13538 matches found
g01pack Exploit Kit Remote Code Execution
g01pack exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with g01pack exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to download additional malware t...
Sophos Web Appliance SophosConfig Write Command Execution (CVE-2014-2850)
A command execution vulnerability has been reported in Sophos Web Appliance. The vulnerability is due to an error in the sanitization function. A remote authenticated attacker could exploit this vulnerability by placing specially crafted data in a request...
Mozilla Firefox generateCRMFRequest Remote Code Execution (CVE-2012-3993; CVE-2013-1710)
A remote code execution vulnerability has been reported in Mozilla Firefox. The Chrome Object Wrapper COW implementation does not properly interact with failures of InstallTrigger methods. By exploiting this, remote attacker could execute arbitrary JavaScript code with chrome privileges via a...
TLS Invalid Cipher Suites Denial of Service
A denial of service vulnerability has been reported in servers using TLS protocol. The vulnerability is due to the server's inability to handle Invalid TLS cipher suites. Remote attackers can exploit this issue by sending specially crafted cipher suites to an affected server...
Adobe Flash Player Buffer Overflow Arbitrary Code Execution (CVE-2014-0515)
An arbitrary code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a buffer overflow while handling specially crafted SWF files. A remote attacker can exploit this vulnerability to execute arbitrary files on the victim's computer...
Sophos Web Appliance change_password Admin Password Privilege Escalation (CVE-2014-2849)
A privilege escalation vulnerability has been reported in Sophos Web Appliance. The vulnerability is due to errors in a changepassword request when handling user input. A remote authenticated attacker could exploit this vulnerability by placing specially crafted data in a changepassword request...
Vortex Media Group Light Alloy M3U File Handling Buffer Overflow (CVE-2013-6874)
A stack buffer overflow vulnerability has been reported in Light Alloy media player. The vulnerability is due to a lack of boundary check when handling M3U files. Successful exploitation could allow arbitrary code execution in the context of the target user...
McAfee Asset Manager ReportsAudit.jsp Input Validation Error (CVE-2014-2587)
An input validation error vulnerability has been reported in McAfee Asset Manager. The vulnerability is due to insufficient input validation on the "user" parameter of "ReportsAudit.jsp". A remote authenticated attacker can exploit this vulnerability to execute SQL commands on the underlying...
Novell ZENworks Configuration Management PreBoot Directory Traversal (CVE-2013-3706)
A directory traversal vulnerability has been reported in Novell ZENworks Configuration Manager. The vulnerability is due to the preboot service which supports an opcode that allows files to be downloaded through directory traversal. A remote attacker can exploit this vulnerability to disclose the...
Microsoft Internet Explorer Remote Code Execution (CVE-2014-1776)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. A remote attacker can exploit this vulnerability by enticing users t...
Apache Struts ParametersInterceptor ClassLoader Security Bypass (CVE-2014-0094; CVE-2014-0112; CVE-2014-0113; CVE-2014-0114)
A security bypass vulnerability exists in Apache Struts. The vulnerability is due to inadequate validation of data processed by ParametersInterceptor allowing for manipulation of the ClassLoader. A remote attacker could exploit this vulnerability by providing a class parameter in a request...
Microsoft Windows File Handling Component Remote Code Execution (MS14-019; CVE-2014-0315)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is caused by Windows improperly restricting the path used for processing .bat and .cmd files. A remote attacker could trigger this flaw by placing a malicious executable in the working directory e.g. a...
Microsoft Windows ME Operating System
Windows ME is an older version of Microsoft Windows. Microsoft ended the support for Windows ME operating system on July 2006...
Microsoft Windows XP Operating System
Windows XP is an older version of Microsoft Windows. Microsoft ended the support for Windows XP operating system on April 8th 2014. As a result computers using the OS might become more vulnerable to security risks and viruses. There are cases in which certain traffic, although not intended for...
