4300 matches found
BigAnt Messenger Server DUPF Arbitrary File Upload
Added: 04/01/2013 CVE: CVE-2012-6274 BID: 57214 OSVDB: 89342 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt Server 2.97 and earlier does not require authentication for file uploading, and does not...
Sami FTP Server LIST command buffer overflow
Added: 04/01/2013 BID: 58247 OSVDB: 90815 Background Sami FTP Server is an FTP server for Windows. Problem Sami FTP Server is affected by a buffer overflow vulnerability. A remote attacker could exploit this vulnerability by sending a long, specially crafted LIST command to the server, resulting ...
WellinTech KingView KingMess.exe Log File Parsing Overflow
Added: 03/22/2013 CVE: CVE-2012-4711 BID: 57909 OSVDB: 89690 Background WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally. Problem WellinTech KingView KingMess.exe is...
WellinTech KingView KingMess.exe Log File Parsing Overflow
Added: 03/22/2013 CVE: CVE-2012-4711 BID: 57909 OSVDB: 89690 Background WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally. Problem WellinTech KingView KingMess.exe is...
WellinTech KingView KingMess.exe Log File Parsing Overflow
Added: 03/22/2013 CVE: CVE-2012-4711 BID: 57909 OSVDB: 89690 Background WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally. Problem WellinTech KingView KingMess.exe is...
WellinTech KingView KingMess.exe Log File Parsing Overflow
Added: 03/22/2013 CVE: CVE-2012-4711 BID: 57909 OSVDB: 89690 Background WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally. Problem WellinTech KingView KingMess.exe is...
SonicWall Multiple Products skipSessionCheck Authentication Bypass
Added: 03/18/2013 CVE: CVE-2013-1359 BID: 57445 OSVDB: 89347 Background Dell SonicWALL has several management and reporting solutions which provide a centralized architecture for creating and managing security policies, providing real-time monitoring and alerts, and delivering compliance and usag...
SonicWall Multiple Products skipSessionCheck Authentication Bypass
Added: 03/18/2013 CVE: CVE-2013-1359 BID: 57445 OSVDB: 89347 Background Dell SonicWALL has several management and reporting solutions which provide a centralized architecture for creating and managing security policies, providing real-time monitoring and alerts, and delivering compliance and usag...
SonicWall Multiple Products skipSessionCheck Authentication Bypass
Added: 03/18/2013 CVE: CVE-2013-1359 BID: 57445 OSVDB: 89347 Background Dell SonicWALL has several management and reporting solutions which provide a centralized architecture for creating and managing security policies, providing real-time monitoring and alerts, and delivering compliance and usag...
SonicWall Multiple Products skipSessionCheck Authentication Bypass
Added: 03/18/2013 CVE: CVE-2013-1359 BID: 57445 OSVDB: 89347 Background Dell SonicWALL has several management and reporting solutions which provide a centralized architecture for creating and managing security policies, providing real-time monitoring and alerts, and delivering compliance and usag...
VMware OVF Tool Format String
Added: 03/15/2013 CVE: CVE-2012-3569 BID: 56468 OSVDB: 87117 Background VMware is a suite of products supporting the creation and operation of virtual machines , which are self-contained, independent guest operating systems running within a host operating system. Problem The Windows variants of...
VMware OVF Tool Format String
Added: 03/15/2013 CVE: CVE-2012-3569 BID: 56468 OSVDB: 87117 Background VMware is a suite of products supporting the creation and operation of virtual machines, which are self-contained, independent guest operating systems running within a host operating system. Problem The Windows variants of...
VMware OVF Tool Format String
Added: 03/15/2013 CVE: CVE-2012-3569 BID: 56468 OSVDB: 87117 Background VMware is a suite of products supporting the creation and operation of virtual machines, which are self-contained, independent guest operating systems running within a host operating system. Problem The Windows variants of...
VMware OVF Tool Format String
Added: 03/15/2013 CVE: CVE-2012-3569 BID: 56468 OSVDB: 87117 Background VMware is a suite of products supporting the creation and operation of virtual machines , which are self-contained, independent guest operating systems running within a host operating system. Problem The Windows variants of...
Cool PDF Reader Image Stream Stack Overflow
Added: 03/11/2013 CVE: CVE-2012-4914 BID: 57461 OSVDB: 89349 Background Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS. Problem Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on ima...
