16763 matches found
HP Business Process Monitor tp_bpm_admin.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Business Process Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the tpbpmadmin.exe server which listens by default...
Hewlett-Packard Intelligent Management Center CommonUtils Static DES/ECB Decryption Key Vulnerability
This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CommonUtil class. This application uses a stat...
Oracle Java NumberFormatter and RealTimeSequencer Sandbox Bypass Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...
HP PCM+ AgentController Servlet Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus. Authentication is not required to exploit this vulnerability. The specific flaws exist within the Agent servlet. This servlet is vulnerable to a command injection vulnerability when...
(0Day) (Mobile Pwn2Own) Polaris Viewer DOCX VML Shape Tag Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable Polaris Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the parsing of a DOCX file. A tag associated with a VML shap...
Adobe Flash Player Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the PCM processing...
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 259 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 259, the...
Apple QuickTime 3GP Parsing Remote Code Execution Vunerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
Microsoft Internet Explorer VML TextBox Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Oracle Document Capture BlackIceDevMode.ocx ActiveX Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Document Capture. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Oracle Java t2k.dll glyph_AddPoint() Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t2k.dll...
Microsoft Internet Explorer RDP ActiveX Control Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Remo...
Oracle Java t2k Type1 Subroutine Indexing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Cisco Clean Access Manager filter SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Clean Access Manager. Authentication is not required to exploit this vulnerability. The specific flaw is in the handling of filter URL parameters when constructing SQL database queries. By...
Mozilla Firefox obj_toSource Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the objtoSource...
Oracle Java JavaFX WCGraphicsManager Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JavaFX...
Microsoft Internet Explorer CMarkup outerText Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Novell iPrint nipplib.dll client-file-name Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...
Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the coda.exe process which listens on a random TCP port by default. The...
Apple Quicktime TeXML Style Element Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X...
DataDirect OpenAccess oaagent.exe GIOP Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of DataDirect SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application parses a packet that is received. When parsing a field in thi...
RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Real Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within rn4auth.dll, which is responsible for parsing authentication credentials. When the...
Symantec Web Gateway upload_file Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists because Symantec Web Gateway allows unauthenticated users to upload a file while...
HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP...
LibTIFF TileSize Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LibTIFF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the LibTIFF Library and...
IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 Multiple Remote Code Execution Vulnerabilities
IBM Tivoli Provisioning Manager soapServlet SOAP Message Printer.getPrinterAgentKey SQL Injection Vulnerability This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Provisioning Manager Express for Software Distribution. Authentication is...
(0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Diagnostics server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the HP Diagnostics server handles incomming packets with 0x00000000 as t...
Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...
EMC Autostart Domain Name Logging Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart High Availability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the packet error handling of the application. When building an error...
CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite r12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module CA Gateway Security for HTTP, which responds to...
Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Intern...
Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...
Sybase OneBridge Mobile Data Suite Format String Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase OneBridge Mobile Data Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the iMailGatewayService server process ECTrace.dll which listens fo...
Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GlassFish Application Server and Oracle Java Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Web Administration component which...
CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Endpoint. Authentication is not required to exploit this vulnerability. The specific flaw exists within CA.Itm.Server.ManagementWS.dll. Due to a failure to properly sanitize...
RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the temporary fil...
(0Day) Hewlett-Packard Data Protector Cell Manager Service Authentication Bypass Vulnerability
This vulnerability allows an attacker to execute remote code on vulnerable installations of Hewlett-Packard Data Protector. User interaction is not required to exploit this vulnerability. The specific flaw exists within the Cell Manager Service which listens by default on a random TCP port. The...
(0Day) IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nLDAP.exe component which listens by default on TCP port 389. When handling the an LDAP Bi...
(0Day) Microsoft Office Excel Axis Properties Record Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application...
Novell GroupWise Internet Agent TZID Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwwww1.dll module responsible for parsing VCALENDAR data within e-mail messages...
Novell GroupWise Internet Agent REQUEST-STATUS Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwwww1.dll module responsible for parsing VCALENDAR data within e-mail messages...
RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is requires in that a target must navigate to a malicious page. The specific flaw exists within the HandleAction method of the RealPlayer ActiveX control...
RealNetworks RealPlayer RTSP GIF Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious media file. The specific flaw exists in the...
RealNetworks RealPlayer Multiple Protocol Handlers Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the RealPlayer ActiveX control...
Oracle Java ActiveX Plugin Uninitialized Window Handle Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle's Java platform that utilize the ActiveX Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...
Oracle Database Java Stored Procedure Race Condition Remote Code Execution Vulnerability
This vulnerability allows remote attackers to break out of the Java Sandbox implemented by Oracle's relational database. Authentication is required in that a user must be able to create a Java stored procedure to trigger the issue. The specific flaw exists within Oracle's custom SecurityManager...
Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...