13538 matches found
CVSTrac FileDiff v2 Parameter Command Execution - Ver2 (CVE-2004-1456)
A command execution vulnerability has been reported in CVSTrac. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
AlienVault OSSIM av-centerd Util.pm remote_task Arbitrary Command Execution - Ver2 (CVE-2014-5210)
The vulnerability is due to a failure to safely sanitize remotetask SOAP requests within Util.pm. this vulnerability can be exploit by sending crafted requests to the affected service. Successful exploitation could result in arbitrary command execution with root privileges...
Microsoft Windows Vista Feed Headlines Gadget Code Execution (MS07-048) - Ver2 (CVE-2007-3033)
Gadgets are mini applications with a variety of possible uses. They can connect to web services to deliver business data, weather information, news updates, traffic maps, Internet radio streams, and even slide shows of on-line photo albums. Windows Vista is shipped with a set of gadgets, includin...
Mozilla Firefox SVG pathSegListgetItem Negative Argument Memory Corruption - Ver2 (CVE-2007-2867)
A memory corruption vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft XML Signature HMAC Truncation Bypass (MS10-041) - Ver2 (CVE-2009-0217)
The Microsoft .NET Framework is a component of the Microsoft Windows operating system that enables building and running software applications and Web services. A tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without...
EMC AlphaStor Device Manager Command Injection Improved performance - Ver2 (CVE-2013-0928)
A command injection vulnerability has been reported in EMC AlphaStor Device Manager. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a malicious request containing a specially crafted parameter to the target server. Successful...
Oracle Web Cache Admin Module Multiple GET Request Method DoS - Ver2 (CVE-2002-0386)
A denial-of-service vulnerability has been reported in Oracle Application Server. An attacker could exploit this vulnerability via an HTTP GET request containing a ". Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affecte...
GNOME Vino VNC Server Denial of Service - Ver2 (CVE-2013-5745)
A denial of service vulnerability exists in GNOME Vino VNC Server. The vulnerability is caused by an infinite loop error in the rfbProcessClientMessage function in rfbserver.c.The vulnerability is due to improper handling of input which results in a loop with an unreachable exit condition.A remot...
Microsoft Windows Remote Desktop Protocol Code Execution (MS12-020) - Ver2 (CVE-2012-0002)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way that the Remote Desktop Protocol RDP accesses an object in memory that has been improperly initialized or has been deleted. A remote attacker may exploit this issue by...
Mozilla Firefox Download Directory File Deletion - Ver2 (CVE-2004-2225)
A vulnerability in the way Mozilla Firefox handles file download operations has been reported. The vulnerability is triggered when a victim saves a remote resource that uses a specific scheme. An attacker could exploit this vulnerability to remove files in the user download directory...
Apache HTTP Server mod_rewrite RewriteLog Command Execution - Ver2 (CVE-2013-1862)
A command execution vulnerability has been reported in Apache HTTP web server modrewrite. The vulnerability is due to a lack of input validation in handling certain escape sequences when writing to the log file. A remote attacker can exploit these vulnerabilities by sending a specially crafted HT...
Microsoft Internet Explorer Malformed BMP File Buffer Overrun Code Execution - Ver2 (CVE-2004-0566)
A code execution vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Internet Explorer onCellChange Event Memory Corruption (MS11-003) - Ver2 (CVE-2011-0035)
A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted when parsing specially crafted Web content. . To trigger this issue, an attacker...
Microsoft Office Double Delete Remote Code Execution (MS14-069) - Ver2 (CVE-2014-6333)
A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is due to an error in Microsoft Word while parsing a specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted document with an affected versi...
McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite - Ver2 (CVE-2005-3657)
The McAfee Security Center application is meant to allow users to set preferences and settings for numerous installed McAfee components and services, such as the anti-virus component VirusScan, the Personal Firewall Plus, the Privacy Service, or the SpamKiller component. The Security Control Cent...
WebGate WESPSDK WESPDiscovery Stack Buffer Overflow (CVE-2015-2100)
A code execution vulnerability exists in WebGate WESPSDK that is shipped with multiple WebGate products. The vulnerability is due to a stack buffer overflow in the TCPDiscovery and TCPDiscovery2 methods of the WESPDiscovery.WESPDiscoveryCtrl ActiveX control. A remote attacker could exploit this...