Cool PDF Reader Image Stream Stack Overflow
Added: 03/11/2013 CVE: CVE-2012-4914 BID: 57461 OSVDB: 89349 Background Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS. Problem Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on ima...
Cool PDF Reader Image Stream Stack Overflow
Added: 03/11/2013 CVE: CVE-2012-4914 BID: 57461 OSVDB: 89349 Background Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS. Problem Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on ima...
Cool PDF Reader Image Stream Stack Overflow
Added: 03/11/2013 CVE: CVE-2012-4914 BID: 57461 OSVDB: 89349 Background Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS. Problem Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on ima...
Java MBeanInstantiator findClass and Introspector Sandbox Escape
Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Java MBeanInstantiator findClass and Introspector Sandbox Escape
Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Java MBeanInstantiator findClass and Introspector Sandbox Escape
Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Java MBeanInstantiator findClass and Introspector Sandbox Escape
Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Internet Explorer SLayoutRun CParaElement Node Use After Free
Added: 02/28/2013 CVE: CVE-2013-0025 BID: 57830 OSVDB: 90122 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code in the context of the...
Internet Explorer SLayoutRun CParaElement Node Use After Free
Added: 02/28/2013 CVE: CVE-2013-0025 BID: 57830 OSVDB: 90122 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code in the context of the...
Internet Explorer SLayoutRun CParaElement Node Use After Free
Added: 02/28/2013 CVE: CVE-2013-0025 BID: 57830 OSVDB: 90122 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code in the context of the...
Internet Explorer SLayoutRun CParaElement Node Use After Free
Added: 02/28/2013 CVE: CVE-2013-0025 BID: 57830 OSVDB: 90122 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code in the context of the...
BigAnt Server SCH and DUPF Stack Overflow
Added: 02/22/2013 CVE: CVE-2012-6275 BID: 57214 OSVDB: 89344 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt Server versions 2.97 SP7 and prior are vulnerable to a stack overflow condition due to improp...
BigAnt Server SCH and DUPF Stack Overflow
Added: 02/22/2013 CVE: CVE-2012-6275 BID: 57214 OSVDB: 89344 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt Server versions 2.97 SP7 and prior are vulnerable to a stack overflow condition due to improp...
BigAnt Server SCH and DUPF Stack Overflow
Added: 02/22/2013 CVE: CVE-2012-6275 BID: 57214 OSVDB: 89344 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt Server versions 2.97 SP7 and prior are vulnerable to a stack overflow condition due to improp...
BigAnt Server SCH and DUPF Stack Overflow
Added: 02/22/2013 CVE: CVE-2012-6275 BID: 57214 OSVDB: 89344 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt Server versions 2.97 SP7 and prior are vulnerable to a stack overflow condition due to improp...
Adobe Flash Player SWF Content Regular Expression Heap Overflow
Added: 02/21/2013 CVE: CVE-2013-0634 BID: 57788 OSVDB: 89936 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The ActiveX version of Adobe Flash Player on Windows is vulnerable to heap buffer overflow because it does not proper...
Adobe Flash Player SWF Content Regular Expression Heap Overflow
Added: 02/21/2013 CVE: CVE-2013-0634 BID: 57788 OSVDB: 89936 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The ActiveX version of Adobe Flash Player on Windows is vulnerable to heap buffer overflow because it does not proper...
Adobe Flash Player SWF Content Regular Expression Heap Overflow
Added: 02/21/2013 CVE: CVE-2013-0634 BID: 57788 OSVDB: 89936 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The ActiveX version of Adobe Flash Player on Windows is vulnerable to heap buffer overflow because it does not proper...
Adobe Flash Player SWF Content Regular Expression Heap Overflow
Added: 02/21/2013 CVE: CVE-2013-0634 BID: 57788 OSVDB: 89936 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The ActiveX version of Adobe Flash Player on Windows is vulnerable to heap buffer overflow because it does not proper...
Novell GroupWise Client ActiveX SetEngine Pointer Manipulation
Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...
Novell GroupWise Client ActiveX SetEngine Pointer Manipulation
Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...
Novell GroupWise Client ActiveX SetEngine Pointer Manipulation
Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...
Novell GroupWise Client ActiveX SetEngine Pointer Manipulation
Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...
