4300 matches found
Apache Struts2 XWork ParameterInterceptor security bypass
Added: 08/05/2010 CVE: CVE-2010-1870 BID: 41592 OSVDB: 66280 Background Apache Struts is a Java web application framework. Apache Struts version 2 is based on WebWork 2. WebWork 2 uses XWork to invoke actions based on HTTP parameter names. The ParameterInterceptor component of XWork runs the...
Apple QuickTime Streaming Debug Error Logging Buffer Overflow
Added: 08/05/2010 BID: 41962 OSVDB: 66636 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime is vulnerable to a stack buffer overflow in QuickTimeStreaming.qtx when processing specially crafted SMIL files. The crafted SMIL files contain an invalid and...
Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow
Added: 08/03/2010 CVE: CVE-2010-2777 BID: 41704 OSVDB: 66623 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability exists within the IMAP component of the Novell GroupWise Internet Agent service and is due to a boundary error while...
Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow
Added: 08/03/2010 CVE: CVE-2010-2777 BID: 41704 OSVDB: 66623 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability exists within the IMAP component of the Novell GroupWise Internet Agent service and is due to a boundary error while...
Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow
Added: 08/03/2010 CVE: CVE-2010-2777 BID: 41704 OSVDB: 66623 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability exists within the IMAP component of the Novell GroupWise Internet Agent service and is due to a boundary error while...
Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow
Added: 08/03/2010 CVE: CVE-2010-2777 BID: 41704 OSVDB: 66623 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability exists within the IMAP component of the Novell GroupWise Internet Agent service and is due to a boundary error while...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Automatic Drive-by Download
Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...
Automatic Drive-by Download
Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...
Automatic Drive-by Download
Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...
Automatic Drive-by Download
Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...
Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow
Added: 07/22/2010 CVE: CVE-2010-0822 BID: 40520 OSVDB: 65236 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a buffer overflow when processing malformed OBJ recType...
Windows Shell LNK file CONTROL item command execution
Added: 07/22/2010 CVE: CVE-2010-2568 BID: 41732 OSVDB: 66387 Background Microsoft Windows supports LNK files, also known as shortcuts, which are references to other files. Shortcuts can be placed in a location which is convenient for users such as the Desktop or Start menu, from which they can be...
Windows Shell LNK file CONTROL item command execution
Added: 07/22/2010 CVE: CVE-2010-2568 BID: 41732 OSVDB: 66387 Background Microsoft Windows supports LNK files, also known as shortcuts, which are references to other files. Shortcuts can be placed in a location which is convenient for users such as the Desktop or Start menu, from which they can be...
Windows Shell LNK file CONTROL item command execution
Added: 07/22/2010 CVE: CVE-2010-2568 BID: 41732 OSVDB: 66387 Background Microsoft Windows supports LNK files, also known as shortcuts, which are references to other files. Shortcuts can be placed in a location which is convenient for users such as the Desktop or Start menu, from which they can be...
Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow
Added: 07/22/2010 CVE: CVE-2010-0822 BID: 40520 OSVDB: 65236 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a buffer overflow when processing malformed OBJ recType...
Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow
Added: 07/22/2010 CVE: CVE-2010-0822 BID: 40520 OSVDB: 65236 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a buffer overflow when processing malformed OBJ recType...
Windows Shell LNK file CONTROL item command execution
Added: 07/22/2010 CVE: CVE-2010-2568 BID: 41732 OSVDB: 66387 Background Microsoft Windows supports LNK files, also known as shortcuts, which are references to other files. Shortcuts can be placed in a location which is convenient for users such as the Desktop or Start menu, from which they can be...
Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow
Added: 07/22/2010 CVE: CVE-2010-0822 BID: 40520 OSVDB: 65236 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a buffer overflow when processing malformed OBJ recType...
Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability
Added: 07/16/2010 CVE: CVE-2010-0266 BID: 41446 OSVDB: 66296 Background Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities. Problem A vulnerability in Microsoft Outlook allows command execution when a user opens...
