CVE Cross Reference 2011
The information on this page may be obsolete. For the current documentation, please log into the mySAINT portal using your customer login and password.
Current CVEs
| CVE Description | SAINT®® Tutorial | SAINT®® Vuln. ID | SANS Top 20 | ||
 |
libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag. |
IBM Rational AppScan vulnerabilities MacOSX vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver misc_macosx_version web_dev_tomcatver |
||
 |
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." |
VMWare ESX vulnerabilities MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via multiple search requests. |
Red Hat Directory Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatdirectoryver | ||
|
Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory. |
Red Hat Directory Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatdirectoryver | ||
|
Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka "DSN Overflow Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_mdacrce11002 | ||
|
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118. |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_mdacrce11002 | ||
|
WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Word documents, which allows remote attackers to execute arbitrary code via a crafted .doc file, aka "WordPad Converter Parsing Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_wordpadconv | ||
|
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_rdcill | ||
|
The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Elevation of Privilege Vulnerability," a different vulnerability than CVE-2010-0023. |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_csrss11010 | ||
|
The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsoft Windows Server 2008 R2 and Windows 7 do not properly load decoded scripts obtained from web pages, which allows remote attackers to trigger memory corruption and consequently obtain sensitive information via a crafted web site, aka "Scripting Engines Information Disclosure Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_vbscript | ||
|
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Digital Video Recording (.dvr-ms), Windows Recorded TV Show (.wtv), or .mpg file, aka "DirectShow Insecure Library Loading Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_mediacentertvms11015 win_patch_mediams11015 |
||
|
The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted font, aka "OpenType Font Encoded Character Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_opentypefontrce1 | ||
|
Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted parameter values in an OpenType font, aka "OpenType Font Stack Overflow Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_opentypecff11032 | ||
|
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0036. |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to a "dangling pointer," aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0035. |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v8 | ||
|
The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LSASS Length Validation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_lsasslen | ||
|
The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka "Active Directory SPN Validation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_adspndos | ||
|
Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability." |
Windows updates needed Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_gdiplus11029 win_patch_office2002 |
||
|
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DVR-MS Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_mediacentertvms11015 win_patch_mediams11015 |
||
|
Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability." |
Windows Kerberos vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_kerberos | ||
|
The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_kern11011 | ||
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability." |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: URI in the URL (aka bug_file_loc) field, which allows remote attackers to conduct cross-site scripting (XSS) attacks against logged-out users via a crafted URI. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an "atom map" issue. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox | |||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox | ||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Improper User Input Validation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11012 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11012 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Pointer Confusion Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11012 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Improper Pointer Validation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11012 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11012 | ||
|
Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not prevent a session from changing from strong encryption to DES encryption, which allows man-in-the-middle attackers to spoof network traffic and obtain sensitive information via a DES downgrade, aka "Kerberos Spoofing Vulnerability." |
Windows Kerberos vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_kerberos | ||
|
The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been fully initialized, which triggers memory corruption, aka "Visio Object Memory Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_visio2002ormelems win_patch_visio2003ormelems win_patch_visio2007ormelems |
||
|
ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Data Type Memory Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_visio2002ormelems win_patch_visio2003ormelems win_patch_visio2007ormelems |
||
|
Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 |
||
|
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11026 | ||
|
Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted 400h substream in an Excel file, which triggers a stack-based buffer overflow, aka "Excel Integer Overrun Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excel2010 win_patch_excelcpack win_patch_excelcpack2010 win_patch_excelview win_patch_excelview2007 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via an XLS file with a large record size, aka "Excel Heap Overflow Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excel2010 win_patch_excelcpack win_patch_excelcpack2010 win_patch_excelview win_patch_excelview2007 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RealTimeData record, related to a stTopic field, double-byte characters, and an incorrect pointer calculation, aka "Excel Record Parsing WriteAV Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excelxp | ||
|
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel file, aka "Excel Memory Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer Overwrite Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Office Component Insecure Library Loading Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office11023 | ||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during layout actions for floating blocks associated with pseudo-elements, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to a "dangling pointer" and iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement the .sort function for JavaScript arrays, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the Same Origin Policy and inject Cascading Style Sheets (CSS) token sequences via a crafted web site. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavailability) via a crafted web site that conducts a cache-poisoning attack. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via vectors related to the dragging of content. NOTE: this might overlap CVE-2011-0778. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console._inspectorCommandLineAPI property, which allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile in a JPEG image. |
iTunes vulnerabilities MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes misc_macosx_version web_client_safari |
||
|
AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an AppleScript Studio application. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code via a document that contains a crafted embedded OpenType font. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service (lockd, statd, mountd, or portmap outage) via a crafted packet, related to an "integer truncation issue." |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an Excel spreadsheet with a crafted formula that uses unspecified opcodes. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
 |
Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue." |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. |
iTunes vulnerabilities MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes misc_macosx_version web_client_safari |
||
|
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information. |
BlackBerry vulnerabilities iTunes vulnerabilities MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_blackberry_image misc_itunes misc_macosx_version web_client_safari |
||
|
Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202. |
MacOSX vulnerabilities Safari vulnerabilities HP SMH vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_client_safari web_tool_hpsmh |
||
|
AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow. |
iTunes vulnerabilities MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes misc_macosx_version web_client_safari |
||
|
Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow. |
MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_client_safari |
||
|
Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document. |
MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_client_safari |
||
|
Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image. |
iTunes vulnerabilities MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes misc_macosx_version web_client_safari |
||
|
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings. |
MacOSX vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_client_safari |
||
|
The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site. |
