Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2018/01/10 12:0 a.m.59 views

CPP-Ethereum JSON-RPC admin_nodeInfo improper authorization Vulnerability(CVE-2017-12113)

Summary An exploitable improper authorization vulnerability exists in adminnodeInfo API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...

8.1AI score0.01485EPSS
Exploits2
seebug.org
seebug.org
added 2018/01/02 12:0 a.m.59 views

D-Link DSL-6850U Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes two 2 vulnerabilities found in D-Link DSL-6850U versions BZ1.00.01 – BZ1.00.09. D-Link DSL-6850U is a router “manufactured by D-Link for Bezeq in Israel” The vulnerabilities found are: Default Credentials Remote Command Execution Credit An...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2017/11/23 12:0 a.m.59 views

WebKit: out-of-bounds read in WebCore::SimpleLineLayout::RunResolver::runForPoint(CVE-2017-13784)

There is an out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. ASan log: ================================================================= ==30436==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x606000560c48 at pc...

6.8CVSS7AI score0.05787EPSS
Exploits4
seebug.org
seebug.org
added 2017/11/14 12:0 a.m.60 views

Foscam IP Video Camera webService dyndns.com DDNS Client Code Execution Vulnerability(CVE-2017-2856)

Summary An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating...

8.5AI score0.0166EPSS
Exploits2
seebug.org
seebug.org
added 2017/11/13 12:0 a.m.59 views

wget HTTP integer overflow(CVE-2017-13089)

That’s an interesting vulnerability in GNU wget. According to the wget project, this was reported by Antti Levomäki, Christian Jalio, Joonas Pihlaja of Forcepoint as well as Juhani Eronen of the Finnish National Cyber Security Centre. The vulnerability is in src/http.c source code file and more...

9.3CVSS8.9AI score0.79855EPSS
Exploits3
seebug.org
seebug.org
added 2017/09/13 12:0 a.m.59 views

FreeRDP Rdp Client License Read Challenge Packet Denial of Service Vulnerability(CVE-2017-2839)

Summary An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use ma...

6.9AI score0.01722EPSS
Exploits1
seebug.org
seebug.org
added 2017/06/08 12:0 a.m.59 views

xycms b_title parameter sql injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/05/12 12:0 a.m.59 views

Google Nexus 9 Cypress SAR Firmware Injection via I2C(CVE-2017-0563)

Product Google Nexus 9 Vulnerable Version Nexus 9 Android Builds before N4F27B - May 2017, i.e. before bootloader 3.50.0.0143. Mitigation Install N4F27B or later bootloader version 3.50.0.0143. Technical Details The Nexus 9 device contains a sensor SoC manufactured by Cypress. The sensor is manag...

9.3CVSS7.9AI score0.00889EPSS
Exploits3
seebug.org
seebug.org
added 2017/05/08 12:0 a.m.59 views

Joomla! Core XSS Vulnerability(CVE-2017-7985)

Joomla! is one of the world's most popular content management system CMS solutions. It enables users to build custom Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share. As of November 2016,...

4.3CVSS6.8AI score0.01333EPSS
Exploits2
seebug.org
seebug.org
added 2017/05/02 12:0 a.m.59 views

Heap Overflow Vulnerability in Citrix NetScaler Gateway (CVE-2017-7219)

After presenting my findings on the Swisscom router at the CybSecConference last year, I started looking for a new product to analyze. I quickly found that it’s possible to download virtual “demo” appliances of Citrix products, so I went on to download a Netscaler VPX, which at the time was at...

9CVSS9.7AI score0.04856EPSS
Exploits2
seebug.org
seebug.org
added 2017/04/13 12:0 a.m.59 views

OS Command Injection Vulnerability in ASG and CAS (CVE-2016-9091)

The Advanced Secure Gateway ASG and Content Analysis System CAS management consoles provide a web UI for appliance administrators to manage and monitor the respective appliance. Each management console provides limited functionality to administrators and does not provide them with access to the...

