4300 matches found
HP Operations Agent Opcode 0x34 vulnerability
Added: 08/06/2012 CVE: CVE-2012-2019 BID: 54362 OSVDB: 83673 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...
Internet Explorer COL SPAN Heap Overflow
Added: 08/06/2012 CVE: CVE-2012-1876 BID: 53848 OSVDB: 82866 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer allows websites to utilize Javascript to create dynamic web content. As such, websites can include...
HP Operations Agent Opcode 0x34 vulnerability
Added: 08/06/2012 CVE: CVE-2012-2019 BID: 54362 OSVDB: 83673 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...
Internet Explorer COL SPAN Heap Overflow
Added: 08/06/2012 CVE: CVE-2012-1876 BID: 53848 OSVDB: 82866 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer allows websites to utilize Javascript to create dynamic web content. As such, websites can include...
Apache Struts 2 ConversionErrorInterceptor Java Injection
Added: 08/02/2012 CVE: CVE-2012-0391 OSVDB: 78277 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem Struts uses...
Apache Struts 2 ConversionErrorInterceptor Java Injection
Added: 08/02/2012 CVE: CVE-2012-0391 OSVDB: 78277 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem Struts uses...
Apache Struts 2 ConversionErrorInterceptor Java Injection
Added: 08/02/2012 CVE: CVE-2012-0391 OSVDB: 78277 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem Struts uses...
Apache Struts 2 ConversionErrorInterceptor Java Injection
Added: 08/02/2012 CVE: CVE-2012-0391 OSVDB: 78277 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem Struts uses...
Citrix Provisioning Services streamprocess.exe 0x40020000 Opcode Integer Underflow
Added: 07/30/2012 BID: 49803 OSVDB: 75780 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services up to and including version 5.6 Service Pack 1 are...
Citrix Provisioning Services streamprocess.exe 0x40020000 Opcode Integer Underflow
Added: 07/30/2012 BID: 49803 OSVDB: 75780 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services up to and including version 5.6 Service Pack 1 are...
Citrix Provisioning Services streamprocess.exe 0x40020000 Opcode Integer Underflow
Added: 07/30/2012 BID: 49803 OSVDB: 75780 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services up to and including version 5.6 Service Pack 1 are...
Citrix Provisioning Services streamprocess.exe 0x40020000 Opcode Integer Underflow
Added: 07/30/2012 BID: 49803 OSVDB: 75780 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services up to and including version 5.6 Service Pack 1 are...
Apple QuickTime SetLanguage Overflow
Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...
Apple QuickTime SetLanguage Overflow
Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...
Apple QuickTime SetLanguage Overflow
Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...
Apple QuickTime SetLanguage Overflow
Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...
HP Data Protector Express Opcode 0x320 Overflow
Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...
HP Data Protector Express Opcode 0x320 Overflow
Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...
HP Data Protector Express Opcode 0x320 Overflow
Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...
Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion
Added: 07/23/2012 CVE: CVE-2012-1723 BID: 53960 OSVDB: 82877 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion
Added: 07/23/2012 CVE: CVE-2012-1723 BID: 53960 OSVDB: 82877 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion
Added: 07/23/2012 CVE: CVE-2012-1723 BID: 53960 OSVDB: 82877 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
HP Data Protector Express Opcode 0x320 Overflow
Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...
Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion
Added: 07/23/2012 CVE: CVE-2012-1723 BID: 53960 OSVDB: 82877 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Oracle AutoVue SetMarkupMode ActiveX Overflow
Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...
Oracle AutoVue SetMarkupMode ActiveX Overflow
Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...
Oracle AutoVue SetMarkupMode ActiveX Overflow
Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...
Oracle AutoVue SetMarkupMode ActiveX Overflow
Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...
Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling
Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...
Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling
Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...
Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling
Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...
Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling
Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...
Apple QuickTime TeXML Style Element Parsing Buffer Overflow
Added: 07/09/2012 CVE: CVE-2012-0663 BID: 53571 OSVDB: 81934 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to buffer overflow when parsing XML elements within a TeXML file. The QuickTime3GPP.qtx QuickTime...
Apple QuickTime TeXML Style Element Parsing Buffer Overflow
Added: 07/09/2012 CVE: CVE-2012-0663 BID: 53571 OSVDB: 81934 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to buffer overflow when parsing XML elements within a TeXML file. The QuickTime3GPP.qtx QuickTime...
Apple QuickTime TeXML Style Element Parsing Buffer Overflow
Added: 07/09/2012 CVE: CVE-2012-0663 BID: 53571 OSVDB: 81934 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to buffer overflow when parsing XML elements within a TeXML file. The QuickTime3GPP.qtx QuickTime...
Apple QuickTime TeXML Style Element Parsing Buffer Overflow
Added: 07/09/2012 CVE: CVE-2012-0663 BID: 53571 OSVDB: 81934 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to buffer overflow when parsing XML elements within a TeXML file. The QuickTime3GPP.qtx QuickTime...
F5 BIG-IP SSH private key
Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...
F5 BIG-IP SSH private key
Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...
iTunes m3u Playlist Overflow
Added: 07/03/2012 CVE: CVE-2012-0677 BID: 53933 OSVDB: 82897 Background iTunes is a free media player for multiple platforms. Problem iTunes does not properly validate parameters for EXTINF: directives in m3u files. This results in an exploitable stack overflow. Resolution Upgrade to iTunes 10.6....
iTunes m3u Playlist Overflow
Added: 07/03/2012 CVE: CVE-2012-0677 BID: 53933 OSVDB: 82897 Background iTunes is a free media player for multiple platforms. Problem iTunes does not properly validate parameters for EXTINF: directives in m3u files. This results in an exploitable stack overflow. Resolution Upgrade to iTunes 10.6....
F5 BIG-IP SSH private key
Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...
iTunes m3u Playlist Overflow
Added: 07/03/2012 CVE: CVE-2012-0677 BID: 53933 OSVDB: 82897 Background iTunes is a free media player for multiple platforms. Problem iTunes does not properly validate parameters for EXTINF: directives in m3u files. This results in an exploitable stack overflow. Resolution Upgrade to iTunes 10.6....
F5 BIG-IP SSH private key
Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...
iTunes m3u Playlist Overflow
Added: 07/03/2012 CVE: CVE-2012-0677 BID: 53933 OSVDB: 82897 Background iTunes is a free media player for multiple platforms. Problem iTunes does not properly validate parameters for EXTINF: directives in m3u files. This results in an exploitable stack overflow. Resolution Upgrade to iTunes 10.6....
Adobe Flash Player Object Confusion Code Execution
Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...
Adobe Flash Player Object Confusion Code Execution
Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...
Adobe Flash Player Object Confusion Code Execution
Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...
Adobe Flash Player Object Confusion Code Execution
Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...
HP OpenView Storage Data Protector inet Service EXEC_CMD Remote Overflow
Added: 06/27/2012 CVE: CVE-2011-1866 BID: 48488 OSVDB: 73572 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in omniinet.exe in the inet service of HP OpenView Storage Data Protector allows remote attackers to execute arbitrary commands b...
Microsoft XML Core Services memory corruption
Added: 06/27/2012 CVE: CVE-2012-1889 BID: 53934 OSVDB: 82873 Background Microsoft XML Core Services allows developers to create XML-based applications. Problem A memory corruption vulnerability allows command execution when a user opens a specially crafted web page, which causes MSXML to access a...