VMWare ESX vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild web_client_safari |
||
|
Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011. |
FreeType vulnerabilities MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_lib_freetype misc_macosx_version |
||
|
Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue." |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file. |
QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_quicktime | ||
|
Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. |
QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_quicktime | ||
|
Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie. |
QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_quicktime | ||
|
Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file. |
QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_quicktime | ||
|
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. |
iTunes vulnerabilities MacOSX vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes misc_macosx_version |
||
|
The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does not prevent a system window from receiving keystrokes in the locked-screen state, which might allow physically proximate attackers to bypass intended access restrictions by typing into this window. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a malformed displayWidth option in the arg parameter. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Buffer overflow in the stringToSeconds function in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via large values of variables to jovgraph.exe. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) Source Node or (2) Destination Node variable. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long data_select1 parameter. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long text1 parameter. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long schd_select1 parameter. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name. |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability." |
HP Openview vulnerabilities |
net_ovnodemgrnnmrptconfigbo | ||
|
Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class. |
HP OpenView Performance Insight vulnerabilities |
web_prog_cgi_opvipwd | ||
|
Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors. |
JetAdmin vulnerabilities |
web_tool_jetadminver | ||
|
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence. |
VMWare ESX vulnerabilities Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_kerberospkg |
||
|
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. |
VMWare ESX vulnerabilities Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_kerberospkg |
||
|
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request packet that does not trigger a response packet. |
Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_kerberospkg | ||
|
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data. |
Kerberos detected Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_kerberospkg net_asteriskver |
||
|
The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition. |
Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_kerberospkg | ||
|
Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors. |
BlackBerry vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_blackberry_routerver | ||
|
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors. |
BlackBerry vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_blackberry_ocsconnector | ||
|
Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to the lack of an error page for an application. |
WebSphere vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_webspherever | ||
|
The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status information via a direct request. |
WebSphere vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_webspherever | ||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. |
Legato NetWorker vulnerabilities Note: Authentication is required to detect this vulnerability |
rpc_legatocategory_version | ||
|
Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error." |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
 |
Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise mail_smtp_groupwisebo |
||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-2119, and CVE-2011-2122. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Lotus Notes email client vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_notesfilever | |||
|
Lotus Notes email client vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_notesfilever | |||
|
Lotus Notes email client vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_notesfilever | |||
|
Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method. |
InduSoft vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_indusoftissymbolax | ||
|
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different vulnerability than CVE-2011-0350. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth41891, a different vulnerability than CVE-2011-0349. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacsctj04707 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952. |
Cisco ASA vulnerabilities Cisco firewall vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacsctg69457 net_cisco_fswmcsctl84952 |
||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacsctg66583 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacsctk12352 | ||
|
The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack. |
PureFTPd vulnerabilities Cyrus imap version IMail vulnerabilities Postfix vulnerabilities MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
ftp_pureftpd mail_imap_cyrus mail_imap_imail mail_smtp_postfix misc_macosx_version |
||
|
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. |
dhcpd vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_dhcpver | ||
|
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update. |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_bindver | ||
|
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. |
MacOSX vulnerabilities IBM HTTP Server vulnerabilities Apache vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_dev_ibmhttpserver web_server_apache_version web_tool_hpsmh |
||
|
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized disk locations by reading a file. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a multi-page document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a PDF document that triggers an out-of-memory error. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism. |
AOL ICQ vulnerability Note: Authentication is required to detect this vulnerability |
misc_icqver | ||
|
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability." |
Sybase EAServer app server vulnerabilities |
web_server_easerver | ||
|
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request. |
Sybase EAServer app server vulnerabilities |
web_server_easerver | ||
|
FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information. |
Blackmoon FTP vulnerabilities |
ftp_blackmoonftp | ||
|
The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. |
Red Hat Directory Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatdirectoryver | ||
|
Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.22 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the extremecomponents table. |
Apache Archiva vulnerabilities Apache Continuum vulnerabilities |
web_prog_jsp_archivaver web_server_apache_continuum |
||
|
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request. |
MacOSX vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_dev_tomcatver |
||
|
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks. |
OpenSSH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
shell_ssh_openssh | ||
|
Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle attackers to execute NDMP commands via unspecified vectors. |
Veritas Backup Exec Note: Authentication is required to detect this vulnerability |
misc_backupexecver | ||
|
Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec Veritas Storage Foundation 5.1 and earlier, Veritas Storage Foundation Cluster File System (SFCFS) 5.1 and earlier, Veritas Storage Foundation Cluster File System Enterprise for Oracle RAC (SFCFSORAC) 5.1 and earlier, Veritas Dynamic Multi-Pathing (DMP) 5.1, and NetBackup PureDisk 6.5.x through 6.6.1.x allow remote attackers to execute arbitrary code via (1) a crafted Unicode string, related to the vxveautil.value_binary_unpack function; (2) a crafted ASCII string, related to the vxveautil.value_binary_unpack function; or (3) a crafted value, related to the vxveautil.kv_binary_unpack function, leading to a buffer overflow. |
VERITAS Storage vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_symantecvxsvc | ||
|
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter. |
Symantec Web Gateway vulnerability |
misc_av_symantec_webgateway | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request. |
Symantec vulnerabilities |
misc_av_symantec_sepmgrxss | ||
|
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. |
Symantec vulnerabilities |
misc_av_symantec_sepmgrxss | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRateSetting parameter to IMManager/Admin/IMAdminSystemDashboard.asp, the (2) nav or (3) menuitem parameter to IMManager/Admin/IMAdminTOC_simple.asp, or the (4) action parameter to IMManager/Admin/IMAdminEdituser.asp. |
Symantec vulnerabilities |
misc_av_symantec_immanagerxss | ||
|
SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
Symantec vulnerabilities |
misc_av_symantec_immanagerxss | ||
|
The management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "code injection issue." |
Symantec vulnerabilities |
misc_av_symantec_immanagerxss | ||
|
The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows use weak permissions for unspecified files, which allows attackers to gain privileges via unknown vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading to heap memory corruption, a different vulnerability than CVE-2011-0566 and CVE-2011-0603. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to obtain sensitive information via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X do not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0570. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerability than CVE-2011-0590, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0602. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607. |
