13538 matches found
VERITAS NetBackup vmd Shared Library Buffer Overflow - ver 2 (CVE-2005-3116)
The Symantec VERITAS NetBackup Server product suite is an enterprise backup system solution available for various platforms. It is capable of performing scheduled automatic backups as well as manual backups invoked by a client. A minimal backup environment consists of backup clients and a master...
Microsoft Office 2013 Token Hijacking Information Disclosure (MS13-104; CVE-2013-5054)
An information disclosure vulnerability has been reported in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office handles specially crafted responses. A remote attacker can exploit this issue by enticing a victim to open an Office file hosted on a malicious website...
NTP Servers Monlist Command Denial of Service (CVE-2013-5211)
There exists a design flaw in NTP servers that can allow attackers to perform DoS attacks against target machines. A remote attacker can leverage this flaw by sending a specially crafted request to an affected NTP server...
Suspicious JavaScript Encoding
Certain evasion tools can obfuscate JavaScript code in order to circumvent security software. Successful exploitation could allow attackers to execute arbitrary code on the target...
JavaScript Payload Encoding
Certain JavaScript obfuscation schemes can be used to circumvent security software. These methods could allow attackers to execute arbitrary code on a target machine...
Adobe Flash Player Type Confusion Arbitrary Code Execution (APSB13-28; CVE-2013-5331)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file. Successful exploitation...
RealNetworks RealPlayer RMP File Heap Buffer Overflow (CVE-2013-6877)
A heap buffer overflow exists in RealNetworks RealPlayer. The vulnerability is due an error when handling RMP files, overly long values for certain tags can result in a heap buffer overflow. A remote unauthenticated attacker could exploit this vulnerability by enticing a user to open a crafted RM...
Zimbra Collaboration Server Local File Inclusion (CVE-2013-7091)
A local file include vulnerability has been reported in Zimbra Collaboration Server. The vulnerability is due to insufficient validation of user-supplied input. A remote attacker can exploit this vulnerability to retrieve sensitive information like LDAP root credentials...
Flashchat aedating4CMS.php dirinc Parameter PHP Code Execution - Ver2 (CVE-2006-4583)
A code execution vulnerability has been reported in FlashChat. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mozilla Firefox Event Handler Privilege Escalation - Ver2 (CVE-2007-3737)
A privilege escalation vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mozilla Firefox New Function Garbage Collection Code Execution - Ver2 (CVE-2006-3803)
A code execution vulnerability has been reported in Mozilla Firefox. A remote attacker could trigger this vulnerability by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object. Successful exploitation of this...
PHP POST File Upload PHP GLOBALS Variable Overwrite Security Bypass - Ver2 (CVE-2005-3390)
A security bypass vulnerability has been reported in PHP. A remote attacker could exploit this vulnerability via a multipart/form-data POST request with a "GLOBALS" fileupload field. Successful exploitation of this vulnerability could allow a remote attacker to bypass security protections of PHP...
WMNews index.php base_datapath Parameter PHP Code Execution - Ver2 (CVE-2006-3928)
A code execution vulnerability has been reported in WMNews. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Ultimate PHP Board User-Agent HTTP Header Code Execution - Ver2 (CVE-2003-0395)
A code execution vulnerability has been reported in Ultimate PHP Board. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apple Safari Webkit Floating Point Data Type Code Execution - Ver2 (CVE-2010-1807)
Safari is a web browsing application developed by Apple. Safari browsing functionality is built around the set of components called WebKit. WebKit is a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. A...
VEGO Web Forum login.php username Parameter SQL Injection - Ver2 (CVE-2006-0067)
An SQL injection vulnerability has been reported in VEGO Links Builder. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Internet Explorer Keystroke Hijack Information Disclosure - Ver2 (CVE-2006-2900)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
PHP POST File Upload Buffer Overflow - Ver2 (CVE-2002-0081)
A buffer overflow vulnerability has been reported in PHP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WebBBS webbbs_config.pl followup Parameter Command Execution - Ver2 (CVE-2002-1993)
A command execution vulnerability has been reported in WebBBS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Solaris rwalld Format String - Ver2 (CVE-2002-0573)
A format string vulnerability has been reported in Sun Solaris. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
FreeBSD Remote NFS RPC Request Denial of Service - Ver2 (CVE-2006-0900)
A denial of service vulnerability was detected in FreeBSD. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Orbit Downloader Long URL Stack Buffer Overflow - Ver2 (CVE-2009-0187)
Orbit Downloader, developed by Orbit Downloader Team, is a graphical download manager for Microsoft Windows operating system. Orbit Downloader works with all major browsers like Opera, Mozilla Firefox, Microsoft Internet Explorer, Maxthon, and Netscape. A buffer overflow vulnerability exists in...
PhpSecurePages secure.php cfgProgDir Parameter PHP Code Execution - Ver2 (CVE-2001-1468)
A code execution vulnerability has been reported in phpSecurePages. A remote attacker could trigger this vulnerability by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code. Successful exploitation of this vulnerability could allow a remote attacke...
ME Download System header.php Parameter PHP Code Execution - Ver2 (CVE-2006-4053)
A code execution vulnerability has been reported in ME Download System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Ultimate Fun Book function.php gbpfad Parameter PHP Code Execution - Ver2 (CVE-2007-1059)
A code execution vulnerability has been reported in Ultimate Fun Book. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Bit 5 Blog processlogin.php username Parameter SQL Injection - Ver2 (CVE-2006-0320)
An SQL injection vulnerability has been reported in Bit 5 Blog. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Apple Safari parent.close Code Execution - Ver2 (CVE-2010-1939)
Safari is a web browsing application developed by Apple. A remote code execution vulnerability has been discovered in Apple Safari. The vulnerability is due to an error in Apple Safari while handling the termination and subsequent referencing between child and parent windows. To trigger this issu...