Microsoft Windows 98 Operating System
Windows 98 is an older version of Microsoft Windows. Microsoft has ended the support for Windows 98 operating system on July 11th 2006. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...
Microsoft Windows 2000 Operating System
Windows 2000 is an older version of Microsoft Windows. Microsoft has ended the support for Windows 2000 operating system on July 13th 2010. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by I...
Microsoft Windows NT 4.0 Operating System
Windows NT 4.0 is an older version of Microsoft Windows. Microsoft ended the support for Windows NT 4.0 operating system on 2004. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...
Microsoft Windows 3.11 Operating System
Windows 3.11 is an older version of Microsoft Windows. Microsoft ended the support for Windows 3.11 operating system on December 2001. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...
Microsoft Windows 95 Operating System
Windows 95 is an older version of Microsoft Windows. Microsoft ended the support for Windows 95 operating system on December 2001. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...
Nokia PC Suite Video Manager Buffer Overflow - Ver2 (CVE-2012-2442)
A buffer overflow vulnerability has been reported in Nokia Pc Suite. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Internet Explorer vtable Use After Free Memory Corruption - Ver2 (CVE-2013-0021)
A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrar...
Microsoft Excel Column Record Handling Memory Corruption (MS07-002) - Ver2 (CVE-2007-0030)
Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...
Mozilla Browsers JavaScript Navigator Object Memory Corruption - Ver2 (CVE-2006-3677)
Mozilla Firefox and Seamonkey are very popular open source web browsers from Mozilla Foundation, based on the Mozilla Suite code base. The browser is an application designed for tasks related to web browsing, such as displaying HTML pages, downloading files, rendering different media, and so on...
Microsoft Excel File Format OBJECTLINK Record Memory Corruption - Ver2 (CVE-2012-0142)
A memory corruption vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in the way Microsoft Excel handles memory when opening specially crafted Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrar...
Windows Explorer WMF Unspecified Denial of Service - Ver2 (CVE-2007-1090)
A denial-of-service vulnerability has been reported in Microsoft Windows Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Excel EntExU2 Record Memory Corruption - Ver2 (CVE-2010-0257)
A memory corruption inclusion vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. Successful exploitation of this vulnerability could allow a remote attacker to...
Microsoft Word Malformed Data Structures Memory Corruption - Ver2 (CVE-2006-6456)
A memory corruption vulnerability has been reported in Microsoft Office Word. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apple Quicktime for Windows QTPlugin.ocx ActiveX Control Set Buffer Overflow - Ver2 (CVE-2008-0778)
A buffer overflow vulnerability has been reported in Apple Quicktime. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Visual Basic FlexGrid ActiveX Control Rows Parameter Memory Corruption - Ver2 (CVE-2008-4254)
A memory corruption vulnerability has been reported in Microsoft Visual Basic. An attacker could exploit this vulnerability crafted Rows and Cols properties to the ExpandAll and CollapseAll methods, related to access of incorrectly initialized objects and corruption of the system state. Successfu...
Microsoft Office Excel Graphic Object Dereferencing Code Execution - Ver2 (CVE-2011-0977)
A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly handle dereferencing data structures when parsing a specially crafted Office file that contains graphic objects. Successful exploitatio...
Macromedia Shockwave swdir.dll ActiveX Control Remote Stack Buffer Overflow - Ver2 (CVE-2007-1403)
A buffer overflow vulnerability has been reported in Macromedia Shockwave. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft PowerPoint Converter GuideAtom Record Handling Error (MS09-017) - Ver2 (CVE-2009-0225)
Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A memory corruption vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafted...
Microsoft Word TextBox Sub-document Memory Corruption - Ver2 (CVE-2007-1910)
Microsoft Word is a document authoring product released by the Microsoft Corporation. A memory corruption vulnerability has been reported in Microsoft Word. The vulnerability is due to improper validation of a supplied value inside the Main Stream. A remote attacker could exploit this vulnerabili...
Internet Explorer ActiveX Navigate Handling Code Execution (MS08-073) - Ver2 (CVE-2008-4258)
Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Internet Explorer that fails to properly validate parameters made during a method call in the...