Flash vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash | ||
|
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. |
Adobe Acrobat vulnerabilities Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011. |
Adobe Acrobat vulnerabilities Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Media Server (FMS) before 3.5.6, and 4.x before 4.0.2, allows remote attackers to cause a denial of service (XML data corruption) via unspecified vectors. |
Flash Media Server vulnerabilities |
web_server_flashmedia | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to (1) wf_status.htm and (2) wf_topicfs.htm in RoboHTML/WildFireExt/TemplateStock/. |
Adobe RoboHelp Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_adobe_robohelpserverxss | ||
|
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0620, CVE-2011-0621, and CVE-2011-0622. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0621, and CVE-2011-0622. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0622. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0621. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0624, CVE-2011-0625, and CVE-2011-0626. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0625, and CVE-2011-0626. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0624, and CVE-2011-0626. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0624, and CVE-2011-0625. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content, as possibly exploited in the wild in May 2011 by a Microsoft Office document with an embedded .swf file. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. |
http Cold Fusion Note: Authentication is recommended to improve the accuracy of this check |
web_prog_cfm_mx | ||
|
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010, allows remote attackers to inject arbitrary web script or HTML via the URI, aka "XSS in SharePoint Calendar Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_sharepointfound2010 win_patch_sharept201011074 |
||
|
Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information. |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_smb11019 | ||
|
Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate TimeColorBehaviorContainer Floating Point records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document containing an invalid record, aka "Floating Point Techno-color Time Bandit RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office2004macver win_patch_office2008macver win_patch_office2011macver win_patch_ppt2007 win_patch_ppt2010 win_patch_pptconv2007 win_patch_pptview2007 win_patch_pptview2010 win_patch_pptwebserver2010 |
||
|
Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate PersistDirectoryEntry records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Slide with a malformed record, which triggers an exception and later use of an unspecified method, aka "Persist Directory RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office2004macver win_patch_office2008macver win_patch_office2011macver win_patch_ppt2002 win_patch_ppt2003 win_patch_ppt2007 win_patch_ppt2010 win_patch_pptconv2007 win_patch_pptview2003 win_patch_pptview2007 win_patch_pptview2010 win_patch_pptwebserver2010 |
||
|
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a crafted LLMNR broadcast query or (2) a crafted application, aka "DNS Query Vulnerability." |
Windows DNS vulnerabilities Windows updates needed Note: Authentication is required to detect this vulnerability |
dns_ms11030 win_patch_ms11030 |
||
|
Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted WMF file, aka "OLE Automation Underflow Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_oleautomation11038 | ||
|
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Response Parsing Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_smb11019 | ||
|
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a malformed request in a (1) SMBv1 or (2) SMBv2 packet, aka "SMB Transaction Parsing Vulnerability." |
Windows updates needed Note: Authentication is recommended to improve the accuracy of this check |
win_patch_ms11020 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_scriptmemrealloc | ||
|
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Array Offset Vulnerability." |
Microsoft Silverlight vulnerabilities Microsoft NET Framework Note: Authentication is required to detect this vulnerability |
misc_silverlightmacver misc_silverlightver win_dotnet11039 |
||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML form with a select element that contains a large number of children. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient access to local files to use these files as page resources, and consequently obtain potentially sensitive information from the contents of the files, via an unknown response manipulation. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by vkontakte.ru. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_reallinux misc_realplayer |
||
|
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (1) the Quick/Bulk Edit title (aka post title or post_title), (2) post_status, (3) comment_status, (4) ping_status, and (5) escaping of tags within the tags meta box. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message. |
Mailman vulnerabilities MacOSX vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
mail_misc_mailman misc_macosx_version |
||
|
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read. |
MacOSX vulnerabilities PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version |
||
|
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. |
MacOSX vulnerabilities Apache Subversion vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_mod_apachesvnver |
||
|
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd. |
MacOSX vulnerabilities Samba vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version win_samba |
||
|
Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors. |
Plone vulnerabilities |
web_cms_plone | ||
|
The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors. |
DB2 vulnerabilities |
database_db2ver | ||
|
Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI. |
Nostromo nhttpd vulnerabilities |
web_server_nostromo_version | ||
|
The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758. |
PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_version | ||
|
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. |
PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_version | ||
|
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. |
PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_version | ||
|
Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax. |
PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_version | ||
|
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority. |
DB2 vulnerabilities |
database_db2ver | ||
|
The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat system call. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Mac OS X 10.5 SSL libraries, which allows remote attackers to cause a denial of service (application crash) via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Unspecified vulnerability in the Oracle Help component in Oracle Database Server 11.1.0.7, 11.2.0.1, 11.2.0.2, 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, and 10.1.0.5; and Oracle Fusion Middleware 11.1.1.2.0, 11.1.1.3.0, and 11.1.1.4.0 allows remote attackers to affect integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. |
Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Application Service Level Management component in Oracle Database Server 11.1.0.7 and Enterprise Manager Grid Control allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Service Level Agreements. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. |
Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. |
Oracle vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias | ||
|
Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 (OWB) and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Dimensional Data Modeling. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity and availability, related to SYSDBA. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 11.1.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Midtier Infrastructure. |
Oracle vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias | ||
|
Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 (OWB), 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Warehouse Builder User Account. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the UIX component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Network Foundation component in Oracle Database Server 10.1.0.5, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2, when running on Windows, allows remote attackers to affect availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Enterprise Config Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5, allows local users to affect confidentiality via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the CMDB Metadata & Instance APIs component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentiality and integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. |
Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Event Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors related to Rules Management UI. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Enterprise Config Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentiality and integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-0835 and CVE-2011-0880. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-0832 and CVE-2011-0880. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to create procedure privileges. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to User Model. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Security Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4; and Oracle Enterprise Manager Grid Control 10.1.0.6; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Audit Administration. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. |
Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. |
Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. |
Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. |
Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Schema Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. |
HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
VMWare ESX vulnerabilities Java Web Start HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_javawebstart net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the EMCTL component in Oracle Database Server 11.1.0.7 and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors related to Security. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-0832 and CVE-2011-0835. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the EMCTL component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Content Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scheduler. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.2.3, 10.1.3.5, 10.1.4.0.1, and 10.1.4.3 allows remote authenticated users to affect integrity, related to Servlet Runtime in OC4J. |
Oracle vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias | ||
|
A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface. |
default device password |
net_docsispass | ||
|
Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a DLL file, aka SPR PRAD82YJW2. |
Lotus Notes email client vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_notesfilever | ||
|
Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H. |
Lotus Domino SMTP vulnerability |
mail_smtp_domino | ||
|
Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX. |
Lotus Domino LDAP vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_ldapdominover | ||
|
The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS. |
Lotus Domino HTTP vulnerability |
web_server_lotus_domino | ||
|
The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147. |
Cisco IOS XR vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_iosxr | ||
|
Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and device reload or hang) via a crafted IP protocol 91 packet, aka Bug ID CSCth69364. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417. |
Cisco IOS XR vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_iosxr | ||
|
Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 do not properly handle Office Art containers that have invalid records, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PowerPoint document with a container that triggers certain access to an uninitialized object, aka "OfficeArt Atom RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office2004macver win_patch_office2008macver win_patch_ppt2002 win_patch_ppt2003 win_patch_ppt2007 win_patch_pptconv2007 win_patch_pptview2003 win_patch_pptview2007 |
||
|
Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office Graphic Object Dereferencing Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office11023 win_patch_office2004macver win_patch_office2008macver |
||
|
Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excelcpack win_patch_excelcpack2010 win_patch_excelxp |
||
|
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a malformed object record, related to a "stray reference," aka "Excel Linked List Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excel2010 win_patch_excelview win_patch_excelview2007 win_patch_excelxp win_patch_office2011macver |
||
|
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excelxp |
||
|
Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. |
dhcpd vulnerabilities VMWare ESX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_dhcpver misc_esxbuild |
||
|
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information. |
ClamAV vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_av_clam misc_av_clamwinupx |
||
|
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack. |
Ruby vulnerabilities Note: Authentication is required to detect this vulnerability |
web_dev_ruby | ||
|
The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. |
Ruby vulnerabilities Note: Authentication is required to detect this vulnerability |
web_dev_ruby | ||
|
Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. |
OpenLDAP vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_openldap | ||
|
bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password. |
OpenLDAP vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_openldap | ||
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators. |
Apache Archiva vulnerabilities |
web_prog_jsp_archivaver | ||
|
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement. |
INFORMIX vulnerabilities Note: Authentication is required to detect this vulnerability |
database_informix_idsver | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO. |
Lotus Sametime vulnerabilities |
web_server_lotus_sametimehttpxss | ||
|
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Macho-O file. |
IDA Pro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_idaprover | ||
|
Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string encodings" and "inconsistencies in the handling of UTF8 sequences by the user interface." |
IDA Pro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_idaprover | ||
|
Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. |
IDA Pro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_idaprover | ||
|
Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. |
IDA Pro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_idaprover | ||
|
Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (out-of-memory exception and inability to analyze code) via a crafted Mach-O file. |
IDA Pro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_idaprover | ||
|
Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors. |
IDA Pro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_idaprover | ||
|
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a denial of service (NULL pointer dereference and OOPS) by not providing a valid response to a DNS query, as demonstrated by an erroneous grand.centrall.org query, which triggers improper handling of error data within a DNS resolver key. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
Apache Archiva vulnerabilities |
web_prog_jsp_archivaver | ||
|
The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. |
Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_tomcatver | ||
|
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message. |
Gaim vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_gaim | ||
|
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function. |
MacOSX vulnerabilities PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version |
||
|
The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data. |
rsyncd vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_rsyncdver | ||
|
Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
FSecure vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_av_fsecurefsc20112 | ||
|
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to obtain sensitive information via a request to an invalid report, which reveals the installation path in an error message, as demonstrated with requests to (1) report/infection-table.html or (2) report/productsummary-table.html. |
FSecure vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_av_fsecurefsc20112 | ||
|
Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters. |
Joomla vulnerabilities |
web_prog_php_joomlaver | ||
|
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call. |
MacOSX vulnerabilities HP SMH vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_tool_hpsmh |
||
|
The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. |
BlackBerry vulnerabilities MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_blackberry_image misc_macosx_version |
||
|
Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site. |
Konqueror vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_konqueror | ||
|
net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many short TCP sessions to services that use a certain TLS API. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1088 and CVE-2011-1419. |
Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_tomcatver | ||
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values. |
IBM Rational AppScan vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver web_dev_tomcatver |
||
|
Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to the print method, which might allow remote attackers to cause a denial of service (application crash) via crafted JavaScript code. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Google Chrome vulnerabilities Pale Moon vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_googlechrome web_client_palemoonver web_client_seamonkey |
||
|
Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during text rendering, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. |
VMWare ESX vulnerabilities Mozilla vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild web_client_firefox web_client_googlechrome web_client_seamonkey |
||
|
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) allows remote attackers to execute arbitrary code via a crafted LDAP request. NOTE: some of these details are obtained from third party information. |
Tivoli LDAP vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_ldaptivoliver | ||
|
IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command. |
solidDB vulnerabilities Note: Authentication is required to detect this vulnerability |
database_soliddbver | ||
|
Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. |
Tivoli Storage Manager |
misc_tivolicategory_storagever | ||
|
Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows allows local users to gain privileges via unspecified vectors. |
Tivoli Storage Manager |
misc_tivolicategory_storagever | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11034 | ||
|
