13538 matches found
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1731)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1687)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Elevation Of Privilege (MS15-056: CVE-2015-1743)
An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1741)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1752)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1740)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1737)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Adobe Flash Player Memory Corruption (APSB15-11: CVE-2015-3100)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB15-11: CVE-2015-3104)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Memory Leak (APSB15-09: CVE-2015-3091)
A memory leak vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Flash Player while handling specially crafted swf files. A remote attacker can exploit this issue by enticing a target user to open a malicious website containing a specially crafted swf...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1748)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1735)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a function call being made through an uninitialized object. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affected versio...
Novell ZENworks Configuration Management DirectoryViewer Information Disclosure (CVE-2015-0785)
An information disclosure vulnerability exists in Novell ZENworks Configuration Management. The vulnerability is due to lack of sanitization of the dirname parameter within the DirectoryViewer class. By sending crafted requests to the target server, a remote attacker can leverage this vulnerabili...
Adobe Flash Player Same Origin Policy Bypass (APSB15-11: CVE-2015-3098)
A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1766)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1742)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1744)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to object being accessed after bring released. A remote attacker can exploit this issue by enticing a victim to open a specially crafted website with a vulnerable version of Internet...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1750)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1745)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Cross-Site Scripting (CVE-2005-0543; CVE-2014-4075; CVE-2014-4116; CVE-2014-6325; CVE-2014-6365; CVE-2015-1636; CVE-2015-1640; CVE-2015-1757)
...
Adobe Flash Player Out of Bounds Memory Corruption (APSB15-11: CVE-2015-3105)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an out-of-bounds memory write while handling specially crafted SWF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Novell ZENworks Configuration Management FileViewer Information Disclosure (CVE-2015-0783)
An information disclosure vulnerability exists in Novell ZENworks Configuration Management. The vulnerability is due to lack of sanitization on the filename parameter within the FileViewer class. By sending crafted requests to the target server, a remote attacker can leverage this vulnerability t...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1755)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Adobe Flash Player Use After Free Remote Code Execution (APSB15-09: CVE-2015-3080)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Acrobat And Reader Use-After-Free (APSB15-10: CVE-2015-3055)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file. Successful exploitatio...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1736)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1751)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1753)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
OsCommerce Configuration Cross-Site Scripting
A cross-site scripting vulnerability has been reported in OsCommerce Online Merchant platform. Successful exploitation of this vulnerability would allow remote attackers to inject web script into the affected system...
Adobe Flash Player Use After Free Remote Code Execution (APSB15-11: CVE-2015-3103)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Flash Player Type Confusion (APSB15-09: CVE-2015-3084)
A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...
Adobe Flash Player Use After Free Code Execution (APSB15-11: CVE-2015-3106)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading specially crafted SWF files. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file...
OsCommerce Cross-Site Request Forgery Administrator Deletion
A Cross-Site Request Forgery vulnerability has been reported in OsCommerce Online Merchant platform. Successful exploitation of this vulnerability would allow remote attackers to delete administrator users from the affected system...
Microsoft Word Intruder RTF FILE
Malicious word documents can be created using Microsoft Word Intruder MWI. This tool can be used in targeted attacks. Successful infection will allow the attacker to download additional malware to the target...
Adobe Flash Player JSONP Cross-Site Request Forgery (APSB15-11: CVE-2015-3096)
A cross-site request forgery CSRF vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an insufficient validation of data from JSONP callback APIs. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB15-09: CVE-2015-3089)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Reader and Acrobat Memory Corruption (APSB15-10: CVE-2015-3076)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected versio...
Adobe Flash Player Memory Corruption (APSB15-09: CVE-2015-3093)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file with an affected...
Microsoft Internet Explorer VBScript Memory Corruption (MS15-053: CVE-2015-1684)
A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due an error while processing regular expressions which allows a user to disclose memory contents of the current process. A remote attacker can exploit this issue to bypass the ASLR...
Adobe Flash Player Cross Domain Policy Bypass (APSB15-11: CVE-2015-3099)
Adobe Flash Player is vulnerable to a cross domain policy bypass. If the victim opens a maliciously crafted file using certain URL, the file could cause a privilege escalation and allow unlimited cross-domain access...
Steganography Over JPEG
A remote code execution vulnerability has been reported in the way web browsers handle embedded content. To trigger this issue, an attacker may embed a malicious JPEG file in a webpage. Successful exploitation of this vulnerability will allow execution of arbitrary code on the vulnerable system...
PowerDNS Nameserver Label Decompression Denial of Service (CVE-2015-1868)
A denial of service vulnerability exists in PowerDNS. The vulnerability is due to a design weakness in PowerDNS label decompression code causing excessive looping. A remote attacker can exploit these vulnerabilities by sending a request to a vulnerable server to consume CPU resource...
Adobe Flash Player Heap Buffer Overflow (APSB15-09: CVE-2015-3088)
A heap buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted swf file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted swf file...
Adobe Acrobat And Reader JavaScript API code execution (APSB15-10: CVE-2015-3072; CVE-2015-3065; CVE-2015-3066; CVE-2015-3067; CVE-2015-3068; CVE-2015-3071; CVE-2015-3073)
A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...
Adobe Flash Time of Check Time of Use Race Condition (APSB15-09: CVE-2015-3081)
A time-of-check time-of-use race condition vulnerability has been reported in Adobe Flash. The vulnerability is due to an error in The Flash IE broker while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file,...
Adobe Flash Player Type Confusion (APSB15-09: CVE-2015-3086)
A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...
Adobe Flash Player Integer Overflow (APSB15-09: CVE-2015-3087)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an integer overflow condition in Adobe Flash Player. A remote attacker can exploit this vulnerability by enticing a target user to open a web page containing a specially crafted SWF file...
Adobe Flash Player Validation Bypass (APSB15-09: CVE-2015-3085; CVE-2015-3082)
A validation bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the Flash IE broker while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Adobe Flash Player Validation Bypass (APSB15-09: CVE-2015-3083)
A validation bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the Flash IE broker while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
WebGate Multiple Products WESPPlaybackCtrl Two Stack Buffer Overflow (CVE-2015-2094)
Two stack buffer overflow vulnerabilities exist in WebGate Multiple Products. The vulnerabilities are due to insufficient input validation on the length of the parameter passed to the PlaySiteAllChannel and StopSiteAllChannel methods of the WESPPLAYBACK.WESPPlaybackCtrl control. A remote attacker...