13538 matches found
Microsoft Graphics Filters CGM Image Converter Buffer Overrun (MS10-105) - Ver2 (CVE-2010-3945)
Computer Graphics Metafile CGM is a free and open international standard file format for 2D vector graphics, raster graphics, and text. A remote code execution vulnerability has been discovered in the way that Microsoft Office allocates buffer size when handling CGM image files. The vulnerability...
Sielco Sistemi Winlog Buffer Overflow - Ver2 (CVE-2012-3815)
A stack-based buffer overflow vulnerability has been reported in Sielco Sistemi Winlog. The vulnerability is due to insufficient sanitation of TCP requests. A remote attacker can exploit this issue by sending a specially crafted TCP request to the affected server. Successful exploitation would...
Microsoft Internet Explorer MSHTML Uninitialized Memory Corruption (MS10-071) - Ver2 (CVE-2010-3331)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted when a document in an HTML format is opened in Microsoft Word. To trigger this issue, ...
HP OpenView Network Node Manager Accept-Language Buffer Overflow - Ver2 (CVE-2009-4179)
A stack buffer overflow exists in HP OpenView Network Node Manager NNM CGI program ovalarm.exe. The vulnerability is due to a boundary error when processing the Accept-Language HTTP header and the OvAcceptLang cookie value in a crafted HTTP request. A remote unauthenticated attacker can exploit...
VLC Media Player XSPF Playlist Integer Overflow - Ver2 (CVE-2011-2194)
An integer overflow vulnerability has been reported in VideoLAN VLC Media Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Visual Studio WMI Object Code Execution (MS06-073) - Ver2 (CVE-2006-4704)
A remote code execution vulnerability exists in Microsoft Visual Studio 2005. Microsoft Visual Studio is a software development product for computer programmers. It centers on an integrated development environment which lets programmers create standalone applications, web sites, web applications,...
Adobe Acrobat And Reader Heap-based memory corruption (APSB15-10: CVE-2015-3051)
A Heap based memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error occurring when a font object containing a negative value being passed to callother operator, causing an integer overflow. A remote attacker can exploit this vulnerability by...
Microsoft XML Core Services Remote Code Execution (KB2719615) - Ver2 (CVE-2012-1889)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is caused due to a memory corruption when XML core Services attempts to access an object in memory that has not been initialized. A remote attacker may exploit this vulnerability by enticing ...
Oracle Java Runtime Environment ShortComponentRaster.verify Memory Corruption - Ver2 (CVE-2013-2472)
A memory corruption vulnerability exists in Oracle's Java Runtime. The vulnerability is due to insufficient input validation on ShortComponentRaster.verify method parameters which will lead to bypassing of "dataOffsets0" boundary checks when the "numDataElements" field is 0. A remote attacker can...
VMware OVF Tool Format String - Ver2 (CVE-2012-3569)
A format string vulnerability has been reported in VMware OVF Tool.The vulnerability is caused by insufficient sanitization when processing OVF files.A remote attacker can exploit this vulnerability to execute arbitrary code in the security context of the current user...
ISS ICQ Parsing - Ver2 (CVE-2004-0362)
There is a vulnerability within several ISS security products, including BlackICE, RealSecure, and Proventia, in the way they parse the ICQ messaging protocol. An attacker, exploiting this vulnerability, can cause a buffer overflow, resulting in the termination of a service or execution of...
HP Intelligent Management Center img Buffer Overflow - Ver2 (CVE-2011-1848)
HP Intelligent Management Center IMC is a stand-alone, comprehensive management platform developed by HP that delivers integrated and modular network management capabilities. IMC Enterprise Edition is designed on a service-oriented architecture SOA using a business application flow model as the...
Microsoft Internet Explorer Deleted Object Code Execution (MS13-037) - Ver2 (CVE-2013-1312)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
MySQL Malformed Password Authentication - Ver2 (CVE-2004-0627)
MySQL is an open-source implementation of a relational database management system. MySQL supports the SQL Structured Query Language database query language. The database product allows remote network connections from client applications over the proprietary MySQL network protocol in addition to...
Ca eTrust PestPatrol Antispyware ActiveX Buffer Overflow106 - Ver2 (CVE-2009-4225)
A buffer overflow vulnerability has been reported in Ca Etrust Pestpatrole Ppctl.dll Activex and Computer Associates eTrust PestPatrol. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Windows Media Player MIDI Code Execution (MS12-004) - Ver2 (CVE-2012-0003)
A remote code execution vulnerability has been reported in Windows Media Player. The vulnerability is due to an error in Windows Media Player while handling specially crafted MIDI files. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted MIDI fi...