9CVSS7.7AI score0.10126EPSS
Exploits8
seebug.org
seebug.org
added 2017/03/20 12:0 a.m.59 views

Microsoft Internet Explorer Elevation of Privilege Vulnerability (CVE-2017-0154)

Original link: a Broken Browser Original author: Manuel Caballero Translation: Holic know Chong Yu 404 security lab Today we know from Internet Explorer since the birth there has been function. This feature allows the Web Developer instance of the external object, and therefore be the attacker to...

5.8CVSS6.5AI score0.10565EPSS
Exploits1
seebug.org
seebug.org
added 2017/03/16 12:0 a.m.59 views

RoundCube Webmail mail <1.0.5 body stored XSS(CVE-2015-1433)

RoundCube Webmail is a foreign use of a wide an open source php e-mail system, the meaning is still quite large. roundcube webmail official website: , download the latest version. /program/lib/Roundcube/rcubewashtml.php this file is actually a rich text filter class class rcubewashtml it. roundcu...

4.3CVSS8.5AI score0.03279EPSS
Exploits2
seebug.org
seebug.org
added 2016/11/02 12:0 a.m.59 views

Schneider Electric Magelis HMI Advanced Panel denial of service vulnerability (PanelShock)

IMPROPER IMPLEMENTATION OF HTTP GET REQUEST CVE-2016-8367 / SVE-82003201 The timeout value for closing an HTTP client's requests in the Web Gate service is too long and allows a malicious attacker to open multiple connections to the targeted web server and keep them open for as long as possible b...

7.8CVSS6.2AI score0.04301EPSS
Exploits1
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.59 views

phpwind V9.0 /windid/admin.php 验证码绕过漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.59 views

用友致远A6协同系统messageViewer.jsp三处SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/11 12:0 a.m.59 views

多款Adobe产品整数溢出漏洞CVE-2014-0569

漏洞类型:整数溢出漏洞 影响组件介绍:Adobe Flash Player、Adobe AIR SDK和Adobe AIR SDK & Compiler都是美国奥多比(Adobe)公司的产品。Adobe Flash Player是一款多媒体播放器产品;Adobe AIR SDK和Adobe AIR SDK & Compiler都是适用于Adobe AIR(一个跨操作系统的运行时环境)的标准开发工具包。 漏洞分析: 原因: action script...

10CVSS6.5AI score0.90208EPSS
Exploits5
seebug.org
seebug.org
added 2015/09/22 12:0 a.m.59 views

FE协作办公平台 /servlet/ChangeBGServlet 任意文件上传漏洞

漏洞文件:/servlet/ChangeBGServlet漏洞参数:skinName影响版本:FE5.5.2及以下版本代码片段: public void doGetHttpServletRequest request, HttpServletResponse response throws ServletException, IOException String savePath = getServletConfig.getServletContext.getRealPath""; String themeDir =...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2015/08/27 12:0 a.m.59 views

网康VPN设备6.3.1越权访问

网康vpn设备虽然设置了授权访问,但是大部分页面可以越权绕过访问。1,https://xx.xx.xx.x/vpnweb/bulletin.php?para=admin/index.php绕过认证直接访问后台认证,使用burp抓包,得到url地址!网康vpn设备设计缺陷,可以远程直接重启。直接访问vpn设备的地址https://xxx.xx.xx.xx//admin/devicestatus.php点击重启,直接可以重启设备!影响的型号为6.3.1版本...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/04/07 12:0 a.m.59 views

致远软件某网站漏洞合集

简要描述: 致远软件某网站漏洞合集,能不能给20rank 详细说明: 致远软件自助服务网站 问题如下: SQL注入 问吧管理员弱口令 任意文件上传 漏洞证明: SQL注入证明------------开始 注入点为 http://support.seeyon.com/ask/base/QuestionHandler.ashx?callback=jsonp1428044230217&mode=list&title=ceshi 注入类型 获取数据库列表 SQL注入证明------------结束 问吧管理员弱口令证明------------开始 后台地址...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/02/11 12:0 a.m.59 views

