13538 matches found
Microsoft Scripting Runtime Object Library Use-After-Free Code Execution (MS13-099) - Ver2 (CVE-2013-5056)
A remote code execution vulnerability has been reported in the Microsoft Scripting Runtime Object Library. The vulnerability is caused due to an error in the way Microsoft Scripting Runtime Object Library handles objects in memory. A remote attacker can exploit this issue by enticing a user to op...
Microsoft Fax Cover Page Editor Buffer Overflow - Ver2 (CVE-2010-4701)
A heap buffer overflow vulnerability has been discovered in Microsoft Windows Fax Services. The Windows Fax Service is a component that allows a Windows system to act as a Fax server. One of the tools within this fax suite is the Fax Console, which allows a user to monitor the sending and receivi...
Apache HTTP Server mod_dav MERGE Request Denial of Service - Ver2 (CVE-2013-1896)
A denial of service vulnerability has been reported in the moddav component of Apache HTTP Server. The vulnerability is due to a NULL pointer dereference when processing a MERGE request with a URI whose source href points to a non-DAV configured URI. A remote attacker can send a crafted HTTP...
Microsoft Active Directory LDAP Modify Request Buffer Overflow (MS07-039) - Ver2 (CVE-2007-0040)
Lightweight Directory Access Protocol LDAP is Internet standard protocol designed for querying and modifying directory services. Multiple vulnerabilities have been reported in Microsoft Windows Active Directory. The flaws are in the way the Active Directory handles LDAP requests. The...
Windows Explorer (explorer.exe) AVI Right Click Denial of Service - Ver2 (CVE-2007-0562)
A denial-of-service vulnerability has been reported in Microsoft Windows Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Excel Obj BIFF Record Boundary Access (MS11-045) - Ver2 (CVE-2011-1272)
Microsoft Excel is a popular spreadsheet application. A vulnerability has been identified in Microsoft Excel. A remote attacker could exploit this issue via a malformed Excel file. A remote code execution vulnerability exists in the way that Microsoft Excel handles specially crafted Excel files. ...
OpenSSL TLS Connection Record Handling Denial of Service - Ver2 (CVE-2010-0740)
OpenSSL is an open-source library that implements Secure Sockets Layer SSL and Transport Layer Security TLS protocol functionality. A remote attacker may exploit this vulnerability to create a denial of service condition. The vulnerability is due to an error in the OpenSSL ssl3getrecord function...
Chicken of the VNC Hostname Size Denial of Service - Ver2 (CVE-2007-0756)
A denial-of-service vulnerability has been reported in Chicken Of The Vnc Chicken Of The Vnc. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Symantec Workspace Streaming XML-RPC Arbitrary File Upload - Ver2 (CVE-2014-1649)
An arbitrary file upload vulnerability has been reported in Symantec Workspace. The vulnerability is due to lack of access control validation in the functionality used to process XMLRPC requests. A remote unauthenticated attacker could exploit this vulnerability by a sending specially crafted...
Internet Explorer RDSDataControlURL DoS - Ver2 (CVE-2006-3510)
A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Office Art Drawing Records Code Execution (MS10-087) - Ver2 (CVE-2010-3334)
Microsoft Office is an office suite of inter-related desktop applications, servers and services for the Microsoft Windows and Mac OS X operating systems. A remote attacker could exploit this issue via a malformed Office file. Successful exploitation of this vulnerability may allow execution of...
LCDProc test_func_func Format String Code Execution - Ver2 (CVE-2004-1917)
A code execution vulnerability has been reported in Lcdproc. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache 2 mod_ssl Connection Abort Denial of Service possible attack - Ver2 (CVE-2004-0748)
A denial-of-service vulnerability has been reported in Apache Software Foundation Apache HTTP Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Novell eDirectory evtFilteredMonitorEventsRequest Invalid free Code Execution - Ver2 (CVE-2006-4510)
A code execution vulnerability has been reported in Novell eDirectory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Internet Explorer XML Object Type Validation Code Execution - Ver2 (CVE-2003-0809)
A code execution vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft DNS Server RPC Management Interface Buffer Overflow (MS07-029) - Ver2 (CVE-2007-1748)
The DNS server service is a component that provides name resolution services to a network.A buffer overflow vulnerability has been reported in the Microsoft Windows Domain Name System DNS Server services.An attacker may exploit this vulnerability to execute arbitrary code on a target system via a...