Viscom Software Movie Player Pro ActiveX Control DrawText Buffer Overflow
Added: 07/16/2010 CVE: CVE-2010-0356 BID: 40719 OSVDB: 61634 Background Viscom Movie Player Pro SDK ActiveX is a software development kit for Microsoft Windows environments to incorporate an advanced media player with overlay text and images. Problem The MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX...
Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability
Added: 07/16/2010 CVE: CVE-2010-0266 BID: 41446 OSVDB: 66296 Background Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities. Problem A vulnerability in Microsoft Outlook allows command execution when a user opens...
Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability
Added: 07/16/2010 CVE: CVE-2010-0266 BID: 41446 OSVDB: 66296 Background Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities. Problem A vulnerability in Microsoft Outlook allows command execution when a user opens...
Viscom Software Movie Player Pro ActiveX Control DrawText Buffer Overflow
Added: 07/16/2010 CVE: CVE-2010-0356 BID: 40719 OSVDB: 61634 Background Viscom Movie Player Pro SDK ActiveX is a software development kit for Microsoft Windows environments to incorporate an advanced media player with overlay text and images. Problem The MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX...
Viscom Software Movie Player Pro ActiveX Control DrawText Buffer Overflow
Added: 07/16/2010 CVE: CVE-2010-0356 BID: 40719 OSVDB: 61634 Background Viscom Movie Player Pro SDK ActiveX is a software development kit for Microsoft Windows environments to incorporate an advanced media player with overlay text and images. Problem The MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX...
Viscom Software Movie Player Pro ActiveX Control DrawText Buffer Overflow
Added: 07/16/2010 CVE: CVE-2010-0356 BID: 40719 OSVDB: 61634 Background Viscom Movie Player Pro SDK ActiveX is a software development kit for Microsoft Windows environments to incorporate an advanced media player with overlay text and images. Problem The MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX...
Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability
Added: 07/16/2010 CVE: CVE-2010-0266 BID: 41446 OSVDB: 66296 Background Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities. Problem A vulnerability in Microsoft Outlook allows command execution when a user opens...
Novell iManager EnteredClassName buffer overflow
Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...
Novell iManager EnteredClassName buffer overflow
Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...
Novell iManager EnteredClassName buffer overflow
Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...
Novell iManager EnteredClassName buffer overflow
Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...
Microsoft Excel DBQueryExt record parsing vulnerability
Added: 07/08/2010 CVE: CVE-2010-1253 BID: 40531 OSVDB: 65228 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...
Microsoft Excel DBQueryExt record parsing vulnerability
Added: 07/08/2010 CVE: CVE-2010-1253 BID: 40531 OSVDB: 65228 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...
Microsoft Excel DBQueryExt record parsing vulnerability
Added: 07/08/2010 CVE: CVE-2010-1253 BID: 40531 OSVDB: 65228 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...
Microsoft Excel DBQueryExt record parsing vulnerability
Added: 07/08/2010 CVE: CVE-2010-1253 BID: 40531 OSVDB: 65228 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...
HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow
Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...
HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow
Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...
HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow
Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...
HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow
Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...
TweakFS Zip Utility for FSX filename buffer overflow
Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...
TweakFS Zip Utility for FSX filename buffer overflow
Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...
TweakFS Zip Utility for FSX filename buffer overflow
Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...
TweakFS Zip Utility for FSX filename buffer overflow
Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...
HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe
Added: 06/23/2010 CVE: CVE-2009-4181 BID: 37261 OSVDB: 60932 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in ovwebsnmpsrv.exe allows remote attackers to execute arbitrary commands by sending...
HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe
Added: 06/23/2010 CVE: CVE-2009-4181 BID: 37261 OSVDB: 60932 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in ovwebsnmpsrv.exe allows remote attackers to execute arbitrary commands by sending...
HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe
Added: 06/23/2010 CVE: CVE-2009-4181 BID: 37261 OSVDB: 60932 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in ovwebsnmpsrv.exe allows remote attackers to execute arbitrary commands by sending...
HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe
Added: 06/23/2010 CVE: CVE-2009-4181 BID: 37261 OSVDB: 60932 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in ovwebsnmpsrv.exe allows remote attackers to execute arbitrary commands by sending...