The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via unspecified vectors that "corrupt the system state," aka "Microsoft Windows Messenger ActiveX Control Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11027 | ||
|
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information Disclosure Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Information Disclosure Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 |
||
|
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information Disclosure Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v8 | ||
|
Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Active Accessibility Insecure Library Loading Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_activeaccessms11075 | ||
|
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 does not properly handle socket send exceptions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets, related to unintended stack-frame values and buffer passing, aka "WINS Service Failed Response Vulnerability." |
WINS vulnerability Note: Authentication is recommended to improve the accuracy of this check |
win_patch_ms11035 | ||
|
The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11046 | ||
|
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v8 | ||
|
Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified strings, aka "toStaticHTML Information Disclosure Vulnerability" or "HTML Sanitization Vulnerability." |
Microsoft Office vulnerabilities Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_groovemgtserv2010 win_patch_ie_v7 win_patch_ie_v8 win_patch_sharepointfound2010 win_patch_sharepointsvcs win_patch_sharept201011074 |
||
|
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Class Inheritance Vulnerability." |
Microsoft Silverlight vulnerabilities Microsoft NET Framework Note: Authentication is required to detect this vulnerability |
misc_silverlightmacver misc_silverlightver win_dotnet11078 |
||
|
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability." |
Microsoft Remote Desktop Web Access |
web_prog_asp_rdwebaccessloginxss | ||
|
Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Active Directory Certificate Services Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11051 | ||
|
The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth packets, aka "Bluetooth Stack Vulnerability." |
Bluetooth wireless vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_wireless_bluetooth11053 | ||
|
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_vmlver | ||
|
The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 request, aka "SMB Request Parsing Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_smb11048 | ||
|
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Response Parsing Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_smb11043 | ||
|
Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during file parsing without proper handling of memory, which allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Memory Corruption RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office2004macver win_patch_office2008macver win_patch_ppt2002 win_patch_ppt2003 win_patch_ppt2007 win_patch_pptconv2007 |
||
|
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ppt2002 win_patch_ppt2003 |
||
|
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary code, in opportunistic circumstances by leveraging a crafted application, as demonstrated by (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework JIT Optimization Vulnerability." |
Microsoft NET Framework Note: Authentication is required to detect this vulnerability |
win_dotnet11044 | ||
|
Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record structures during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Insufficient Record Validation Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excelcpack win_patch_excelview2007 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Improper Record Parsing Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excel2010 win_patch_excelcpack win_patch_excelcpack2010 win_patch_excelview2007 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver win_patch_office2011macver |
||
|
Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excelcpack win_patch_excelview2007 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Heap Overwrite Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excelxp win_patch_office2004macver win_patch_office2008macver win_patch_office2011macver |
||
|
Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel spreadsheet, related to improper validation of record information, aka "Excel Buffer Overrun Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excelcpack win_patch_excelview2007 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excelxp win_patch_office2008macver |
||
|
Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel WriteAV Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excelxp win_patch_office2004macver |
||
|
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds WriteAV Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excelxp win_patch_office2004macver win_patch_office2008macver |
||
|
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrary files via a crafted .disco (Web Service Discovery) file, aka "XML External Entities Resolution Vulnerability." |
Microsoft SQL Server Visual Studio vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_mssql_mssql misc_vstudio11049 |
||
|
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a process, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP AllocConsole Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_csrss11056 | ||
|
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL pointer in an unspecified function call, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_csrss11056 | ||
|
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and write operations, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_csrss11056 | ||
|
Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutput Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_csrss11056 | ||
|
The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011, aka "Object Management Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on Windows allows local users to gain privileges via unknown vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Directory traversal vulnerability in the administration console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41, 7.0 before 7.0.0.19, and 8.0 before 8.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. |
WebSphere vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_webspherever | ||
|
WebSphere vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_webspherever | |||
|
The JavaServer Faces (JSF) application functionality in IBM WebSphere Application Server 8.x before 8.0.0.1 does not properly handle requests, which allows remote attackers to read unspecified files via unknown vectors. |
WebSphere vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_webspherever | ||
|
Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted REGION record in a PICT file. |
QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_quicktime | ||
|
The Web Services Security component in the Web Services Feature Pack before 6.1.0.41 for IBM WebSphere Application Server (WAS) 6.1 does not properly handle the enabling of WS-Security for a JAX-WS application, which has unspecified impact and attack vectors. |
WebSphere vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_webspherever | ||
|
Unspecified vulnerability in the authentication functionality in the server in IBM Lotus Domino 8.x before 8.5.2 FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Notes RPC packet. |
Lotus NotesRPC vulnerability |
misc_notesrpc | ||
|
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. |
PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_version | ||
|
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity. |
Exim vulnerability |
mail_smtp_exim | ||
|
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack." |
WebLogic vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_weblogic | ||
|
Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a crafted size field in the OfficeArtMetafileHeader, related to OfficeArtBlip, as demonstrated on the iPhone by Charlie Miller and Dion Blazakis during a Pwn2Own competition at CanSecWest 2011. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088. |
Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_tomcatver | ||
|
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. |
Legato NetWorker vulnerabilities Note: Authentication is required to detect this vulnerability |
rpc_legatocategory_version | ||
|
The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. |
PureFTPd vulnerabilities Note: Authentication is required to detect this vulnerability |
ftp_pureftpd | ||
|
The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the netqmail-1.06-tls patch for netqmail 1.06 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. |
PureFTPd vulnerabilities Note: Authentication is required to detect this vulnerability |
ftp_pureftpd | ||
|
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. |
PureFTPd vulnerabilities Note: Authentication is required to detect this vulnerability |
ftp_pureftpd | ||
|
Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during handling of floating select lists, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving (1) a navigation error or (2) an interrupted load. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument. |
PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_version web_tool_hpsmh |
||
|
Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function. |
MacOSX vulnerabilities PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version |
||
|
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper. |
MacOSX vulnerabilities PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version |
||
|
The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment |
HP OA vulnerabilities |
misc_hponboard | ||
|
The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users." |
Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_tomcatver | ||
|