Microsoft Internet Explorer HTML Dynamic Page Reloading Memory Corruption - Ver2 (CVE-2007-0946)
A memory corruption vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could trigger this vulnerability by enticing a vulnerable target to access a specially crafted HTML document. Successful exploitation of this vulnerability could allow a remote attacker to execut...
AnnoncesV annonce.php page Parameter PHP Code Execution - Ver2 (CVE-2006-4622)
A code execution vulnerability has been reported in AnnonceV. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mac OS X Safari x-man-page URI Terminal Escape Command Execution - Ver2 (CVE-2005-1342)
A command execution vulnerability has been reported in Apple Mac OS X. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Oracle 9i HTTP Server Web Administration Access Privilege Escalation - Ver2 (CVE-2002-0561)
A privilege escalation vulnerability has been reported in Oracle 9i Application Server. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
Microsoft Indexing Service ActiveX Memory Corruption (MS09-057) - Ver2 (CVE-2009-2507)
The Microsoft Windows Indexing Service is a base service that extracts content from files and constructs an indexed catalog to facilitate efficient and rapid searching. A remote code execution vulnerability has been reported in the Microsoft Indexing Service. The vulnerability is caused by an...
Mozilla Firefox CSS Border Width Memory Corruption - Ver2 (CVE-2006-1739)
A memory corruption vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla Seamonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft IIS ASP Handling Code Execution (MS08-006) - Ver2 (CVE-2008-0075)
Microsoft Internet Information Services IIS is a multi-featured server product that ships with all versions of Microsoft. The product provides FTP, SMTP, NNTP and HTTP services. The HTTP component, known as the WWW Publishing Service, allows for the serving of dynamic content, notably in the form...
Mozilla Firefox Style Engine Position Change Memory Corruption - Ver2 (CVE-2006-0294)
A memory corruption vulnerability has been reported in Mozilla Firefox. A remote attacker could trigger this vulnerability by changing an element's style from position:relative to position:static which causes Gecko to operate on freed memory. Successful exploitation of this vulnerability could...
Sabdrimer advanced1.php pluginpath0 Parameter CMS PHP Code Execution - Ver2 (CVE-2006-3520)
A code execution vulnerability has been reported in Sabdrimer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mozilla Firefox Javascript XBL Compilation Code Execution - Ver2 (CVE-2006-1733)
A code execution vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHPjournaler index.php readold Parameter SQL Injection - Ver2 (CVE-2006-0066)
An SQL injection vulnerability has been reported in PHPjournaler. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
OPENi-CMS Plugin index.php oi_dir Parameter PHP Code Execution - Ver2 (CVE-2007-0881)
A code execution vulnerability has been reported inSeitenschutz plugin for OPENi-CMS 1.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHPLiveHelper global.php abs_path Parameter PHP Code Execution - Ver2 (CVE-2006-4051)
A code execution vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
SaveWebPortal SITE_Path Parameter PHP Code Execution - Ver2 (CVE-2005-2687)
A code execution vulnerability has been reported in SaveWebPortal. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Novell Client nwspool.dll EnumPrinters Function Stack Buffer Overflow - Ver2 (CVE-2008-0639)
There exists a buffer overflow vulnerability in the way Novel Client for Windows handles RPC requests. The vulnerability is due to lack of boundary protection while processing RPC requests. A remote unauthenticated attacker may exploit this vulnerability to cause a denial of service condition or...
InTouch index.php user Parameter SQL Injection - Ver2 (CVE-2006-0088)
An SQL injection vulnerability has been reported in inTouch. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Internet Explorer Null Byte Information Disclosure (MS12-010) - Ver2 (CVE-2012-0012)
An information disclosure vulnerability has been reported in Internet Explorer. The vulnerability occurs during certain processes, in which Internet Explorer incorrectly allows attackers to view content from the process memory. A remote attacker may exploit this issue by enticing target users to...
phpMYAdmin goto Parameter PHP Code Execution - Ver2 (CVE-2001-0478)
A code execution vulnerability has been reported in phpMYAdmin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mozilla Products Graphics and XML Features Integer Overflows - Ver2 (CVE-2006-0297)
An integer overflow vulnerability has been reported in multiple versions of Mozilla products. The vulnerability is due to improper validation of XML property values when parsing images in SVG format. A remote attacker may leverage the vulnerability by enticing the victim to visit a malicious web...
PollMentor pollmentorres.asp id Parameter SQL Injection - Ver2 (CVE-2007-0984)
An SQL injection vulnerability has been reported in PollMentor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Benders Calendar index.php this_day Parameter SQL Injection - Ver2 (CVE-2006-0252)
An SQL injection vulnerability has been reported in Benders Calendar. A remote attacker could trigger this vulnerability via the year, month and day parameters. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
FlashGameScript index.php func Parameter PHP Code Execution - Ver2 (CVE-2007-1078)
A code execution vulnerability has been reported in FlashGameScript. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow - Ver2 (CVE-2002-0965)
A buffer overflow vulnerability has been reported in TNS Listener for Oracle 9i Database Server on Windows systems. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...