Microsoft Publisher Out-of-bounds Array Index Code Execution (MS11-091) - Ver2 (CVE-2011-3410)
A remote code execution vulnerability has been reported in Microsoft Publisher. The vulnerability is caused when Microsoft Publisher does not properly handle values in memory while parsing specially crafted Publisher files. A remote attacker may exploit this vulnerability by convincing a user to...
Apple QuickDraw PICT Images ARGB Records Handling Memory Corruption - Ver2 (CVE-2007-0462)
A memory corruption vulnerability has been reported in QuickDraw. The vulnerability is due to improper handling of PICT image files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PointDev IDEAL Migration and Administration Buffer Overflow - Ver2 (CVE-2009-4265)
A buffer overflow vulnerability has been reported in Pointdev Ideal Administration. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft PowerPoint Integer Underflow Heap Corruption Code Execution - Ver2 (CVE-2010-2573)
A code execution vulnerability has been reported in Microsoft Office PowerPoint. The vulnerability is due to an integer underflow in Microsoft PowerPoint that fails to properly parse specially crafted PowerPoint file. Successful exploitation of this vulnerability could allow a remote attacker to...
Microsoft Office FORMAT Record Code Execution - Ver2 (CVE-2008-3005)
A code execution vulnerability has been reported in Microsoft Office. An attacker could exploit this vulnerability an Excel file with a crafted array index for a FORMAT record. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...
Adobe Acrobat authplay.dll Memory Corruption - Ver2 (CVE-2009-1862)
A memory corruption vulnerability has been reported in Adobe Acrobat, Adobe Acrobat Reader and Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Excel Record Parsing Code Execution - Ver2 (CVE-2011-3403)
A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to improper handling of certain records in Microsoft Excel while parsing malformed Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...
Microsoft Excel FNGROUPNAME Record Uninitialized Memory Code Execution - Ver2 (CVE-2010-0262)
A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitra...
SMF Forum smf.php mosConfig_absolute_path Parameter PHP Code Execution - Ver2 (CVE-2006-3773)
A code execution vulnerability has been reported in Mambo Smf-forum. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Excel SERIES Record Parsing Code Execution (MS12-030) - Ver2 (CVE-2012-1847)
A remote code execution vulnerability has been reported in Microsoft Excel. The vulnerability is due to an error in the way Microsoft Excel handles memory when opening specially crafted Excel files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted Exc...
Novell iPrint Client ActiveX GetPrinterURLList2 Memory Corruption - Ver2 (CVE-2011-4185)
A memory corruption vulnerability has been reported in Novell iPrint Client ActiveX control. The vulnerability is due to improper validation of user-supplied string parameters. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...
Macromedia Shockwave SWDIR.SLL ActiveX Denial of Service - Ver2 (CVE-2006-6885)
A denial-of-service vulnerability has been reported in Macromedia Shockwave. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Excel Version Information Handling Code Execution (MS07-036) - Ver2 (CVE-2008-0081)
Microsoft Excel is a popular spreadsheet application. Multiple vulnerabilities have been identified in Microsoft Excel. A remote attacker could exploit these issues via a malformed Excel file. Successful exploitation of these vulnerabilities may allow execution of arbitrary code on a target syste...
ProShow Gold file based Buffer Overflow - Ver2 (CVE-2009-3214)
A buffer overflow vulnerability has been reported in Photodex Proshow Gold. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Outlook AttachMethods Remote Code Execution - Ver2 (CVE-2010-0266)
A code execution inclusion vulnerability has been reported in Microsoft Office Outlook. The vulnerability is due to an error in Microsoft Office Outlook that fails to properly verify the file extension of an attachment in a specially crafted e-mail message. Successful exploitation of this...
Microsoft Word Access Violation Code Execution - Ver2 (CVE-2011-1983)
A code execution vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in the way Microsoft Word handles objects in memory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...