13538 matches found
SCADA DaqFactory HMI NETB Request Overflow (CVE-2011-3492)
Stack-based buffer overflow has been reported in Azeotech DAQFactory. The vulnerability is due to insufficient validation of incoming NETB requests to UDP port 20034. A remote attacker could exploit this vulnerability by sending a malicious request to the affected service. Successful exploitation...
PHP php_register_variable_ex Function Code Execution - Improved performance (CVE-2012-0830)
A memory corruption vulnerability has been reported in PHP. The vulnerability is due to improper handling of an error condition. A remote attacker could exploit this vulnerability by sending a malicious request to the target service. Successful exploitation would allow an attacker to inject and...
VMware OVF Tool Format String Vulnerability (CVE-2012-3569)
A format string vulnerability has been reported in VMware OVF Tool...
Mozilla Firefox Thunderbird SeaMonkey nsSVGValue Memory Corruption (CVE-2011-3658)
A memory corruption vulnerability exists in Firefox 7.0 and 8.0, Thunderbird 8.0 and SeaMonkey 2.5. The vulnerability is due to unchecked iteration that could cause an out of bounds access to attacker controlled memory. A sucesseful exploitation could lead to malicious code running in the context...
Symantec Messaging Gateway Save.do Cross Site Request Forgery - Improved Performance (CVE-2012-0308)
A cross-site request forgery CSRF vulnerability has been reported in Symantec Messaging Gateway. The vulnerability is due to errors while validating user input. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted URI. Successful exploitation would allow...
Adobe Flash Player ActionScript Heap Overflow (APSB13-09; CVE-2013-0646)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an improper buffer allocation while handling specially crafted SWF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Apache HTTP Server mod_rpaf x-forwarded-for Denial of Service - Improved Confidence (CVE-2012-3526)
A denial of service vulnerability has been reported in Apache's HTTP Server. The vulnerability is caused due to an error while processing certain http headers. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to a target. Successful exploitation will lea...
Digium Asterisk SIP Channel Driver Denial Of Service - High Confidence (CVE-2011-4063)
A denial of service vulnerability has been reported in Digium Asterisk. The vulnerability is due to an error in Asterisk's SIP channel driver while handling malformed REGISTER requests. A remote attacker may exploit this vulnerability by sending a specially crafted REGISTER request to an affected...
ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax server...
VideoLAN VLC Media Player PNG Code Execution - Improved Performance (CVE-2012-5470)
A code execution vulnerability has been reported in VLC Media Player. The vulnerability is due to an input validation error when handling certain PNG files. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PNG file with a vulnerable version of VLC...
DNS ANY Request
Blocking DNS ANY requests. Such requests return all the DNS records that exist on the DNS server for the specific query...
IBM Java Multiple Packages Sandbox Breach (CVE-2012-4822)
A sandbox breach vulnerability has been reported in IBM Java. The vulnerability is due to insecure use of certain methods in java.lang.class by IBM Java packages. An unauthenticated remote attacker can exploit this vulnerability by enticing the target user to open a crafted web page. Successful...
Internet Explorer saveHistory Use After Free Code Execution (MS13-021; CVE-2013-0088)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Internet Explorer CCaret Use After Free Code Execution (MS13-021; CVE-2013-0090)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft SMB Response Parsing Memory Corruption (MS10-020; CVE-2010-0476) - High Confidence
A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block SMB client implementation...
Internet Explorer GetMarkupPtr Use After Free Code Execution (MS13-021; CVE-2013-0092)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Internet Explorer CMarkupBehaviorContext use after free (MS13-021; CVE-2013-0089)
A vulnerability exists when Internet Explorer attempts to access an object that has been deleted. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Remote code execution vulnerabilities exist in the way that Internet Explorer accesse...
Internet Explorer CElement Use After Free Code Execution (MS13-021; CVE-2013-0091)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft SharePoint Web Analytics Cross-Site Scripting (MS13-024; CVE-2013-0083)
An elevation of privilege vulnerability exists in Microsoft SharePoint Server. An attacker who successfully exploited this vulnerability could potentially issue SharePoint commands in the context of an administrative user on the site. The vulnerability is caused when Microsoft SharePoint Server...