Linux Kernel nfsd CAP_MKNOD Security Bypass - Ver2 (CVE-2009-1072)
Linux is a popular open-source operating system in which the kernel and other programs related to the operating systems are developed by a group of volunteers. The Linux kernel supports a great number of features, including networking, file system, graphics protocols and standards. A security...
Microsoft IIS 5.0 ISAPI Internet Printing Protocol Extension Buffer Overflow - Ver2 (CVE-2001-0241)
A buffer overflow in this extension IIS 5.0 can permit remote attackers to execute arbitrary code on the web server with the same privileges as the web server. The ISAPI .printer extension permits the submitting and controlling of print jobs over HTTP. There exists an unchecked buffer in the Host...
Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)
A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to incorrect implementation of the SigComp UDVM Dissector. An attacker can exploit this issue by sending a malicious sigComp traffic in the internet...
Microsoft HSC URL Remote Code Execution (MS04-015) - Ver2 (CVE-2004-0199)
A vulnerability exists in the way Microsoft Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to download and execute malicious programs on a...
Mozilla Firefox mozgrid Modification Denial of Service - Ver2 (CVE-2006-1738)
A denial-of-service vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird, Mozilla SeaMonkey and Mozilla Suite. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
ILife Photocast XML Title Format String Code Execution - Ver2 (CVE-2007-0051)
A code execution vulnerability has been reported in Apple iPhoto. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CUPS Malformed Traversal HTTP Request DOS - Ver2 (CVE-2005-2874)
A denial-of-service vulnerability has been reported in Easy Software Products Cups. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
BitDefender Antivirus Logging Function Format String - Ver2 (CVE-2005-3154)
The SOFTWIN BitDefender Antivirus AV product is an anti-virus scanner capable of on-demand as well as email scanning operations. The AV scanner logs by default all results of scans that it performs on the host machine. The logs include positive as well negative virus pattern matches. There exists...
Microsoft DirectShow Size Validation Remote Code Execution (MS09-028) - Ver2 (CVE-2009-1539)
Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The vulnerability is due to an error in the Microsoft DirectShow component that fails to properly validate certain size fields within...
Drupal Core XML-RPC Endpoint xmlrpc.php Internal Entity Expansion Denial of Service - Ver2 (CVE-2014-5265)
A denial of service vulnerability has been reported in Drupal Core. This can cause a very high CPU load and memory exhaustion. A remote unauthenticated attacker can exploit this vulnerability to cause a denial of service on the vulnerable system...
Sami HTTP Server GET Request Denial of Service - Ver2 (CVE-2007-0548)
A denial-of-service vulnerability has been reported in Karjasoft Sami HTTP Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Ingres Database Communications Server Component Heap Buffer Overflow - Ver2 (CVE-2007-3334)
Ingres developed a relational database product named Ingres Database. Ingres Database is made available for both Windows and Unix-like platforms. The product is embedded by other software vendors such as Computer Associates CA. A heap buffer overflow vulnerability exists in Ingres Database...
Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)
A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to incorrect implementation of the SigComp UDVM Dissector. An attacker can exploit this issue by sending a malicious sigComp traffic in the internet...
McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite - Ver2 (CVE-2005-3657)
The McAfee Security Center application is meant to allow users to set preferences and settings for numerous installed McAfee components and services, such as the anti-virus component VirusScan, the Personal Firewall Plus, the Privacy Service, or the SpamKiller component. The Security Control Cent...
Microsoft RPCSS Denial of Service RPCSYSAC badUNClen - Ver2 (CVE-2004-0116)
A denial-of-service vulnerability has been reported in Microsoft Windows XP, Microsoft Windows 2000 and Microsoft Windows Server 2003. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Anzeigenmarkt 2011 index.php q Parameter SQL Injection - Ver2 (CVE-2011-1667)
An SQL injection vulnerability has been reported in Xmedien Anzeigenmarkt. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Microsoft Internet Explorer Data Binding Memory Corruption - Ver2 (CVE-2008-4844)
A memory corruption vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apple QuickTime PICT Image Parsing Malformed Records - Ver2 (CVE-2009-0010)
Apple QuickTime is a multimedia player that supports a wide range of media formats. A buffer overflow vulnerability has been reported in Apple QuickTime. A remote attacker can exploit this vulnerability via a specially crafted PICT file - an image file format that can be processed by the QuickTim...