Microsoft Windows AVI File Data Validation Integer Overflow (MS09-038) - Ver2 (CVE-2009-1546)
Audio Video Interleave AVI is a special case of Resource Interchange File Format RIFF.This file type used with applications that capture, edit, and play back audio-video sequences. The vulnerability is due to an error in the Windows component responsible for processing AVI files that does not...
Adobe Acrobat and Reader Null Pointer Dereference Denial of Service (APSB15-10: CVE-2015-3047)
A denial of service vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to a null pointer dereference. A remote attacker can exploit this issue by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Buffer Overflow (APSB15-10: CVE-2015-3048)
A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while creating a new broker process for the IE EPM sandbox. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Adobe Flash Player Type Confusion (APSB15-09: CVE-2015-3077)
A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...
Adobe Reader Memory Corruption (APSB15-10: CVE-2015-3046)
Adobe Reader is vulnerable to a memory corruption while parsing data from a PRC stream. A remote attacker could exploit this vulnerability by enticing a victim to open a specially crafted PDF file, which could result in remote code execution with security privileges of the current user...
Adobe Acrobat and Reader Buffer Overflow (APSB15-10: CVE-2014-9160)
A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Reader and Acrobat Memory Corruption (APSB15-10: CVE-2014-9161)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Weak SSL RC4 Cipher Suites (CVE-2013-2566; CVE-2015-2808)
RC4 is a widely supported stream cipher, often preferred by TLS servers and other servers using encrypted sessions. It has long been known to have a variety of cryptographic weaknesses. Recent cryptanalysis results, one of which is the "Bar Mitzvah attack", exploit biases in the RC4 keystream to...
OpenSSL Invalid PSS Parameters Denial of Service (CVE-2015-0208)
A denial of service vulnerability exists in OpenSSL. The vulnerability is due to a null pointer dereference when an OpenSSL application receives and processes a crafted certificate containing invalid RSA PSS parameters. A remote, unauthenticated attacker can exploit this vulnerability by sending ...
MIT Kerberos 5 recvauth Denial Of Service (CVE-2014-5355)
A denial of service vulnerability exists in MIT Kerberos 5. The vulnerability occurs when recvauthcommon calls krb5readmessage to receive and process a crafted message causing it to return an invalid string that later causes a NULL pointer dereference or an attempt to read beyond the end of a...
OpenSSL DHE Client Key Exchange Denial of Service (CVE-2015-1787)
A denial of service vulnerability exists in OpenSSL. The vulnerability is due to a null pointer dereference that occurs when an OpenSSL application receives and processes a Client Certificate and a crafted Client Key Exchange handshake message.A remote, unauthenticated attacker can exploit this...
Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1698)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1710)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Clipboard Information Disclosure (MS15-043: CVE-2015-1692)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer, The vulnerability is due to an improper restriction of access to the clipboard of a user who visits a website. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page...
MacKeeper Remote Code Execution
A remote code execution has been reported in MacKeeper. By enticing the user to visit a specially crafted URL, a remote attacker could run arbitrary code on the victim's computer...
Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1697)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1675)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1686)
A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to JScript and VBScript engines not using Address Space Layout Randomization ASLR security feature when rendered in Internet Explorer. A remote attacker can exploit this issue by...
Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1695)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1712)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer ASLR Bypass (MS15-043: CVE-2015-1685)
A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improper implementation of the Address Space Layout Randomization ASLR security feature. A remote attacker can exploit this issue by enticing a user to open a specially crafted...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1714)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1709)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1691)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1658)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1706)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1711)
A use-after-free vulnerability has been reported in Microsoft Internet Explorer which could result in remote code execution. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1689)
A use-after-free vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1696)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1705)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1699)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
Microsoft Management Console File Format Denial of Service (MS15-054; CVE-2015-1681)
A denial of service vulnerability has been reported in Microsoft Management Console. The vulnerability exists when Windows attempts to access a specially crafted .msc file to retrieve the icon information, and then fails to properly validate a destination buffer. A remote attacker can exploit thi...
Microsoft Office Memory Corruption (MS15-046: CVE-2015-1682)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1718)
A use-after-free vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...