13538 matches found
Wim Fleischhauer Docpile INIT_PATH Parameter PHP Code Execution - Ver2 (CVE-2006-4076)
A code execution vulnerability has been reported in Wim Fleischhauer Docpile. An attacker could exploit this vulnerability via a URL in the INITPATH parameter to lib/access.inc.php, lib/folders.inc.php, lib/init.inc.php or lib/templates.inc.php. Successful exploitation of this vulnerability could...
Microsoft Word RTF Stylesheet Control Word Memory Corruption - Ver2 (CVE-2008-4031)
A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in Microsoft Word that fails to properly handle malformed Rich Text Format. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on t...
Windows URI Handling Arbitrary Code Execution - Ver2 (CVE-2007-5020)
A code execution vulnerability has been reported in Adobe Acrobat and Adobe Acrobat Reader. An attacker could exploit this vulnerability via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. Successful exploitation of this vulnerability could allow a remote...
Microsoft Access Snapshot Viewer ActiveX Control Arbitrary File Download - Ver2 (CVE-2008-2463)
Microsoft Snapshot Viewer is an application that allows viewing of snapshots created with any version of Microsoft Access. A remote code execution vulnerability has been discovered in the Snapshot Viewer for Microsoft Access. The vulnerability is due to an error in the Snapshot Viewer ActiveX...
Apple Webkit HTML Parsing Rowspan Denial of Service - Ver2 (CVE-2007-0342)
A denial-of-service vulnerability has been reported in Apple Mac OS X. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Adobe Reader cooltype.dll Remote Code Execution - Ver2 (CVE-2010-2862)
A code execution vulnerability has been reported in Adobe Reader. The vulnerability is due to the cooltype. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition and execute arbitrary code on the affected system...
Microsoft Excel HFPicture Record Stack Overflow (MS10-038) - Ver2 (CVE-2010-1248)
Microsoft Excel is a popular spreadsheet application. A stack overflow vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this flaw by...
Microsoft DirectShow QuickTime Movie Parser Filter Code Execution - Ver2 (CVE-2009-1537)
Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The QuickTime Movie Parser filter splits Apple QuickTime data into audio and video streams. The vulnerability is due to the way Microsof...
Internet Explorer JavaScript window() Memory Corruption (MS05-054) - Ver2 (CVE-2005-1790)
Microsoft Internet Explorer is a web browser capable of displaying HTML encoded pages, downloading files, etc. This application has a built-in JavaScript interpreter. It is also capable of using Document Object Model DOM objects, in particular by providing access to them through JavaScript. A...
Apple Safari for Windows URL Address Spoofing - Ver2 (CVE-2008-1999)
An address spoofing vulnerability has been reported in Apple Safari. Successful exploitation of this vulnerability would allow a remote attacker to spoof the contents of the address of bar on te victims web browser...
Compface File long declaration Buffer Overflow - Ver2 (CVE-2009-2286)
A buffer overflow vulnerability has been reported in James Ashton Compface. An attacker could exploit this vulnerability by using a long declaration in a .xbm file. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected...
ActiveCampaign 1-2-All Broadcast Email sername Parameter SQL Injection - Ver2 (CVE-2005-3679)
An SQL injection vulnerability has been reported in Activecampaign 1-2-all Broadcast Email. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Apple QuickTime STSD JPEG Atom Heap Corruption - Ver2 (CVE-2009-0007)
A memory corruption vulnerability has been reported in Apple's QuickTime. The vulnerability is due to lack of boundary checks while processing the JPEG atoms embedded in the STSD atom in QuickTime movie files. Successful exploitation of this vulnerability could allow a remote attacker to execute...
