16763 matches found
(0Day) WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 Connect Method Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebGate eDVR Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CMapElement Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(Mobile Pwn2Own) Apple iOS SSL Sandbox Bypass Vulnerability
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple iOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SSL...
ManageEngine Password Manager Pro UploadAccountActivities filename Directory Traversal Denial of Service Vulnerability
This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of ManageEngine Password Manager Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UploadAccountActivities servlet. The issue lies in...
Adobe Flash Player Regular Expression Object Out-Of-Bound Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose arbitrary memory on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Regular Expressio...
SAP SQL Anywhere .NET Data Provider SPACE Function Heap Overflow Code Execution Vulnerability
This allows attackers to execute arbitrary code on applications which pass user provided data to the vulnerable API in SAP SQL Anywhere. The specific flaw exists within the handling of the SPACE function. If an application allows untrusted input to be used as the length of a SPACE function in a...
Dell Sonicwall GMS Virtual Appliance Multiple Remote Code Execution Vulnerabilities
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Dell SonicWALL Global Management System GMS virtual appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the GMS ViewPoint GMSVP web application...
Microsoft Word Style Tag Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
Hewlett-Packard Network Node Manager ovopi.dll Option -L Stack Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on a UDP port 696. When parsin...
Hewlett-Packard Network Node Manager ovopi.dll Stack Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on UDP port 696. When parsing...
Novell Groupwise Administration Server FileUploadServlet poLibMaintenanceFileSave Information Disclosure Vulnerability
This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Novell Groupwise. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of the poLibMaintenanceFileSave parameter within the FileUploadServlet...
Microsoft Internet Explorer CScriptData Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Attachmate Reflection Secure FTP Client rftpcom.dll SaveSettings Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Attachmate Reflection Secure FTP Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Microsoft Internet Explorer CTableRow Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
AlienVault OSSIM av-centerd Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault OSSIM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the av-centerd SOAP service. The issue lies in the handling of the requests due to a...
Advantech WebAccess Remote Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication requirements on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ChkCookieNoRedir function. By providing arbitrary values to certai...
(Pwn2Own) Microsoft Windows DirectShow Privilege Escalation Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...
Cogent DataHub Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent DataHub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetPermissions.asp component of the web server. This active server page is vulnerab...
Microsoft Internet Explorer Heap Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Hewlett-Packard Data Protector Backup Client Service Opcode 42 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute remote code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on TCP port 5555...
Microsoft Internet Explorer CSelectTracker Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Oracle BPEL Process Manager ScriptServlet Remote Code Execution Vulnerability
This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Oracle BPEL Process Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ScriptServlet. It suffers of a directory traversal vulnerability...
GE Proficy CIMPLICITY CimWebServer Password Decode Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy CIMPLICITY. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CimWebServer component. This component performs insufficient bounds checking...
Oracle Java CMMImageLayout Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CMMImageLayout...
Mozilla Firefox mozVibrate Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the construction...
Novell GroupWise Messenger import Command Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise Messenger. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Oracle Java JavaFX D3DRendererDelegate Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JavaFX...
Hewlett-Packard LeftHand Virtual SAN Appliance Hydra Ping Hostname Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra service, specifically with the LHNModParam component. This process...
Hewlett-Packard LeftHand Virtual SAN Appliance Hydra Set Disk Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra service, specifically with the hel.module component. This process...
IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus iNotes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dwa85W.cab...
EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Autostart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ftAgent.exe service, which listens by default on TCP port 8045. When handling messag...
Apple QuickTime H264 Picture Width Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QuicktimeH26...
Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib.dll...
Adobe Reader U3D PCX Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image...
Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...
Symantec Veritas Storage Foundation vxsvc.exe ASCII String Unpacking Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within vxsvc.exe. The problem affecting the part of...
WebKit ContentEditable Inline Style Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit as utilized by either Apple Safari, or Google's Chrome browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...
Symantec Web Gateway forget.php SQL Injection Vulnerability
This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of the Symantec Web Gateway appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the username parameter of POST requests to the forget.php script. The...
Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...
Microsoft PowerPoint TimeColorBehaviorContainer Floating Point Record Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how...
Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Calendar Manager RPC Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CMSD server rpc.cmsd which listens by default on UDP port 32768. The...
Adobe Acrobat Reader U3D Texture psd RLE Decompression Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(0Day) Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw occurs when parsing a document...
(0Day) Lotus Domino Server diiop getEnvironmentString Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the ndiiop.exe component which listens by default on a dynamic TCP port. When handling a GIOP...
Symantec AMS Intel Alert Handler Modem String Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.ex...
RealNetworks RealPlayer ICY Protocol StreamTitle Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerability installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must open a malicious SHOUTcast Stream. The specific flaw exists in the processing of the...
Apple QuickTime PICT directBitsRect Pack3 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...
Microsoft Office PowerPoint Unknown Animation Node Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Powerpoint 2003. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...