WebLogic Server configuration wizard stores administrative credentials in clear text log files

Overview There is a vulnerability in BEA WebLogic Server in which a user with access to log files generated by the configuration wizard could obtain the administrative username and password. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure fo...

6.7AI score
Exploits0References3
CERT
CERT
•added 2004/04/23 12:0 a.m.•38 views

BEA WebLogic Server allows unauthorized removal of EJB objects

Overview There is a vulnerability in the BEA WebLogic Server that could allow the unauthorized removal of an Enterprise JavaBean EJB. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and managing...

6.9AI score
Exploits0References4
CERT
CERT
•added 2004/04/22 12:0 a.m.•19 views

BEA WebLogic Server fails to properly validate certificate chains

Overview There is a vulnerability in BEA WebLogic Server in which certificate chains rejected by the custom trust manager could still be accepted by the server. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating,...

6.8AI score
Exploits0References4
CERT
CERT
•added 2004/04/22 12:0 a.m.•26 views

BEA WebLogic Server internal methods may disclose sensitive information

Overview There is a vulnerability in BEA WebLogic Server that could allow users to obtain the credentials of the user who booted the server. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and managing...

7.3AI score
Exploits0References3
CERT
CERT
•added 2004/04/20 12:0 a.m.•25 views

Cisco IOS fails to properly process solicited SNMP operations

Overview Cisco IOS contains a vulnerability in the processing of solicited Simple Network Management Protocol SNMP operations that may result in memory corruption of the device causing it to reload. Sustained exploitation of this vulnerability could lead to a denial of service condition affect a...

7.3AI score
Exploits0References2
Total number of security vulnerabilities3702