Mozilla Firefox InstallTrigger.install Method Denial of Service - Ver2 (CVE-2006-1790)
A denial-of-service vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows MSDTC Denial of Service - Ver2 (CVE-2006-1184)
A denial-of-service vulnerability has been reported in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Outlook MIME Email Message Parsing Remote Code Execution - Ver2 (CVE-2013-3870)
A code execution vulnerability has been reported in Microsoft Outlook. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Reader Libtiff TIFFFetchShortPair Stack Buffer Overflow - Ver2 (CVE-2010-0188)
A buffer overflow vulnerability has been reported in the way Adobe Acrobat. The vulnerability is due to a boundary checks error while parsing crafted PDF documents. A remote attacker could exploit this vulnerability by enticing target users to open a malicious PDF document in a vulnerable version...
GDI WMF File Rendering Code Execution - Ver2 (CVE-2005-2124)
A code execution vulnerability has been reported in Microsoft GDI. An attacker could exploit this vulnerability via a crafted Windows Metafile WMF format image. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Squery libpath Parameter PHP Code Execution - Ver2 (CVE-2006-1610)
A code execution vulnerability has been reported in Squery. An attacker could exploit this vulnerability via a URL in the libpath parameter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
OpenSwan and StrongSwan DPD Packet Remote Denial of Service - Ver2 (CVE-2009-0790)
A denial-of-service vulnerability has been reported in OpenswanOpenswan Openswan. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Mozilla Firefox CSS letter-spacing Heap Overflow - Ver2 (CVE-2006-1730)
A buffer overflow vulnerability has been reported in Mozilla Firefox. The vulnerability is due to an integer overflow leading to an insufficient buffer allocation while rendering the CSS spacing. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...
Internet Explorer EMF File Rendering Denial of Service - Ver2 (CVE-2005-0803)
A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. An attacker could exploit this vulnerability via a crafted Enhanced Metafile EMF file that causes invalid end, emreof, or palent offsets to be used. Successful exploitation of this vulnerability would allow a remo...
Multiple Antivirus Products RAR Parser MZ Character Sequence Security Bypass - Ver2 (CVE-2012-1443)
A security bypass vulnerability has been reported in multiple antivirus products. An attacker could exploit this vulnerability via a RAR file with an initial MZ character sequence. Successful exploitation of this vulnerability would allow remote attackers to bypass security tests and protocols on...
Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)
The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...
Microsoft Windows Trojan Client Remote Code Execution - Ver2 (CVE-1999-0660)
A code execution vulnerability has been reported in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Oracle Outside In OS2 Metafile Parser Stack Buffer Overflow - Ver2 (CVE-2013-5763)
A code execution vulnerability has been reported in Oracle Outside In. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Office PNG File Parsing Buffer Overflow - - Ver2 (CVE-2013-1331)
A buffer overflow vulnerability has been reported in Microsoft Office. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apple Iphone OS Springboard Application Malformed Character Denial of Service - Ver2 (CVE-2010-1226)
A denial-of-service vulnerability has been reported in Apple Iphone OS. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Apache Win32 DOS Batch File Arbitrary Command Execution - Ver2 (CVE-2002-0061)
A command execution vulnerability has been reported in Apache Software Foundation Apache HTTP Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Adobe Multiple Products PDF JavaScript Method Buffer Overflow - Ver2 (CVE-2007-5659)
A buffer overflow vulnerability has been reported in multiple Adobe products. The vulnerability is due to insufficient input validation in certain JavaScript methods. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or...
Microsoft Office RTF File listid Use-After-Free - Ver2 (CVE-2012-2528)
A use-after-free vulnerability has been reported in Microsoft Office Word. The vulnerability is due to a memory handling error while parsing specially crafted RTF Rich Text Format files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...
Novell ZENworks Asset Management File Upload Directory Traversal - Ver2 (CVE-2010-4229)
The vulnerability is triggered when the application processes specially crafted POST request. . A directory traversal vulnerability has been reported in Novell ZENworks Configuration Management. This is a directory traversal vulnerability in Novell ZENworks Configuration Management. The...
WebShag Security Scanner
WebShag is a vulnerability scanning product. Remote attackers can use WebShag to detect vulnerabilities on a target server...