The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local users to cause a denial of service (system crash) via vectors involving failed attempts to create files. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-4250. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564. |
HP Openview vulnerabilities JBoss Application Server Note: Authentication is required to detect this vulnerability |
net_ovnodemgriver web_dev_jbossasver |
||
|
The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. |
perl vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_lang_perl | ||
|
Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. |
Ruby on Rails vulnerabilities Note: Authentication is required to detect this vulnerability |
web_dev_rubyonrails | ||
|
The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. NOTE: some of these details are obtained from third party information. |
PureFTPd vulnerabilities Note: Authentication is required to detect this vulnerability |
ftp_pureftpd | ||
|
Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Function Pointer Overwrite Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_officepubver win_patch_publisher2007 |
||
|
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 and 3.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to Administration. |
Oracle Glassfish Server vulnerabilities |
web_server_glassfish | ||
|
Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR. |
Lotus Notes email client vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_notesfilever | ||
|
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request containing crafted parameters. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (daemon exit) via a request containing crafted parameters. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers to bypass authentication, and consequently execute arbitrary code, by placing this pathname in the COOKIEFILE field. NOTE: this might overlap CVE-2011-0920. |
Lotus Domino HTTP vulnerability |
web_server_lotus_domino | ||
|
The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a crafted URL, as demonstrated by the file:///etc/passwd and file:///dev/zero URLs. |
VMWare ESX vulnerabilities MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_macosx_version |
||
|
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. |
Nagios vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_tool_nagiosver | ||
|
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions. |
Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_kerberospkg | ||
|
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. NOTE: the Berkeley DB vector is covered by CVE-2011-4151. |
Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_kerberospkg | ||
|
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors. |
Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_kerberospkg | ||
|
The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error. |
Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_kerberospkg | ||
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors. |
HP SMH vulnerabilities |
web_tool_hpsmh | ||
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors. |
HP SMH vulnerabilities |
web_tool_hpsmh | ||
|
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
HP Systems Insight Manager |
web_tool_hpsim | ||
|
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. |
HP Systems Insight Manager |
web_tool_hpsim | ||
|
solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value. |
solidDB vulnerabilities Note: Authentication is required to detect this vulnerability |
database_soliddbver | ||
|
Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401. |
IGSS SCADA vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_igssscadabo misc_igssscadatrav |
||
|
Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397. |
IGSS SCADA vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_igssscadabo | ||
|
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (1) ListAll, (2) Write File, (3) ReadFile, (4) Delete, (5) RenameFile, and (6) FileInfo commands in an 0xd opcode; (7) the Add, (8) ReadFile, (9) Write File, (10) Rename, (11) Delete, and (12) Add commands in an RMS report templates (0x7) opcode; and (13) 0x4 command in an STDREP request (0x8) opcode to TCP port 12401. |
IGSS SCADA vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_igssscadabo | ||
|
Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.11074, and 9.00.00.11063 and earlier, in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated using the RMS Reports Delete command, related to the logging of messages to GSST.LOG. NOTE: some of these details are obtained from third party information. |
IGSS SCADA vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_igssscadabo | ||
|
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information by using the \2f\2a and \2a\2f hex strings to surround CSS comments. |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request. |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419. |
Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_tomcatver | ||
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578. |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter. |
Red Hat Network Satellite Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatsatellitever | ||
|
Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname. |
rdesktop vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_rdesktop | ||
|
The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
manager.c in the Manager Interface in Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 does not properly check for the system privilege, which allows remote authenticated users to execute arbitrary commands via an Originate action that has an Async header in conjunction with an Application header. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti42904. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su2, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCth39586. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtg62855. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmsqli net_cisco_cucmver |
||
|
Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote attackers to cause a denial of service (device reload) by establishing two SSH2 sessions, aka Bug ID CSCto62631. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. |
Cisco IOS XR vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_iosxr | ||
|
Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures. |
SQL injection |
web_prog_sql_totaldefense | ||
|
The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and subsequently execute arbitrary code, by sniffing the network, related to the UNCWS Web Service. |
CA Total Defense vulnerabilities |
web_prog_cgi_catotaldefense | ||
|
The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND. |
MacOSX vulnerabilities PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version |
||
|
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php. |
NetGear WNAP210 vulnerability |
net_netgearwnap210 | ||
|
smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method. |
Postfix vulnerabilities |
mail_smtp_postfix | ||
|
Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained from third party information. |
Cross site scripting |
web_prog_cgi_redminexss | ||
|
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
HP SiteScope vulnerabilities |
web_server_sitescope | ||
|
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue. |
HP SiteScope vulnerabilities |
web_server_sitescope | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file. |
EMC Data Protection Advisor vulnerabilities |
web_tool_emcdpa | ||
|
Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not properly restrict memory allocation by the (1) AGPIOC_RESERVE and (2) AGPIOC_ALLOCATE ioctls, which allows local users to cause a denial of service (memory consumption) by making many calls to these ioctls. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011. |
MacOSX vulnerabilities Apache Subversion vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_mod_apachesvnver |
||
|
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character. |
Exim vulnerability |
mail_smtp_exim | ||
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578 and CVE-2011-1587. |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypass authentication by creating crafted wikiUserID and wikiUserName cookies, or by leveraging an unattended workstation. |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data. |
MacOSX vulnerabilities Apache Subversion vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_mod_apachesvnver |
||
|
VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory. |
VMWare ESX vulnerabilities VMware vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_vmwareplayerver misc_vmwarewkstnver |
||
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the pop-up blocker via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to incorrect integer calculations during float handling. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The Cascading Style Sheets (CSS) implementation in Google Chrome before 12.0.742.91 does not properly restrict access to the visit history, which allows remote attackers to obtain sensitive information via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via vectors related to extensions. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.91 does not properly implement the framework for extensions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vectors related to extensions. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.91 does not properly implement history deletion, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chrome:// page via vectors related to extensions. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via the origurl parameter to a (1) view script or (2) login script. |
TWiki vulnerabilities |
web_prog_cgi_twikiver | ||
|
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. NOTE: some of these details are obtained from third party information. |
DB2 vulnerabilities |
database_db2ver | ||
|
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information. |
DB2 vulnerabilities |
