13538 matches found
Internet Explorer URLEncoded Characters Information Disclosure - Ver2 (CVE-2002-1186)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Interactive Data eSignal Listener Buffer Overflow - Ver2 (CVE-2004-1868)
eSignal is a real-time market data and support tool provided by Interactive Data Corporation. The product supplies financial market data and more for traders over the internet. To facilitate the receipt of incoming data, eSignal opens a local, listening socket on TCP Port 80. There exists a buffe...
SAP Internet Transaction Server Information Disclosure - Ver2 (CVE-2003-0747)
An information disclosure vulnerability has been reported in Sap Internet Transaction Server. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Excel Sheet Name Memory Corruption - Ver2 (CVE-2007-3490)
Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...
Microsoft HSC URL RemoteCodeExecution (MS04-011) - Ver2 (CVE-2003-0907)
A vulnerability exist in the way Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to run malicious JavaScript code in the security context of "My...
LupperA XMLRPC Propagation Request Code Execution - Ver2 (CVE-2005-1921)
A code execution vulnerability has been reported in Pear XML RPC. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
X97EmbedAn Excel Document Code Execution - Ver2 (CVE-2006-3059)
A code execution vulnerability has been reported in Microsoft Excel Viewer and Microsoft Excel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Vista Contact Gadget Remote Code Execution - Ver2 (CVE-2007-3032)
A code execution vulnerability has been reported in Microsoft Windows Vista. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mozilla Firefox nsTreeRange Use After Free - Ver2 (CVE-2011-0073)
A use-after-free vulnerability has been reported in Mozilla Firefox. The vulnerability is due to an error while handling user-defined functions in JavaScript JS files. A remote attacker may exploit this vulnerability by enticing users to open a specially crafted web-page using an affected version...
Alcatel OmniPCX Office FastJSDatacgi id2 Parameter Command Execution - Ver2 (CVE-2008-1331)
A command execution vulnerability has been reported in Alcatel-Lucent OmniPCX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Microsoft Office BMP Header biClrUsed Integer Overflow (MS09-062) - Ver2 (CVE-2009-2518)
Microsoft Office is a popular productivity application suite released by Microsoft Corporation. It includes a word processor, a spreadsheet application, a presentation editor, and a number of other applications and components. The Office Document files used by these applications contain a common...
Internet Explorer HTML Tag Memory Corruption (MS06-013) - Ver2 (CVE-2006-1188)
Microsoft Internet Explorer IE is the most widely used web browser application today. The browser is capable of processing HTML, scripting languages, and interpretation of various other popular Internet specifications. There are numerous versions of the HTML standard that are interpreted by the...
Voodoo Chat index.php file_path Parameter PHP Code Execution - Ver2 (CVE-2006-3991)
A code execution vulnerability has been reported in Voc-project Voodoo Chat. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Internet Explorer Malformed GIF File Double Free (MS04-025) - Ver2 (CVE-2003-1048)
The Graphics Interchange Format GIF defines a file format intended for the on-line transmission and interchange of raster graphic data. It uses the LZW compression algorithm to minimize file sizes. A double free vulnerability exists in the way Microsoft Internet Explorer handles images of the GIF...
Apple Quicktime MJPEG Frame stsd Atom Heap Overflow - Ver2 (CVE-2013-1020)
A buffer overflow vulnerability has been reported in Apple Quicktime. The vulnerability is due to improper processing of mjpeg movies with an improper jpeg frame size in the stsd atom. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...
Microsoft Excel Sheet Object Type Confusion (MS10-017) - Ver2 (CVE-2010-0258)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...
Microsoft Winhlp32 Compressed Phrase Buffer Overflow attack - Ver2 (CVE-2004-1306)
A buffer overflow vulnerability has been reported in Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows NT and Microsoft Windows Server 2003. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...
Oracle HTTP Server Cross-Site Scripting - Ver2 (CVE-2004-2115)
A cross-site scripting vulnerability has been reported in Oracle HTTP Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Microsoft HSC URL Remote Code Execution (MS04-015) - Ver2 (CVE-2004-0199)
A vulnerability exists in the way Microsoft Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to download and execute malicious programs on a...
Mozilla Firefox Proxy Prototype Remote Code Execution (CVE-2014-8636)
A remote code execution vulnerability has been detected in Mozilla Firefox. A remote attacker may exploit this vulnerability by enticing users to open a specially crafted web-page. Successful exploitation would allow an attacker to execute arbitrary code in the user's security context...
VS News System show_news_inc.php newsordner Parameter PHP Code Execution - Ver2 (CVE-2007-1017)
A code execution vulnerability has been reported in Virtualsystem Vs-news-system. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Reader and Acrobat File Extension Buffer Overflow - Ver2 (CVE-2004-0632)
A buffer overflow vulnerability has been reported in Adobe Acrobat and Adobe Acrobat Reader. The vulnerability is due to improper handling of file name extensions. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...
Microsoft HSC URL RemoteCodeExecution (MS04-011) - Ver2 (CVE-2003-0907)
A vulnerability exist in the way Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to run malicious JavaScript code in the security context of "My...
Joomla index.php Multiple Parameter XSS - Ver2 (CVE-2011-2710)
A cross-site scripting vulnerability has been reported in Joomla. The vulnerability is due to the script not validating input appended to the URL or passed via the 'searchword', 'extension', 'asset', 'author' parameters upon submission to the index.php script. Successful exploitation of this...