MIT Kerberos ASN.1 asn1_decode_generaltime Uninitialized Pointer Reference - Ver2 (CVE-2009-0846)
MIT Kerberos V5 is an implementation of the Kerberos protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. The MIT Kerberos V5 server utilizes the encrypted SUN-RPC protocol to communicate with its remote...
Microsoft Graphics Component Memory Corruption (MS14-007) - Ver2 (CVE-2014-0263)
A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted GIF files. A remote attacker can exploit this issue by enticing a user to view GIF files in shared content. Successful exploitatio...
Internet Explorer Event Handling Memory Corruption (MS10-071) - Ver2 (CVE-2010-3326)
Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted. To trigger this issue, an attacker may create a malicious web page that will...
HP Data Protector Opcode 45 and 46 Code Execution - Ver2 (CVE-2013-2348)
Multiple vulnerabilities have been reported in HP Data Protector. Both vulnerabilities are due to insufficient input validation on a string supplied with a message containing opcodes 45 or 46. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the...
Internet Explorer Center Element Remote Code Execution (MS12-037) - Ver2 (CVE-2012-1523)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object that has been deleted. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a...
Microsoft WINS Service Memory Overwrite Buffer Overflow - Ver2 (CVE-2004-0567)
A buffer overflow vulnerability has been reported in Microsoft Windows Server 2003, Microsoft Windows 2000 and Microsoft Windows NT. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Windows Secure Sockets Layer Version 3.0 - Ver2 (CVE-2004-0120)
Secure Socket Layer SSL is a cryptographic protocol that provides security and data integrity for communications over TCP/IP networks. The protocol is considered obsolete and insecure. This protection can detect and prevent connections attempting to use this protocol. In particular, this protecti...
MostGear Soft EasyLan Folder Share 320100 Activation Denial of Service - Ver2 (CVE-2013-6079)
A denial-of-service vulnerability has been reported in Mostgear Easy Lan Folder Share. An attacker could exploit this vulnerability via a long string in the registration code field in the activate license window or the HKLMSOFTWAREMostGearEasyLanFolderShareV1License registry key. Successful...
Microsoft Windows WebDav Mini-Redirector Heap Buffer Overflow (MS08-007) - Ver2 (CVE-2008-0080)
Web Distributed Authoring and Versioning WebDAV is a set of extensions for HTTP that allows allow clients to publish, lock, and manage resources on the Web. . The vulnerability is due to an error in the Microsoft Windows WebDAV Mini-Redirector that fails to properly handle malformed WebDAV...
Microsoft SChannel TLSv1 Denial of Service (MS10-085) - Ver2 (CVE-2010-3229)
The Secure Channel SChannel security package is a Security Support Provider SSP that implements the Secure Sockets Layer SSL and Transport Layer Security TLS Internet standard authentication protocols. SChannel is part of the security package that helps provide an authentication service to provid...
Novell Groupwise Addressbook Integer Overflow - Ver2 (CVE-2012-0418)
A code execution vulnerability has been reported in Novell GroupWise. The vulnerability is due to a heap buffer overflow while parsing tokens within a specially crafted Novell Address Book .nab file. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .n...
Microsoft PowerPoint Converter TPrint Record Handling Error (MS09-017) - Ver2 (CVE-2009-0227)
Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A stack buffer overrun vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafte...
Joomla Component com_webring Remote File Inclusion - Ver2 (CVE-2006-4129)
A file inclusion vulnerability has been reported in Joomla Webring Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Siemens Gigaset SE361 WLAN Remote Reboot Exploit Denial of Service - Ver2 (CVE-2009-3322)
A denial-of-service vulnerability has been reported in Siemens Gigaset SE361 WLAN router. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Wireshark LWRES Dissector getaddrsbyname Buffer Overflow - Ver2 (CVE-2010-0304)
A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to insufficient boundary checking in the getaddrsbyname method. A remote attacker may exploit this vulnerability by sending an overly long string parameter to this method. Successful exploitation would allow...
CVS Entry Line Flag Remote Heap Overflow - Ver2 (CVE-2004-0396)
Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...
Dell OpenManage Web Server Buffer Overflow - Ver2 (CVE-2004-0331)
A buffer overflow vulnerability exist in Dell's OpenManage Web Server. The vulnerability is due to an boundary error when handling application parameter. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted request to the vulnerable server...