database_db2ver | ||
|
Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to execute arbitrary code via unknown vectors. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality. |
HP Openview vulnerabilities |
net_ovsdpver | ||
|
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka "DFS Memory Corruption Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11042 | ||
|
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote DFS servers to cause a denial of service (system hang) via a crafted referral response, aka "DFS Referral Response Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11042 | ||
|
Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_csrss11056 | ||
|
Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_tcpipdos | ||
|
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_hypervdos1 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, which allows remote attackers to execute arbitrary code via a crafted font file, aka "Win32k OTF Validation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11041 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arguments to functions, which allows local users to read arbitrary data from kernel memory via a crafted application that triggers a NULL pointer dereference, aka "Win32k Incorrect Parameter Validation Allows Information Disclosure Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11054 | ||
|
The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_forefronttmg | ||
|
Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via a post, aka "Editform Script Injection Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_sharepointfound2010 win_patch_sharept201011074 |
||
|
Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a request to a script, aka "Contact Details Reflected XSS Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_sharepointfound2010 win_patch_sharepointsvcs |
||
|
Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_groove11074 win_patch_groovemgtserv win_patch_groovemgtserv2010 win_patch_grooveservdb200711074 win_patch_sharepointfound2010 win_patch_sharepointsvcs win_patch_sharept200711074 win_patch_sharept201011074 |
||
|
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_sharepointfound2010 win_patch_sharept201011074 |
||
|
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted EMBED element in a web page that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11037 | ||
|
CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via unspecified vectors, aka "ExcelTable Response Splitting XSS Vulnerability." |
Windows updates needed |
win_patch_forefrontuag11079 | ||
|
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "ExcelTable Reflected XSS Vulnerability." |
Windows updates needed |
win_patch_forefrontuag11079 | ||
|
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Default Reflected XSS Vulnerability." |
Windows updates needed |
win_patch_forefrontuag11079 | ||
|
ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query. |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_bindver | ||
|
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. |
DNS vulnerabilities MacOSX vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_bindver misc_macosx_version |
||
|
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a brute-force approach. |
JasperReports Server vulnerability Note: Authentication is required to detect this vulnerability |
misc_jasperreportsrver | ||
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation. |
MacOSX vulnerabilities Apache Subversion vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_mod_apachesvnver |
||
|
The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets. |
Linux Kernel vulnerabilities Cisco FireSIGHT vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel web_prog_firesightver |
||
|
The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. |
IBM HTTP Server vulnerabilities Apache vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_ibmhttpserver web_server_apache_version web_tool_hpsmh |
||
|
Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl. |
Webmin vulnerabilities |
web_tool_webminver | ||
|
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions. |
Oracle vulnerabilities VMWare ESX vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_httpserver misc_esxbuild web_tool_hpsmh |
||
|
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. |
MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL. |
Plone vulnerabilities |
web_cms_plone | ||
|
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422. |
Plone vulnerabilities |
web_cms_plone | ||
|
plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011. |
Plone vulnerabilities |
web_cms_plone | ||
|
The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server, aka "TCP/IP QOS Denial of Service Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_tcpipdos | ||
|
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability." |
Windows DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_ms11058 | ||
|
Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11063 | ||
|
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, as exploited in the wild in 2011, aka "Remote Desktop Protocol Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_rdpdos | ||
|
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution Vulnerability." |
Windows updates needed |
win_patch_forefrontuag11079 | ||
|
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka "DNS Uninitialized Memory Corruption Vulnerability." |
Windows DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_ms11058 | ||
|
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_kern11068 | ||
|
Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_visio2003umldll win_patch_visio2007umldll win_patch_visio2010umldll |
||
|
NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ndistapi | ||
|
Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an Excel .xlsx file, aka "Data Access Components Insecure Library Loading Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_mdacrce11059 | ||
|
Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability." |
Visual Studio vulnerabilities |
misc_vstudiorptviewer | ||
|
The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HTTP request, aka "Chart Control Information Disclosure Vulnerability." |
Microsoft NET Framework Note: Authentication is required to detect this vulnerability |
win_dotnet11066 | ||
|
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Socket Restriction Bypass Vulnerability." |
Microsoft NET Framework Note: Authentication is required to detect this vulnerability |
win_dotnet11069 | ||
|
Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_visio2003umldll win_patch_visio2007umldll |
||
|
Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office11073 | ||
|
Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Office Uninitialized Object Pointer Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office11073 | ||
|
Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office11089 win_patch_office2011macver |
||
|
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges by sending crafted packets over the loopback interface, aka "WINS Local Elevation of Privilege Vulnerability." |
WINS vulnerability Note: Authentication is required to detect this vulnerability |
win_patch_ms11070 | ||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer De-reference Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11077 | ||
|
Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Use after Free WriteAV Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 | ||
|
Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excel2010 win_patch_excelcpack win_patch_excelview2007 win_patch_office2004macver win_patch_office2007 win_patch_office2007oart win_patch_office2007oartconv win_patch_office2008macver win_patch_office2010oart win_patch_office2010oartconv win_patch_office2011macver |
||
|
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly parse records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Heap Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excelcpack win_patch_excelview2007 win_patch_office2004macver win_patch_office2007 win_patch_office2007oart win_patch_office2007oartconv win_patch_office2008macver |
||
|
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability." |
Microsoft Office vulnerabilities Microsoft Office Web Apps vulnerabilities Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_excel2007 win_patch_excel2010 win_patch_excelcpack win_patch_excelview2007 win_patch_office2004macver win_patch_office2007 win_patch_office2007oart win_patch_office2007oartconv win_patch_office2008macver win_patch_office2010oart win_patch_office2010oartconv win_patch_office2011macver win_patch_officewebapps2010 win_patch_sharepoint2007 win_patch_sharepoint2010 |
||
|
Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an unspecified array index, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability." |
Microsoft Office vulnerabilities Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_excel2007 win_patch_excelcpack win_patch_excelview2007 win_patch_office2007oart win_patch_office2007oartconv win_patch_sharepoint2007 |
||
|
Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .rtf, or .txt file, related to (1) deskpan.dll in the Display Panning CPL Extension, (2) EAPHost Authenticator Service, (3) Folder Redirection, (4) HyperTerminal, (5) the Japanese Input Method Editor (IME), and (6) Microsoft Management Console (MMC), aka "Windows Components Insecure Library Loading Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11071 | ||
|
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v8 | ||
|
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 |
||
|
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnLoad Event Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 | ||
|
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v9 | ||
|
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v8 | ||
|
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle TrueType fonts, which allows local users to cause a denial of service (system hang) via a crafted font file, aka "Win32k TrueType Font Type Translation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11077 | ||