Internet Explorer removeChild Use After Free Code Execution (MS13-021; CVE-2013-0094)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft SharePoint Reflected List Parameter Cross-site Scripting (SA49875; CVE-2012-1863)
A cross-site scripting vulnerability has been discovered in Microsoft SharePoint. The vulnerability is due to insufficient sanitization of the List parameter. A remote attacker could trigger this flaw by enticing a user to follow a URL containing script code in the List parameter...
Microsoft Visio Viewer Tree Object Type Confusion Code Execution (MS13-023; CVE-2013-0079)
A remote code execution vulnerability has been reported in Microsoft Visio Viewer.The vulnerability is due to an error in the way Visio Viewer handles memory when parsing specially crafted Visio files. A remote attacker may exploit this vulnerability by enticing a target user to open a specially...
Microsoft SharePoint Directory Traversal (MS13-024; CVE-2013-0084)
An elevation of privilege exists in Microsoft SharePoint Server. The vulnerability is due to an error in the way Microsoft SharePoint handles specially crafted URLs. A remote attacker may exploit this issue by enticing a target user to open a specially crafted web page. An attacker who successful...
Microsoft Windows Assembly Execution (MS12-005) - High Confidence (CVE-2012-0013)
A remote code execution vulnerability has been reported in Microsoft Windows Packager. The vulnerability is caused due to ClickOnce application file types not being included in the Windows Packager unsafe file type list. A remote attacker may exploit this issue by enticing a target user to open a...
Microsoft Windows NFS Server NULL Pointer Dereference (MS13-014; CVE-2013-1281)
A NULL pointer dereference vulnerability exists in Microsoft Windows' NFS server implementation. The vulnerability is due to incorrect handling of a non-permitted operation. A remote attacker could trigger this flaw by mounting an NFS share that is exported as read-only and then issue a RENAME...
Internet Explorer CTreeNode Use After Free Remote Code Execution (MS13-021; CVE-2013-1288)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft Office OneNote Parsing Memory Information Disclosure (MS13-025; CVE-2013-0086)
An information disclosure vulnerability exists in the way that Microsoft OneNote allocates memory from parsing a specially crafted OneNote .ONE file...
EMC AlphaStor Device Manager Format String (CVE-2013-0929)
A denial of service or executing arbitrary commands has been reported in EMC AlphaStor Device. The vulnerability is caused by insufficient sanitization when processing certain requests. A remote attacker could trigger this flaw by processing certain requests...
Amlibweb NetOpacs webquery.dll Stack Buffer Overflow
A stack based buffer overflow vulnerability has been reported in Amlib NetOPAC. The vulnerability is due to a failure to perform adequate boundary check on user supplied input. A remote attacker can exploit this vulnerability by sending a specially crafted request to the server...
Oracle Java Runtime CMM Code Execution (CVE-2013-1493)
A stack buffer overflow vulnerability has been reported in Oracle Java Runtime. The vulnerability is due to insufficient validation of the 'count' property of the 'curveType' object in the CMM module of the Oracle JVM. A remote attacker can exploit this vulnerability by enticing a target user to...
Internet Explorer CCommand Use After Free (MS13-021; CVE-2013-0093)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Internet Explorer OnResize Use After Free Remote Code Execution (MS13-021; CVE-2013-0087)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Symantec Gateway Products DNS Cache Poisoning - High Confidence (CVE-2005-0817)
The Symantec Firewall has a DNS proxy service, DNSD.exe, that acts as a proxy and cache server for the DNS requests generated by internal systems...
Microsoft SharePoint Callback Function Elevation of Privilege (MS13-024; CVE-2013-0080)
An information disclosure and elevation of privilege vulnerability has been reported in Microsoft SharePoint. The vulnerability is due to an error in the way Microsoft SharePoint handles specially crafted URLs containing malicious JavaScript elements. A remote attacker may exploit this issue by...
Sophos Anti-Virus RAR VMSF_DELTA Filter Signedness Error
A signedness error vulnerability exists in Sophos Anti-Virus. The vulnerability is due to insufficient validation of one of the parameters of the VMSFDELTA filter while parsing RAR files. A remote attacker could exploit this vulnerability by causing Sophos Anti-Virus to process a specially crafte...
Novell eDirectory NCP Stack Buffer Overflow (CVE-2012-0432)
A stack buffer overflow exists in Novell eDirectory NetWare Core Protocol NCP stack. The vulnerability is due to lack of bounds checking in the KeyedObjectLogin function. A remote attacker could exploit this vulnerability by sending TCP packets with malicious data...