Ruby on Rails JSON Processor YAML Deserialization Code Execution - Ver2 (CVE-2013-0333)
A code execution vulnerability has been reported in Ruby on Rails. The vulnerability is due to an input validation error when JSON Processor deserializes YAML. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code within the context of the underlying web serve...
Lotus Notes RIM connector for Blackberry Desktop Manager ActiveX Denial of Service - Ver2 (CVE-2009-3038)
A denial-of-service vulnerability has been reported in Ibm Lotus Notes Connector. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Windows ANI file Denial of Service - Ver2 (CVE-2007-1765)
A denial-of-service vulnerability has been reported in Microsoft Windows. An attacker could exploit this vulnerability via a malformed ANI file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
AWStats rawlog Plugin File Information Disclosure - Ver2 (CVE-2005-0435)
An information disclosure vulnerability has been reported in Awstats. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information...
EasyMail Object EMSMTP.DLL ActiveX Control Buffer Overflow - Ver2 (CVE-2007-4607)
A buffer overflow vulnerability has been reported in Quiksoft EasyMail. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Paint JPEG Image Parsing Integer Overflow - Ver2 (CVE-2010-0028)
An integer overflow vulnerability has been reported in Microsoft Paint. The vulnerability is due to an integer overflow error when Microsoft Paint fails to properly decode a malformed JPEG image file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary...
Oracle Java and JavaFX JPEGImageReader Memory Corruption - Ver2 (CVE-2013-2430)
A memory corruption vulnerability has been reported in Oracle Java and JavaFX. The vulnerability is due to improper safeguards against object manipulation. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page. Successful exploitation o...
Novell Groupwise 8.02 Addressbook Memory Corruption - Ver2 (CVE-2011-4189)
A code execution vulnerability has been reported in Novell GroupWise. The vulnerability is due to a heap buffer overflow while parsing tokens within a specially crafted Novell Address Book .nab file. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .n...
Microsoft Office Excel SxView Record Memory Corruption - Ver2 (CVE-2009-3128)
A memory corruption vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. Successful exploitation of this vulnerability could allow a remote attacker to execute...
Microsoft Word RTF Control Word Handling Integer Overflow (MS08-072) - Ver2 (CVE-2008-4025)
Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...
IBM WebSphere Application Server Cross-Site Scripting - Ver2 (CVE-2009-0855)
A cross-site scripting vulnerability has been reported in IBM WebSphere Application Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Adobe Reader and Acrobat TTF MINDEX Code Execution (APSB12-08) - Ver2 (CVE-2012-0774)
A remote code execution vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
IBM Forms Viewer XFDL Form Processing Stack Buffer Overflow - Ver2 (CVE-2013-5447)
A buffer overflow vulnerability has been reported in IBM Forms Viewer. The vulnerability is due to an error when processing XFDL forms and can be exploited to cause a stack-based buffer overflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...
PHPenpals profile.php personalID Parameter SQL Injection - Ver2 (CVE-2006-0074)
An SQL injection vulnerability has been reported in Jevontech Phpenpals. An attacker could exploit this vulnerability via the personalID parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Wim Fleischhauer Docpile URL in INIT_PATH Parameter PHP Code Execution - Ver2 (CVE-2006-4075)
A code execution vulnerability has been reported in Wim Fleischhauer Docpile. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Veritas Backup Exec Server Remote Registry Access Code Execution - Ver2 (CVE-2005-0771)
A code execution vulnerability has been reported in Veritas Backup Exec Server. Successful exploitation of this vulnerability could allow a remote attacker to modify the registry and execute arbitrary methods via RPC on the affected system...
Microsoft Windows Kernel Input Validation Remote Code Execution - Ver2 (CVE-2009-0081)
A code execution vulnerability has been reported in The Windows kernel. The vulnerability is due to an error in the Windows kernel that fails to properly validate input passed from user mode through the kernel component of GDI. Successful exploitation of this vulnerability could allow a remote...