Ruby on Rails XML Processor YAML Deserialization
Added: 02/15/2013 CVE: CVE-2013-0156 BID: 57187 OSVDB: 89026 Background Ruby on Rails is a full stack, Web application framework optimized for sustainable programming productivity, allowing writing sound code by favoring convention over configuration. Problem Ruby on Rails versions prior to 2.3.1...
Ruby on Rails XML Processor YAML Deserialization
Added: 02/15/2013 CVE: CVE-2013-0156 BID: 57187 OSVDB: 89026 Background Ruby on Rails is a full stack, Web application framework optimized for sustainable programming productivity, allowing writing sound code by favoring convention over configuration. Problem Ruby on Rails versions prior to 2.3.1...
Ruby on Rails XML Processor YAML Deserialization
Added: 02/15/2013 CVE: CVE-2013-0156 BID: 57187 OSVDB: 89026 Background Ruby on Rails is a full stack, Web application framework optimized for sustainable programming productivity, allowing writing sound code by favoring convention over configuration. Problem Ruby on Rails versions prior to 2.3.1...
Ruby on Rails XML Processor YAML Deserialization
Added: 02/15/2013 CVE: CVE-2013-0156 BID: 57187 OSVDB: 89026 Background Ruby on Rails is a full stack, Web application framework optimized for sustainable programming productivity, allowing writing sound code by favoring convention over configuration. Problem Ruby on Rails versions prior to 2.3.1...
Schneider Electric Interactive Graphical SCADA System Data Collector Overflow
Added: 02/11/2013 CVE: CVE-2013-0657 BID: 57449 OSVDB: 89324 Background Schneider Electric Interactive Graphical SCADA System IGSS is a supervisory control and data acquisition SCADA system designed to monitor and control industrial processes. The Data Collector DC.exe component listens on port...
Schneider Electric Interactive Graphical SCADA System Data Collector Overflow
Added: 02/11/2013 CVE: CVE-2013-0657 BID: 57449 OSVDB: 89324 Background Schneider Electric Interactive Graphical SCADA System IGSS is a supervisory control and data acquisition SCADA system designed to monitor and control industrial processes. The Data Collector DC.exe component listens on port...
Schneider Electric Interactive Graphical SCADA System Data Collector Overflow
Added: 02/11/2013 CVE: CVE-2013-0657 BID: 57449 OSVDB: 89324 Background Schneider Electric Interactive Graphical SCADA System IGSS is a supervisory control and data acquisition SCADA system designed to monitor and control industrial processes. The Data Collector DC.exe component listens on port...
Schneider Electric Interactive Graphical SCADA System Data Collector Overflow
Added: 02/11/2013 CVE: CVE-2013-0657 BID: 57449 OSVDB: 89324 Background Schneider Electric Interactive Graphical SCADA System IGSS is a supervisory control and data acquisition SCADA system designed to monitor and control industrial processes. The Data Collector DC.exe component listens on port...
Novell eDirectory NCP KeyedObjectLogin Function Vulnerability
Added: 02/07/2013 CVE: CVE-2012-0432 BID: 57038 OSVDB: 88718 Background Novell eDirectory is a directory server which implements the NetWare Core Protocol NCP to synchronize data changes between the servers in a directory service tree. NCP is used to access file, print, directory, clock...
Novell eDirectory NCP KeyedObjectLogin Function Vulnerability
Added: 02/07/2013 CVE: CVE-2012-0432 BID: 57038 OSVDB: 88718 Background Novell eDirectory is a directory server which implements the NetWare Core Protocol NCP to synchronize data changes between the servers in a directory service tree. NCP is used to access file, print, directory, clock...
Novell eDirectory NCP KeyedObjectLogin Function Vulnerability
Added: 02/07/2013 CVE: CVE-2012-0432 BID: 57038 OSVDB: 88718 Background Novell eDirectory is a directory server which implements the NetWare Core Protocol NCP to synchronize data changes between the servers in a directory service tree. NCP is used to access file, print, directory, clock...
Novell eDirectory NCP KeyedObjectLogin Function Vulnerability
Added: 02/07/2013 CVE: CVE-2012-0432 BID: 57038 OSVDB: 88718 Background Novell eDirectory is a directory server which implements the NetWare Core Protocol NCP to synchronize data changes between the servers in a directory service tree. NCP is used to access file, print, directory, clock...