某在线培训系统通用SQL注入漏洞

简要描述: 捡漏不易 详细说明: 捡漏一处: 该系统主要针对网上学习的。数据库里面包含有很多老师、学生的个人信息。 漏洞类型:SQL注入 危害度:高危 漏洞位置:WebOrg/UserRegist.aspx 参数:USERNAME 厂商:上海天柏信息科技有限公司 厂商网站:http://www.timber2005.com/ 漏洞证明: 关键字:inurl:webOrg 可自由构造 部分案例: http://webcourse.vixue.net/WebOrg/UserRegist.aspx http://www.gxkjks.com/WebOrg/UserRegist.aspx...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/02/05 12:0 a.m.59 views

ESPCMS 6.2 /interface/order.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/12/08 12:0 a.m.59 views

Wordpress wpDataTables Plugin 1.5.3 /wpdatatables.php SQL注入漏洞

wpdatatables.php // AJAX-handlers addaction 'wpajaxgetwdtable', 'wdtgetajaxdata' ; addaction 'wpajaxnoprivgetwdtable', 'wdtgetajaxdata' ; / Handler which returns the AJAX response / function wdtgetajaxdata $id = $GET'tableid'; $tabledata = wdtgettablebyid $id ; $columndata = wdtgetcolumnsbytablei...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (3)

No description provided by source. / $Id: raptorprctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ raptorprctl.c - Linux 2.6.x suiddumpable vulnerability Copyright c 2006 Marco Ivaldi [email protected] The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16...

4.6CVSS6.4AI score0.04387EPSS
Exploits17
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Washington University wu-ftpd 2.5 .0 message Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/726/info There is a buffer overflow in wu-ftpd message file expansions which may be remotely exploitable. In situations where the message file can be written to in some way remotely by regular or anonymous users, this may...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

HP Data Protector 6.20 EXEC_CMD Buffer Overflow Vulnerability

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ HP Data Protector EXECCMD Buffer Overflow Vulnerability 1. Advisory Information Title: HP Data Protector EXECCMD Buffer Overflow...

10CVSS6.5AI score0.2089EPSS
Exploits10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Webkit Normalize Bug - Android 2.2

No description provided by source. !-- CVE-2010-1759 webkit normalize bug Tested on Moto Droidx2 running 2.2. Droidx2 running 2.3 is vulnerable but exploit fails due to non-executable heap. Still working on a way around that : 2.1 - 2.3 emulator. The changes needed are documented in the code. The...

9.3CVSS8.8AI score0.15733EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (meta)

No description provided by source. $Id: suitlink.rb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

PHP/FI 1.0/FI 2.0/FI 2.0 b10 mylog/mlog Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/713/info The PHP/FI package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Spring Framework arbitrary code execution

No description provided by source. CVE-2010-1622: Spring Framework execution of arbitrary code Severity: Critical Vendor: SpringSource, a division of VMware Versions Affected: 3.0.0 to 3.0.2 2.5.0 to 2.5.6.SEC01 community releases 2.5.0 to 2.5.7 subscription customers Earlier versions may also be...

6CVSS9.6AI score0.52003EPSS
Exploits11
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Open&Compact FTP Server 1.2 (Gabriel's FTP Server) - Auth Bypass & Directory Traversal SAM Retrieval Exploit

No description provided by source. !/usr/bin/python Exploit Title: Open&Compact Ftp Server = 1.2 Auth bypass & directory traversal sam retrieval Date: Aug 7, 2013 By Wireghoul - http://www.justanotherhacker.com Based on Serge Gorbunov's auth bypass http://www.exploit-db.com/exploits/13932/ Softwa...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Manhali 1.8 - Local File Inclusion Vulnerability

No description provided by source. Exploit Title: Manhali v1.8 Local File Inclusion Vulnerability Date: 20/09/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.manhali.com/ Software Link:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.60 views

MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

9.3CVSS0.2AI score0.70121EPSS
Exploits21
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

php blue dragon cms 3.0.0 - Remote File Inclusion Vulnerability

No description provided by source. // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zaprasza...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Joomla Media Manager File Upload Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Konqueror 4.7.3 Memory Corruption

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20121010 Date: 10th October 2012 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Konqueror 4.7.3...