Oracle Java JMX findClass and elementFromComplex Sandbox Breach (CVE-2013-0431)
A code execution vulnerability has been reported in Oracle Java's Java Management Extension JMX library. The vulnerability is due to insecure use of certain JMX classes. An unauthenticated remote attacker can exploit this vulnerability by enticing the target user to open a crafted web page...
Microsoft .NET Framework WinForms Buffer Overflow (CVE-2013-0002)
A buffer overflow vulnerability exists in Microsoft .NET Framework Windows Form. The vulnerability is due to a race condition when handling the size of an array of objects prior to copying them into a global memory buffer.An attacker can remotely exploit this vulnerability by enticing a user to...
SAP NetWeaver AdIExecBlkConv Message Server Buffer Overflow (CVE-2013-1593)
A code execution vulnerability exists in SAP NetWeaver Message Server. The vulnerability is due to a buffer overflow in the function AdIExecBlkConv while handling a request message. A remote attacker could trigger this flaw by sending a specially crafted message to a vulnerable server...
Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow (CVE-2013-0003)
A buffer overflow exists in the System.DirectoryServices.Protocols S.DS.P namespace method in the .NET framework. The vulnerability is due to an error in the validation of the size of objects in memory prior to copying them into an array.An attacker can remotely exploit this vulnerability by...
Novell GroupWise HTTP Interfaces Arbitrary File Retrieval (CVE-2012-0419)
A directory traversal vulnerability has been reported in the HTTP interfaces of Novell GroupWise Post Office Agent, Message, Transfer Agent and Internet Agent. The vulnerability is due to a failure to sanitize the request URI for directory traversal characters. A remote unauthenticated attacker c...
Adobe Flash Player Malformed SWF File Information Disclosure (APSB13-05; CVE-2013-0637)
An information disclosure vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error while handling specially crafted SWF files. A remote attacker could exploit this vulnerability by enticing a user to open an HTML document containing an embedded malformed Flash...
Novell NetIQ Privileged User Manager modifyAccounts Policy Bypass
A policy bypass vulnerability has been reported in Novell NetIQ Privileged User Manager. The vulnerability is due to an access control weakness when handling a modifyAccounts request. A remote, unauthenticated attacker could exploit this flaw by sending a malicious request to a vulnerable server...
Oracle Outside In Paradox Database Stream Filter Denial of Service (CVE-2013-0393)
A denial of service vulnerability has been reported in Oracle Outside In, a set of libraries used to decode many file formats. The vulnerability is due to an error while processing Paradox databases that contain a malicious entry in a field description array. A remote attacker could trigger this...
Adobe InDesign Server SOAP Request Lack of Authentication
Access control weakness vulnerability exists in Adobe InDesign Server.The vulnerability is due to a failure to restrict access to the SOAP interface.Successful exploitation could result in execution of arbitrary script code in the context of the service...
Portable SDK for UPnP Devices libupnp Device Service Name Stack Buffer Overflow (CVE-2012-5958)
A stack buffer overflow vulnerability exists in Intel SDK for UPnP and Portable SDK for UPnP. The vulnerability is due to a boundary error while parsing uuid:schemas:device service name strings in the uniqueservicename function called from SSDP protocol parser.Remote unauthenticated attackers can...
RealNetworks RealPlayer URL Parsing Stack Buffer Overflow (CVE-2012-5691)
A stack buffer overflow vulnerability exists in RealNetworks RealPlayer. Successful exploitation can result in arbitrary code execution in the context of the currently logged in user...
Adobe Flash Player malformed FLV file Flash memory corruption vulnerability (APSB13-05; CVE-2013-0638)
A memory corruption vulneriability has been reprted in Adobe Flash Player. the vulnerability is due to an error while handling specially crafted FLV files. A remote attacker could exploit this vulnerability by enticing a user to open an HTML document containing an embedded malformed FLV file with...
Apple iTunes m3u Playlist Multiple Buffer Overflows - High Confidence (CVE-2012-0677)
Multiple buffer overflow vulnerabilities have been reported in Apple iTunes. The vulnerabilities are due to a bounds checking error in iTunes while handling specially crafted .m3u files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .m3u file with ...
Adobe Flashplayer Malicious SWF Use After Free Code Execution (CVE-2013-0648)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is caused due to an improper use of Flash player internal pointers after they have been freed. A remote attacker can exploit this issue by enticing a target user to open a web-page that contains a...