Lucene search
+L

4305 matches found

saint
saint
•added 2009/05/12 12:0 a.m.•27 views

Adobe Reader Javascript API spell.customDictonaryOpen memory corruption

Added: 05/12/2009 CVE: CVE-2009-1493 BID: 34740 OSVDB: 54129 Background Adobe Reader is free software for viewing PDF documents. Problem A memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the...

6.8CVSS6.5AI score0.21826EPSS
Exploits5
saint
saint
•added 2009/05/12 12:0 a.m.•15 views

Oracle Database password weakness

Added: 05/12/2009 Background Oracle Database is a relational database solution available for multiple platforms. Problem The Oracle Database service has accounts with default or easily guessed passwords, which could allow an attacker to make unauthorized SQL queries. Resolution Set a strong...

1.5AI score
Exploits0
saint
saint
•added 2009/05/12 12:0 a.m.•8 views

Oracle Database password weakness

Added: 05/12/2009 Background Oracle Database is a relational database solution available for multiple platforms. Problem The Oracle Database service has accounts with default or easily guessed passwords, which could allow an attacker to make unauthorized SQL queries. Resolution Set a strong...

7.9AI score
Exploits0
saint
saint
•added 2009/05/11 12:0 a.m.•16 views

MySQL password weakness

Added: 05/11/2009 Background MySQL is an open-source database software package available for multiple platforms. Problem A MySQL database account has no password or an easily guessed password, allowing a remote attacker to make unauthorized queries. Resolution Set a strong password for all MySQL...

8.2AI score
Exploits0
saint
saint
•added 2009/05/11 12:0 a.m.•12 views

MySQL password weakness

Added: 05/11/2009 Background MySQL is an open-source database software package available for multiple platforms. Problem A MySQL database account has no password or an easily guessed password, allowing a remote attacker to make unauthorized queries. Resolution Set a strong password for all MySQL...

0.3AI score
Exploits0
saint
saint
•added 2009/05/11 12:0 a.m.•30 views

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

Added: 05/11/2009 CVE: CVE-2008-4828 BID: 34803 OSVDB: 54232 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a...

10CVSS7.9AI score0.71468EPSS
Exploits8
saint
saint
•added 2009/05/11 12:0 a.m.•31 views

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

Added: 05/11/2009 CVE: CVE-2008-4828 BID: 34803 OSVDB: 54232 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a...

10CVSS7.9AI score0.71468EPSS
Exploits8
saint
saint
•added 2009/05/11 12:0 a.m.•18 views

MySQL password weakness

Added: 05/11/2009 Background MySQL is an open-source database software package available for multiple platforms. Problem A MySQL database account has no password or an easily guessed password, allowing a remote attacker to make unauthorized queries. Resolution Set a strong password for all MySQL...

0.3AI score
Exploits0
saint
saint
•added 2009/05/11 12:0 a.m.•67 views

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

Added: 05/11/2009 CVE: CVE-2008-4828 BID: 34803 OSVDB: 54232 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a...

10CVSS7.8AI score0.71468EPSS
Exploits8
saint
saint
•added 2009/05/11 12:0 a.m.•31 views

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

Added: 05/11/2009 CVE: CVE-2008-4828 BID: 34803 OSVDB: 54232 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a...

10CVSS7.9AI score0.71468EPSS
Exploits8
saint
saint
•added 2009/05/11 12:0 a.m.•10 views

MySQL password weakness

Added: 05/11/2009 Background MySQL is an open-source database software package available for multiple platforms. Problem A MySQL database account has no password or an easily guessed password, allowing a remote attacker to make unauthorized queries. Resolution Set a strong password for all MySQL...

8.2AI score
Exploits0
saint
saint
•added 2009/05/07 12:0 a.m.•42 views

Windows SMB credential reflection vulnerability

Added: 05/07/2009 CVE: CVE-2008-4037 BID: 7385 OSVDB: 49736 Background The Server Message Block SMB.aspx protocol is a file sharing protocol implemented in Microsoft Windows. NTLM is a challenge/response-based authentication protocol. Problem An NTLM credential reflection vulnerability allows a...

9.3CVSS6.6AI score0.59136EPSS
Exploits9
saint
saint
•added 2009/05/07 12:0 a.m.•65 views

Windows SMB credential reflection vulnerability

Added: 05/07/2009 CVE: CVE-2008-4037 BID: 7385 OSVDB: 49736 Background The Server Message Block SMB.aspx protocol is a file sharing protocol implemented in Microsoft Windows. NTLM is a challenge/response-based authentication protocol. Problem An NTLM credential reflection vulnerability allows a...