9.3CVSS0.2AI score0.12599EPSS
Exploits10
seebug.org
seebug.org
added 2014/04/09 12:0 a.m.59 views

Linux Kernel 'handle_rx()'函数拒绝服务漏洞

Bugtraq ID:66678 CVE ID:CVE-2014-0077 Linux Kernel是Linux操作系统的内核。 Linux kernel在handlerx函数处理较大数据包时存在拒绝服务漏洞,攻击者可利用此漏洞使受影响应用崩溃。 0 Linux kernel 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://www.kernel.org/...

5.5CVSS0.00816EPSS
Exploits1
seebug.org
seebug.org
added 2014/03/04 12:0 a.m.59 views

KVM &quot;complete_emulated_mmio()&quot;内存破坏漏洞

CVE ID:CVE-2014-0049 Linux Kernel是一款开源的操作系统。 由于处理重复模拟推送时"completeemulatedmmio"方法中的错误,可导致内存破坏。 0 KVM Kernel-based Virtual Machine 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a08d3b3b...

7.4CVSS0.00775EPSS
Exploits1
seebug.org
seebug.org
added 2013/09/26 12:0 a.m.59 views

songcms 3.16 /global.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/09/18 12:0 a.m.59 views

Linux Kernel 'sctp_v6_xmit()'函数信息泄露漏洞(CVE-2013-4350)

BUGTRAQ ID: 62405 CVECAN ID: CVE-2013-4350 Linux Kernel是Linux操作系统的内核。 Linux kernel在sctpv6xmit中存在ipv6加密bug,攻击者可利用此漏洞泄露敏感信息。 0 Linux kernel 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/...

5CVSS0.2AI score0.04144EPSS
Exploits2
seebug.org
seebug.org
added 2013/06/30 12:0 a.m.59 views

WordPress 3.5.1 crypt_private()远程拒绝服务漏洞(CVE-2013-2173)

No description provided by source...

4.3CVSS0.9AI score0.03373EPSS
Exploits2
seebug.org
seebug.org
added 2012/11/09 12:0 a.m.59 views

Ecshop 2.7.3 user.php Sql注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/10/16 12:0 a.m.59 views

phpMyAdmin 3.5.x HTML注入漏洞

Bugtraq ID:55925 CVE ID:CVE-2012-5339 phpMyAdmin是一款基于PHP的MySQL管理程序。 phpMyAdmin Trigger, Procedure和Event页面不正确转义HTML输出,使用特殊名创建/修改trigger, event或procedure时,可触发跨站脚本攻击,可获得敏感信息或劫持用户会话。 0 phpMyAdmin 3.5.x 厂商解决方案 phpMyAdmin 3.5.3已经修复此漏洞,建议用户下载使用: http://www.phpmyadmin.net/...

3.5CVSS6.5AI score0.01449EPSS
Exploits1
seebug.org
seebug.org
added 2012/07/10 12:0 a.m.59 views

Apache Hadoop信息泄露漏洞

BUGTRAQ ID: 54358 CVE ID: CVE-2012-3376 Hadoop是Apache软件基金会所研发的开放源码并行运算编程工具和分散式档案系统。 Apache Hadoop 2.0.0-alpha在实现上存在信息泄露漏洞,成功利用后可允许攻击者获取敏感信息。 0 Apache Group Hadoop 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...