UltraVNC VNCLog Buffer Overflow - Ver2 (CVE-2006-1652)
UltraVNC is an open source client/server remote control application which uses the Virtual Network Computing VNC protocol. The VNC protocol allows a user to control a remote host by sending mouse and keyboard events, and receiving screen and sound updates. UltraVNC offers several extra features a...
Apple Computer Finder DMG Volume Name Memory Corruption - Ver2 (CVE-2007-0197)
Apple Computer Mac OS X is the operating system bundled with Apple Macintosh computers. The graphical user interface shell of Mac OS X, Finder, allows for graphical browsing of the system. The Finder is also responsible for user-management of files, disks, network volumes and the launching of oth...
Multiple Products Directory Server LDAP Buffer Overflows - Ver2 (CVE-2006-0717)
An error was found in the way several LDAP servers from several vendors handle malformed LDAP requests. This can be exploited to crash the service via a specially-crafted request sent to the LDAP server port...
Malware evasion Security Bypass - Ver2 (CVE-2012-1427)
A security bypass vulnerability has been reported in Cat Quick HealCat Quick Heal. An attacker could exploit this vulnerability via a POSIX TAR file with a 57696E5A6970 character sequence at a certain location. Successful exploitation of this vulnerability would allow remote attackers to bypass...
Microsoft Web Services on Devices API Memory Corruption (MS09-063) - Ver2 (CVE-2009-2512)
The WSDAPI is an implementation of the Devices Profile for Web Services DPWS for Windows Vista and Windows Server 2008. The DPWS constrains Web Services specifications so that clients can easily discover devices. A remote code execution vulnerability has been reported in the Web Service on Device...
Mozilla Firefox Design Mode Deleted Style Reference Memory Corruption - Ver2 (CVE-2007-3734)
A memory corruption vulnerability has been reported in Mozilla Firefox and Mozilla Thunderbird. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
RealNetworks HELIX Server Denial of Service - Ver2 (CVE-2004-0389)
A denial-of-service vulnerability has been reported in Realnetworks Helix Universal Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Pegasus Imaging ImagXpress ActiveX File Directory Traversal - Ver2 (CVE-2007-5320)
A directory traversal vulnerability has been reported in Pegasus Imaging Imagxpress. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the affected system...
CA ARCserve D2D GWT RPC Request Credentials Disclosure - Ver2 (CVE-2011-3011)
A credentials disclosure vulnerability has been reported in CA ARCserve D2D. The vulnerability is due to an error while processing Google Web Toolkit GWT RPC requests. A remote attacker can exploit this vulnerability by sending a specially crafted RPC request to an affected server. Successful...
Dell OpenManage Web Server Buffer Overflow - Ver2 (CVE-2004-0331)
A buffer overflow vulnerability exist in Dell's OpenManage Web Server. The vulnerability is due to an boundary error when handling application parameter. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted request to the vulnerable server...
Microsoft Office Project Memory Validation Remote Code Execution (MS09-074) - Ver2 (CVE-2009-0102)
Microsoft Project is a project management software program designed to assist project managers to stay informed, keep project teams aligned, increase productivity and control project work, schedules, and finances. A remote code execution vulnerability has been identified in the way Microsoft...
Joomla Component com_webring Remote File Inclusion - Ver2 (CVE-2006-4129)
A file inclusion vulnerability has been reported in Joomla Webring Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVS Max-dotdot Protocol Command Integer Overflow - Ver2 (CVE-2004-0417)
Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...
UltraVNC VNCLog Buffer Overflow - Ver2 (CVE-2006-1652)
UltraVNC is an open source client/server remote control application which uses the Virtual Network Computing VNC protocol. The VNC protocol allows a user to control a remote host by sending mouse and keyboard events, and receiving screen and sound updates. UltraVNC offers several extra features a...
CVS Entry Line Flag Remote Heap Overflow - Ver2 (CVE-2004-0396)
Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...
Microsoft Graphics Device Interface Integer Overflow - Ver2 (CVE-2013-3940)
An integer overflow vulnerability has been reported in the way that the Windows Graphics Device Interface GDI processes specially crafted image files. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted Windows Write file. Successful exploitation of this...
Apache HTTP Server mod_deflate Denial of Service - Ver2 (CVE-2014-0118)
A denial of service vulnerability exists in Apache HTTP server. The vulnerability exists in the moddeflate module and is due to a resource exhaustion that is related to request body decompression configuration. A remote, unauthenticated attacker can leverage this vulnerability by sending a...