Microsoft DirectShow MPEG 3 Channel Mode Memory Corruption - Ver2 (CVE-2010-1882)
A memory corruption vulnerability has been reported in Microsoft Windows XP, Microsoft Windows Server 2003 x64 64-bit and Microsoft Windows Server 2003. An attacker could exploit this vulnerability via an MPEG Layer-3 audio stream in a crafted media file or crafted streaming content. Successful...
Microsoft Office Bad Index Remote Code Execution (MS14-069) - Ver2 (CVE-2014-6334)
A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is due to an error in Microsoft Word while parsing a specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted document with an affected versi...
GrapAgenda index.php page Parameter PHP Code Execution - Ver2 (CVE-2006-4610)
A code execution vulnerability has been reported in Graphiks Grapagenda. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Browser Embedded Media Player Memory Corruption (MS10-082) - Ver2 (CVE-2010-2745)
Windows Media Player is a feature of the Windows operating system for personal computers. It is used for playing audio and video. A remote code execution vulnerability has been reported in Windows Media Player. The vulnerability is due to an error in the Windows Media Player that improperly...
ISC BIND EDNS Option Processing Denial of Service - Ver2 (CVE-2014-3859)
A denial of service vulnerability has been reported in ISC BIND. The vulnerability is caused by an assertion failure when processing the EDNS option. A remote attacker may exploit this vulnerability by sending a specially crafted query to the affected servers. Successful exploitation would result...
SOAPUI Remote Code Execution - Ver2 (CVE-2014-1202)
A code execution vulnerability has been reported in Eviware SoapUI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows AVI Processing Malformed Header Code Execution (MS09-038) - Ver2 (CVE-2009-1545)
Audio Video Interleave AVI is a special case of Resource Interchange File Format RIFF. This file type used with applications that capture, edit, and play back audio-video sequences. A remote code execution vulnerability has been discovered in the way Microsoft Windows handles specially crafted AV...
Apple Safari KWQListIteratorImpl HTML Tag Handling DoS - Ver2 (CVE-2006-1986)
A denial-of-service vulnerability has been reported in Apple Safari. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Ultra Mini HTTPD Resource Name Request Handling Stack Buffer Overflow - Ver2 (CVE-2013-5019)
A buffer overflow vulnerability has been reported in Vector Ultra Mini HTTPD. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Internet Explorer HTML Help Remote Code Execution (MS05-001) - Ver2 (CVE-2004-1043)
Microsoft Internet Explorer executes with the concept of security zones, which enables the browser to apply different security policies based on the origin of the file that is being rendered. For instance, separate restrictions may be set for remote content and for local content. As a rule,...
Persistent Systems Radia Client Automation Command Execution - Ver2 (CVE-2015-1497)
A command execution vulnerability exists in Persistent Systems Radia Client Automation. The vulnerability is due to missing authentication while processing requests to the radexecd process. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to the affecte...
Zavio IP Camera Firmware 1603 OS Command Injection - Ver2 (CVE-2013-2570)
A command injection vulnerability has been reported in Zavio F3105 and F312A IP cameras. The vulnerability is due to an input passed via the 'General.Time.NTP.Server' function, when parameter is not properly sanitized upon submission to the subC8C8 function in /opt/cgi/view/param. Successful...
Microsoft Windows Graphics Rendering Engine Buffer Overflow (MS04-032) - Ver2 (CVE-2004-0209)
The Microsoft Windows Metafile Format WMF is used to store pictures and other graphical renderings as either vector or bitmap-format graphical data. The vector data stored in WMF files is described as Microsoft Windows Graphics Device Interface GDI commands. The WMF format is the original 16-bit...
Interactive Data eSignal Listener Buffer Overflow - Ver2 (CVE-2004-1868)
eSignal is a real-time market data and support tool provided by Interactive Data Corporation. The product supplies financial market data and more for traders over the internet. To facilitate the receipt of incoming data, eSignal opens a local, listening socket on TCP Port 80. There exists a buffe...
Microsoft Windows Task Scheduler Buffer Overflow attack - Ver2 (CVE-2004-0212)
A buffer overflow vulnerability has been reported in Microsoft Windows. A remote attacker can cause arbitrary code execution resulting in a loss of integrity using a specially crafted .job file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code ...
Lotus Notes URI Handler Argument Injection - Ver2 (CVE-2004-0480)
A code execution vulnerability has been reported in IBM Lotus Notes. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...