7.5CVSS6.5AI score0.02655EPSS
Exploits1
seebug.org
seebug.org
added 2012/05/09 12:0 a.m.59 views

Microsoft Windows TrueType字体引擎远程代码执行漏洞(CVE-2012-0159)(MS12-034)

BUGTRAQ ID: 53335 CVE ID: CVE-2012-0159 Microsoft Windows是流行的计算机操作系统。 受影响的组件处理特制 TrueType 字体文件的方式中存在一个远程执行代码漏洞。如果用户打开特制的 TrueType 字体文件,该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 0 Microsoft Windows XP Professional x64 Edition SP Microsoft Windows Windows XP...

9.3CVSS6.3AI score0.26816EPSS
Exploits1
seebug.org
seebug.org
added 2012/05/09 12:0 a.m.59 views

Microsoft Windows本地键盘布局处理权限提升漏洞(CVE-2012-0181)(MS12-034)

BUGTRAQ ID: 53326 CVE ID: CVE-2012-0181 Microsoft Windows是流行的计算机操作系统。 Windows内核模式驱动程序管理键盘布局文件的方式中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。攻击者随后可安装程序;查看、更改或删除数据;或者创建拥有完全管理权限的新帐户。 0 Microsoft Windows Windows XP Service Pack 3 0 Microsoft Windows Windows XP Professional x64 Ed Microsoft Windows Windows ...

7.2CVSS6.3AI score0.03401EPSS
Exploits1
seebug.org
seebug.org
added 2012/02/28 12:0 a.m.59 views

MySQL 5.5.20不明细节远程代码执行漏洞

BUGTRAQ ID: 52154 MySQL是一个小型关系型数据库管理系统,开发者为瑞典MySQLAB公司,在2008年1月16号被Sun公司收购。 MySQL在实现上存在远程代码执行漏洞,攻击者可利用此漏洞执行任意代码。 0 Oracle MySQL 5.5.20 厂商补丁: Oracle ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.oracle.com/technetwork/topics/security/...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2011/05/26 12:0 a.m.59 views

PHP &lt;= 5.3.5 socket_connect() Buffer Overflow Vulnerability

No description provided by source. ?php // Credit: Mateusz Kocielski, Marek Kroemeke and Filip Palian // Affected Versions: 5.3.3-5.3.6 echo "+ CVE-2011-1938"; echo "+ there we go...\n"; define'EVILSPACEADDR', "\xff\xff\xee\xb3"; define'EVILSPACESIZE', 102410248; $SHELLCODE =...

7.5CVSS0.6AI score0.22724EPSS
Exploits13
seebug.org
seebug.org
added 2011/03/18 12:0 a.m.59 views

PHP &quot;substr_replace()&quot;释放后重用远程内存破坏漏洞

BUGTRAQ ID: 46843 CVE ID: CVE-2011-1148 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的"substrreplace"函数在实现上存在释放后重用远程内存破坏漏洞,远程攻击者可利用此漏洞在网络服务器中执行任意代码,造成拒绝服务。 此漏洞源于在将同一个变量多次发送到"substrreplace"函数时,PHP会使该函数中的三个变量使用同一个指针,所以当函数中的类型转换更改了该指针,该指针也会使其他变量无效。 PHP PHP 5.3.x PHP PHP 5.2.x 厂商补丁: PHP ---...

7.5CVSS8.2AI score0.04609EPSS
Exploits1
seebug.org
seebug.org
added 2010/10/17 12:0 a.m.59 views

Microsoft Office HtmlDlgHelper Class Memory Corruption

No description provided by source. Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com Microsoft Office HtmlDlgHelper class memory corruption 1. Advisory Information Title: Microsoft Office HtmlDlgHelper class memory corruption Advisory Id: CORE-2010-0517 Advisory URL:...

9.3CVSS0.28842EPSS
Exploits7
Total number of security vulnerabilities5000