Oracle Database Client System Analyzer Arbitrary File Upload Code Execution - Ver2 (CVE-2010-3600)
A code execution vulnerability has been reported in Oracle Enterprise Manager Grid Control and Oracle Database Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Word RTF listoverridecount Memory Corruption - Ver2 (CVE-2014-1761)
A memory corruption vulnerability has been reported in Microsoft Word. The vulnerability is due to improper handling of structures when parsing a specially crafted RTF document. An attacker could exploit this vulnerability by enticing the target user to open a specially crafted RTF file. Successf...
TheWebForum register.php www Parameter XSS - Ver2 (CVE-2006-0134)
A cross-site scripting vulnerability has been reported in TheWebForum. The vulnerability is due to the application not validating the 'www' variable upon submission to the 'register.php' script. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web...
Mozilla Firefox mozgrid Modification Denial of Service - Ver2 (CVE-2006-1738)
A denial-of-service vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird, Mozilla SeaMonkey and Mozilla Suite. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Excel Cell Length Buffer Overflow (MS04-033) - Ver2 (CVE-2004-0846)
Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available in several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...
Adobe Reader JavaScript printSeps Function Heap Corruption (APSB10-28) - Ver2 (CVE-2010-4091)
Portable Document Format PDF is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. A heap corruption vulnerability exits in the way Adobe Acrobat and Reader handle specially craft...
CHETCPASSWD System Shadow File Disclosure - Ver2 (CVE-2002-2219)
An information disclosure vulnerability has been reported in CHETCPASSWD. The vulnerability may potentially cause the tail end of the local shadow file to be disclosed to a remote attacker...
HPUX LPD Metacharacter Command Execution - Ver2 (CVE-2005-3277)
A command execution vulnerability has been reported in HP-UX family of operating systems. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Drupal Core XML-RPC Endpoint xmlrpc.php Internal Entity Expansion Denial of Service - Ver2 (CVE-2014-5265)
A denial of service vulnerability has been reported in Drupal Core. This can cause a very high CPU load and memory exhaustion. A remote unauthenticated attacker can exploit this vulnerability to cause a denial of service on the vulnerable system...
Microsoft Windows Schannel Remote Code Execution - Ver2 (CVE-2014-6321)
A code execution vulnerability has been reported in Secure Channel Schannel security package. An attacker could exploit this vulnerability by sending specially crafted packets to a Windows server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...
Mozilla Firefox Floating Layer Column Layout Denial of Service - Ver2 (CVE-2007-0775)
A denial-of-service vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Adobe Reader JPEG2000 Region of Interest Memory Corruption (APSB10-02) - Ver2 (CVE-2009-3955)
Portable Document Format PDF is an open file format created by Adobe Systems. A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to the way Adobe Reader and Acrobat parse a PDF file containing a malformed Jp2c stream of a JpxDecode encoded da...
MySQL and MariaDB Incorrect Cast Policy Bypass - Ver2 (CVE-2012-2122)
An incorrect cast has been reported in MySQL and MariaDB. The vulnerability is due to the reliance on memcpy returning a value between -128 and 127. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly trying to connect to the affected database service...
Microsoft Windows 2000 Domain Authentication Bypass attack - Ver2 (CVE-2004-0540)
An authentication bypass vulnerability has been reported in Microsoft Windows 2000. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
Check Point Firewall-1 HTTP Parsing Format String Code Execution - Ver2 (CVE-2004-0039)
A code execution vulnerability has been reported in Checkpoint Firewall-1. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
BitDefender Antivirus Logging Function Format String - Ver2 (CVE-2005-3154)
The SOFTWIN BitDefender Antivirus AV product is an anti-virus scanner capable of on-demand as well as email scanning operations. The AV scanner logs by default all results of scans that it performs on the host machine. The logs include positive as well negative virus pattern matches. There exists...
Mozilla Firefox XSL Transformation Memory Corruption - Ver2 (CVE-2009-1169)
Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, various graphics formats, and so on. The browser runs on the Windows,...
Internet Explorer HTML Help Remote Code Execution (MS05-001) - Ver2 (CVE-2004-1043)
Microsoft Internet Explorer executes with the concept of security zones, which enables the browser to apply different security policies based on the origin of the file that is being rendered. For instance, separate restrictions may be set for remote content and for local content. As a rule,...
Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)
A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to incorrect implementation of the SigComp UDVM Dissector. An attacker can exploit this issue by sending a malicious sigComp traffic in the internet...
Adobe Flash Player Use After Free Remote Code Execution (APSB15-05: CVE-2015-0342)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Flash Player Memory Corruption (APSB15-05: CVE-2015-0335)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
CVSTrac FileDiff v2 Parameter Command Execution - Ver2 (CVE-2004-1456)
A command execution vulnerability has been reported in CVSTrac. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
AlienVault OSSIM av-centerd Util.pm remote_task Arbitrary Command Execution - Ver2 (CVE-2014-5210)
The vulnerability is due to a failure to safely sanitize remotetask SOAP requests within Util.pm. this vulnerability can be exploit by sending crafted requests to the affected service. Successful exploitation could result in arbitrary command execution with root privileges...
Microsoft Windows Vista Feed Headlines Gadget Code Execution (MS07-048) - Ver2 (CVE-2007-3033)
Gadgets are mini applications with a variety of possible uses. They can connect to web services to deliver business data, weather information, news updates, traffic maps, Internet radio streams, and even slide shows of on-line photo albums. Windows Vista is shipped with a set of gadgets, includin...
Mozilla Firefox SVG pathSegListgetItem Negative Argument Memory Corruption - Ver2 (CVE-2007-2867)
A memory corruption vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft XML Signature HMAC Truncation Bypass (MS10-041) - Ver2 (CVE-2009-0217)
The Microsoft .NET Framework is a component of the Microsoft Windows operating system that enables building and running software applications and Web services. A tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without...