9.3CVSS6.6AI score0.59136EPSS
Exploits9
saint
saint
•added 2009/05/07 12:0 a.m.•57 views

Windows SMB credential reflection vulnerability

Added: 05/07/2009 CVE: CVE-2008-4037 BID: 7385 OSVDB: 49736 Background The Server Message Block SMB protocol is a file sharing protocol implemented in Microsoft Windows. NTLM is a challenge/response-based authentication protocol. Problem An NTLM credential reflection vulnerability allows a remote...

9.3CVSS6.6AI score0.59136EPSS
Exploits9
saint
saint
•added 2009/05/07 12:0 a.m.•51 views

Windows SMB credential reflection vulnerability

Added: 05/07/2009 CVE: CVE-2008-4037 BID: 7385 OSVDB: 49736 Background The Server Message Block SMB protocol is a file sharing protocol implemented in Microsoft Windows. NTLM is a challenge/response-based authentication protocol. Problem An NTLM credential reflection vulnerability allows a remote...

9.3CVSS6.6AI score0.59136EPSS
Exploits9
saint
saint
•added 2009/05/06 12:0 a.m.•48 views

Symantec Alert Management System Intel File Transfer service command execution

Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...

9.3CVSS7.2AI score0.08036EPSS
Exploits5
saint
saint
•added 2009/05/06 12:0 a.m.•33 views

Symantec Alert Management System Intel File Transfer service command execution

Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...

9.3CVSS7.1AI score0.08036EPSS
Exploits5
saint
saint
•added 2009/05/06 12:0 a.m.•24 views

Symantec Alert Management System Intel File Transfer service command execution

Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...

9.3CVSS7.1AI score0.08036EPSS
Exploits5
saint
saint
•added 2009/05/06 12:0 a.m.•43 views

Symantec Alert Management System Intel File Transfer service command execution

Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...

9.3CVSS7.1AI score0.08036EPSS
Exploits5
saint
saint
•added 2009/05/05 12:0 a.m.•25 views

Symantec Alert Management System Intel Alert Originator Service msgsys.exe buffer overflow

Added: 05/05/2009 CVE: CVE-2009-1430 BID: 34674 OSVDB: 54159 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel Alert Originator IAO service is a component of AMS2. The msgsys.exe process is a preprocessor for the IAO service and listens on TCP...

9.3CVSS7.8AI score0.55088EPSS
Exploits9
saint
saint
•added 2009/05/05 12:0 a.m.•40 views

Symantec Alert Management System Intel Alert Originator Service msgsys.exe buffer overflow

Added: 05/05/2009 CVE: CVE-2009-1430 BID: 34674 OSVDB: 54159 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel Alert Originator IAO service is a component of AMS2. The msgsys.exe process is a preprocessor for the IAO service and listens on TCP...

9.3CVSS7.8AI score0.55088EPSS
Exploits9
saint
saint
•added 2009/05/05 12:0 a.m.•22 views

Symantec Alert Management System Intel Alert Originator Service msgsys.exe buffer overflow

Added: 05/05/2009 CVE: CVE-2009-1430 BID: 34674 OSVDB: 54159 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel Alert Originator IAO service is a component of AMS2. The msgsys.exe process is a preprocessor for the IAO service and listens on TCP...

9.3CVSS7.8AI score0.55088EPSS
Exploits9
saint
saint
•added 2009/05/05 12:0 a.m.•41 views

Symantec Alert Management System Intel Alert Originator Service msgsys.exe buffer overflow

Added: 05/05/2009 CVE: CVE-2009-1430 BID: 34674 OSVDB: 54159 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel Alert Originator IAO service is a component of AMS2. The msgsys.exe process is a preprocessor for the IAO service and listens on TCP...

9.3CVSS7.8AI score0.55088EPSS
Exploits9
saint
saint
•added 2009/05/04 12:0 a.m.•45 views

Internet Explorer WinINet credential reflection vulnerability

Added: 05/04/2009 CVE: CVE-2009-0550 BID: 34439 OSVDB: 53619 Background The Windows Internet WinINet application programming interface API provides applications with an implementation of standard protocols such as FTP and HTTP. Problem An NTLM credential reflection vulnerability allows a remote w...

9.3CVSS6.4AI score0.11843EPSS
Exploits5
saint
saint
•added 2009/05/04 12:0 a.m.•45 views

Internet Explorer WinINet credential reflection vulnerability

Added: 05/04/2009 CVE: CVE-2009-0550 BID: 34439 OSVDB: 53619 Background The Windows Internet WinINet application programming interface API provides applications with an implementation of standard protocols such as FTP and HTTP. Problem An NTLM credential reflection vulnerability allows a remote w...

9.3CVSS8.8AI score0.11843EPSS
Exploits5
saint
saint
•added 2009/05/04 12:0 a.m.•56 views

Internet Explorer WinINet credential reflection vulnerability

Added: 05/04/2009 CVE: CVE-2009-0550 BID: 34439 OSVDB: 53619 Background The Windows Internet WinINet application programming interface API provides applications with an implementation of standard protocols such as FTP and HTTP. Problem An NTLM credential reflection vulnerability allows a remote w...

