47153 matches found
IBM Lotus Notes code execution
URI handler command injection...
[security bulletin] HPSBUX02806 SSRT100789 rev.2 - HP Serviceguard, Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03457976 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03457976 Version: 2 HPSBUX02806...
ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-152 August 22, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...
EMC Autostart buffer overflow
Multiple buffer overflows...
Microsoft Office multiple security vulnerabilities
Memory corruption on RTF parsing, multiple Excel memory corruptions, memory corruption in Visio Viewer...
ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-160 August 22, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-158 August 22, 2012 - -- CVE ID: CVE-2012-1891 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
ZDI-12-159 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-159 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-159 August 22, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-161 August 22, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-157 August 22, 2012 - -- CVE ID: CVE-2012-1847 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
ZDI-12-156 : Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-156 : Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-156 August 22, 2012 - -- CVE ID: CVE-2012-2493 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -...
Microsoft Windows multiple security vulnerabilities
Microsoft XML Services memory corruption, ADO memory corruption, kernel drivers vulnerabilities, Window Shell command injection, TLS vulnerabilities...
[USN-1541-1] libotr vulnerability
========================================================================== Ubuntu Security Notice USN-1541-1 August 16, 2012 libotr vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
SAP Crystal Reports buffer overflow
Buffer overflow on network data parsing...
ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerabilty
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-140 August 17, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
[slackware-security] emacs (SSA:2012-228-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security emacs SSA:2012-228-02 New emacs packages are available for Slackware 13.1, 13.37, and -current to fix a security issue. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...
emacs protection bypass
"enable-local-variables" doesn't work...
ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-138 August 17, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
SAP Business Objects Financial Consolidation ActiveX buffer overflow
CtAppReg.dll buffer overflow...
Microsoft Exchange Server WebReady Document Viewing multiple security vulnerabilities
Multiple vulnerabilities in embedded Oracle Outside In technology...
rssh restrictions bypass
It's possible to execute shell commands...
McAfee SmartFilter Administration Server code execution
Code excution via RMI services...
ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-139 August 17, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: SAP - ...
NGS00288 Patch Notification: Windows Remote Desktop Memory Corruption Leading to RCE on XP SP3
High Risk Vulnerability in Microsoft Windows Remote Desktop 17 August 2012 Edward Torkington of NCC Group has discovered a High risk vulnerability in Microsoft Windows Remote Desktop Impact: Remote Code Execution Versions affected: Windows XP SP3 An updated version of the software has been releas...
Internet Explorer Script Interjection Code Execution
Internet Explorer Script Interjection Code Execution Derek Soeder [email protected] Reported: January 26, 2012, to SecuriTeam Secure Disclosure http://www.beyondsecurity.com/ssd.html Published: August 16, 2012 AFFECTED VENDOR --------------- Microsoft Corporation AFFECTED ENVIRONMENTS...
ZDI-12-141 : Microsoft .NET Framework Clipboard Unsafe Memory Access Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-141 : Microsoft .NET Framework Clipboard Unsafe Memory Access Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-141 August 17, 2012 - -- CVE ID: CVE-2012-1855 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
[ MDVSA-2012:135 ] wireshark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:135 http://www.mandriva.com/security/ Package : wireshark Date : August 16, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and corrected in Wireshark: The DCP ET...
Cisco IOS XR DoS
Crash on received packet processing...
[SECURITY] [DSA 2530-1] rssh security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2530-1 [email protected] http://www.debian.org/security/ Florian Weimer August 15, 2012 http://www.debian.org/security/faq -...
Oracle Java multiple security vulnerabilities
14 different vulnerabilities...
Microsoft Windows multiple security vulnerabilities
RDP user-after-free, Remote Administration Protocol multiple security vulnerabilities, Print Spooler Service format string vulnerability, user-after-free in win32k.sys...
Apple QuickTime multiple security vulnerabilities
Multiple memory corruption on different multimedia formats parsing, crossite scripting...
GIMP script-fu buffer overflow
Buffer overflow on message parsing, shell execution...
Wireshark security vulnerabilities
Few different DoS conditions in NFS and PPP dissectors...
GIMP Scriptfu Python Remote Command Execution
Summary ======= There is an arbitrary command execution vulnerability in the scriptfu network server console in the GIMP 2.6 branch. It is possible to use a python scriptfu command to run arbitrary operating-system commands and potentially take full control of the host. The advisory is posted her...
Microsoft Visio buffer overflow
Buffer overflow on DXF files prasing...
libotr multiple buffer overflows
multiple heap overflows...
Microsoft Internet Explorer multiple security vulnerabilities
Memory corruptions, integer overflow, function pointer corruption...
ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-144 August 17, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
ZDI-12-137 : Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-137 : Apple Mac OS X libsecuritycdsaplugin Malloc Integer Truncation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-137 August 17, 2012 - -- CVE ID: CVE-2012-0651 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C...
Microsoft Windows multiple security vulnerabilities
Code execution via .Net, kernel and different kernel drivers privilege escalation...
ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-142 August 17, 2012 - -- CVE ID: CVE-2012-1713 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...
Apple Mac OS X multiple security vulnerabilities
Multiple vulnerabilities in different subsystems...
ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-143 August 17, 2012 - -- CVE ID: CVE-2012-1888 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Microsoft ...
ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-136 August 17, 2012 - -- CVE ID: CVE-2011-3220 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability
A security oversight has been discovered in LedgerSMB 1.3 which could allow a malicious user to cause a denial of service against LedgerSMB or otherwise affect the way in which certain forms of data would get entered. In most cases we do not believe this to be particularly severe in the absence o...
ZDI-12-130 : Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-130 : Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-130 August 3, 2012 - -- CVE ID: CVE-2011-3458 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affecte...
libxml integer overflows
Multiple integer overflows...
[ MDVSA-2012:127 ] libtiff
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:127 http://www.mandriva.com/security/ Package : libtiff Date : August 8, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: A vulnerability was found and corrected in libtiff: A heap-based buff...
Microsoft Windows multiple security vulnerabilities
TCP/IP privilege escalation, partition manager privilege escalation, multiple security vulnerabililities in .Net, Silverlight, font management, GDI+, window components, etc...