9.3CVSS8.1AI score0.11843EPSS
Exploits5
saint
saint
•added 2009/05/04 12:0 a.m.•57 views

Internet Explorer WinINet credential reflection vulnerability

Added: 05/04/2009 CVE: CVE-2009-0550 BID: 34439 OSVDB: 53619 Background The Windows Internet WinINet application programming interface API provides applications with an implementation of standard protocols such as FTP and HTTP. Problem An NTLM credential reflection vulnerability allows a remote w...

9.3CVSS8.8AI score0.11843EPSS
Exploits5
saint
saint
•added 2009/04/29 12:0 a.m.•44 views

Microsoft SQL Server spreplwritetovarbin Buffer Overflow

Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...

9CVSS10AI score0.87036EPSS
Exploits12
saint
saint
•added 2009/04/29 12:0 a.m.•41 views

Microsoft SQL Server spreplwritetovarbin Buffer Overflow

Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...

9CVSS10AI score0.87036EPSS
Exploits12
saint
saint
•added 2009/04/29 12:0 a.m.•24 views

Microsoft SQL Server spreplwritetovarbin Buffer Overflow

Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...

9CVSS10AI score0.87036EPSS
Exploits12
saint
saint
•added 2009/04/29 12:0 a.m.•126 views

Microsoft SQL Server spreplwritetovarbin Buffer Overflow

Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...

9CVSS10AI score0.87036EPSS
Exploits12
saint
saint
•added 2009/04/23 12:0 a.m.•35 views

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

9.3CVSS6.7AI score0.33616EPSS
Exploits5
saint
saint
•added 2009/04/23 12:0 a.m.•60 views

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

9.3CVSS6.7AI score0.33616EPSS
Exploits5
saint
saint
•added 2009/04/23 12:0 a.m.•45 views

Microsoft Excel SST record code execution

Added: 04/23/2009 CVE: CVE-2009-0238 BID: 33870 OSVDB: 52695 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

9.3CVSS6.3AI score0.43063EPSS
Exploits4
saint
saint
•added 2009/04/23 12:0 a.m.•34 views

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

9.3CVSS6.7AI score0.33616EPSS
Exploits5
saint
saint
•added 2009/04/23 12:0 a.m.•30 views

Microsoft Excel SST record code execution

Added: 04/23/2009 CVE: CVE-2009-0238 BID: 33870 OSVDB: 52695 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

9.3CVSS6.3AI score0.43063EPSS
Exploits4
saint
saint
•added 2009/04/23 12:0 a.m.•42 views

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

9.3CVSS6.7AI score0.33616EPSS
Exploits5
saint
saint
•added 2009/04/23 12:0 a.m.•41 views

Microsoft Excel SST record code execution

Added: 04/23/2009 CVE: CVE-2009-0238 BID: 33870 OSVDB: 52695 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

9.3CVSS6.3AI score0.43063EPSS
Exploits4
saint
saint
•added 2009/04/23 12:0 a.m.•34 views

Microsoft Excel SST record code execution

Added: 04/23/2009 CVE: CVE-2009-0238 BID: 33870 OSVDB: 52695 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

9.3CVSS6.4AI score0.43063EPSS
Exploits4
saint
saint
•added 2009/04/20 12:0 a.m.•29 views

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

9.3CVSS6.5AI score0.67539EPSS
Exploits5
saint
saint
•added 2009/04/20 12:0 a.m.•37 views

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

9.3CVSS6.5AI score0.67539EPSS
Exploits5
saint
saint
•added 2009/04/20 12:0 a.m.•30 views

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

9.3CVSS6.5AI score0.67539EPSS
Exploits5
saint
saint
•added 2009/04/20 12:0 a.m.•26 views

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

9.3CVSS6.5AI score0.67539EPSS
Exploits5
saint
saint
•added 2009/04/17 12:0 a.m.•29 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
saint
saint
•added 2009/04/17 12:0 a.m.•28 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
saint
saint
•added 2009/04/17 12:0 a.m.•29 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
saint
saint
•added 2009/04/17 12:0 a.m.•30 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
saint
saint
•added 2009/04/10 12:0 a.m.•21 views

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

0.2AI score
Exploits0
saint
saint
•added 2009/04/10 12:0 a.m.•26 views

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

0.2AI score
Exploits0
saint
saint
•added 2009/04/10 12:0 a.m.•52 views

Oracle WebLogic Server IIS Connector JSESSIONID buffer overflow

Added: 04/10/2009 CVE: CVE-2008-5457 BID: 33177 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability in the WebLogic IIS connector allows remote attackers to execute arbitrary commands by sending a long, special...

10CVSS7.5AI score0.61309EPSS
Exploits12
Total number of security vulnerabilities4305