|
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .fon file, aka "Font Library File Buffer Overrun Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11077 | ||
|
Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font file, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2011-3402. |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11084 | ||
|
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11080 | ||
|
Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka "Endless Loop DoS in snabase.exe Vulnerability." |
Microsoft Host Integration Server Note: Authentication is required to detect this vulnerability |
win_patch_hostint11082 | ||
|
Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka "Access of Unallocated Memory DoS Vulnerability." |
Microsoft Host Integration Server Note: Authentication is required to detect this vulnerability |
win_patch_hostint11082 | ||
|
Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Library Loading Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_mediacenter11076 | ||
|
The Microsoft Office Input Method Editor (IME) for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the Microsoft Pinyin (aka MSPY) IME toolbar, aka "Pinyin IME Elevation Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_imeoffice11088 | ||
|
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11077 | ||
|
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash." |
Windows updates needed |
win_patch_forefrontuag11079 | ||
|
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a closed port, aka "Reference Counter Overflow Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_tcpip11083 | ||
|
The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11086 win_patch_ms11086adam |
||
|
Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .eml or .wcinv file, aka "Windows Mail Insecure Library Loading Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11085 | ||
|
The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 does not properly initialize objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_kern11098 | ||
|
Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v9 | ||
|
The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message. |
SquirrelMail vulnerabilities MacOSX vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
mail_web_squirrel misc_macosx_version |
||
|
Cisco Network Registrar before 7.2 has a default administrative password, which makes it easier for remote attackers to obtain access via a TCP session, aka Bug ID CSCsm50627. |
Cisco Network Registrar vulnerabilities |
net_cisco_registrarpw | ||
|
Cisco IOS 12.4MDA before 12.4(24)MDA5 on the Cisco Content Services Gateway - Second Generation (CSG2) allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets, aka Bug ID CSCtl79577. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686. |
Cisco voice products Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_cucmver net_cisco_ios |
||
|
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to cause a denial of service via unknown vectors. |
http Cold Fusion Note: Authentication is recommended to improve the accuracy of this check |
web_prog_cfm_mx | ||
|
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability." |
HP Systems Insight Manager |
web_tool_hpsim | ||
|
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability." |
HP Systems Insight Manager |
web_tool_hpsim | ||
|
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability." |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability." |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to a "design flaw." |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011. |
Flash vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome |
||
|
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability." |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2122. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2127, and CVE-2011-2128. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2127. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative Suite 5.1 (CS5.1) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GIF file. |
Adobe Photoshop vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_adobe_photoshopplugin | ||
|
Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, allows attackers to cause a denial of service (memory corruption) via unspecified vectors. |
Flash Media Server vulnerabilities |
web_server_flashmedia | ||
|
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js. |
Adobe RoboHelp Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_adobe_robohelpserverwebxss | ||
|
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error." |
VMWare ESX vulnerabilities VMware vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_vmwareplayerver misc_vmwarewkstnver |
||
|
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors. |
VMWare ESX vulnerabilities VMware vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_vmwareplayerver misc_vmwarewkstnver |
||
|
Multiple unspecified vulnerabilities in Adobe Photoshop before 12.0.4 have unknown impact and attack vectors. |
Adobe Photoshop vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_adobe_photoshopver | ||
|
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script. |
Dovecot vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_misc_dovecotver | ||
|
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script. |
Dovecot vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_misc_dovecotver | ||
|
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply. |
Cherokee vulnerabilities |
web_server_cherokee | ||
|
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. |
VMWare ESX vulnerabilities MacOSX vulnerabilities HP SMH vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_macosx_version web_tool_hpsmh |
||
|
A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying operating system. |
WebSVN vulnerabilities |
web_prog_php_websvnver | ||
|
jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP05 and 5.1.0; JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0, 4.3.0.CP09, and 5.1.1; and JBoss Enterprise Web Platform 5.1.1, does not properly restrict use of Expression Language (EL) statements in FacesMessages during page exception handling, which allows remote attackers to execute arbitrary Java code via a crafted URL to an application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1484. |
HP Openview vulnerabilities Note: Authentication is required to detect this vulnerability |
net_ovnodemgriver | ||
|
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability." |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file. |
IBM Rational AppScan vulnerabilities MacOSX vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver misc_macosx_version web_dev_tomcatver |
||
|
The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.2 does not initialize certain strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed Contact header. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2219. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, Oracle Fusion Middleware 10.1.3.5, allows remote attackers to affect availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, and 11.2.0.1, and Oracle Fusion Middleware 10.1.3.5, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-3523. |
Oracle vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias | ||
|
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability, related to XMLSEQ_IMP_T. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Oracle Universal Installer component in Oracle Database Server 10.1.0.5 allows local users to affect confidentiality via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7.3, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect integrity, related to SYSDBA. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality and integrity via unknown vectors related to Authentication. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the SQL Performance Advisories/UIs component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality, integrity, and availability, related to SQL Details UI & Explain Plan. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect integrity via unknown vectors. |
Oracle Secure Backup vulnerabilities Note: Authentication is required to detect this vulnerability |
database_oracle_backupver | ||
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2261. |
Oracle Secure Backup vulnerabilities Note: Authentication is required to detect this vulnerability |
database_oracle_backupver | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYSDBA. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Database Target Type Menus component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2252. |
Oracle Secure Backup vulnerabilities Note: Authentication is required to detect this vulnerability |
database_oracle_backupver | ||
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors. |
MySQL vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_mysql_version | ||
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows context-dependent attackers to affect confidentiality, integrity, and availability via unknown vectors related to Outside In Filters. NOTE: the previous information was obtained from the July 2011 CPU. Oracle has not commented on claims from a reliable third party that this is a stack-based buffer overflow in the imcdr2.flt library for the CorelDRAW parser. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
Unspecified vulnerability in the Oracle Text component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to CTXSYS.DRVDISP. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors related to JavaServer Pages. |
Oracle vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias | ||
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows local users to affect confidentiality, related to WLS Security. |
WebLogic vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_weblogic | ||
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows remote attackers to affect confidentiality, related to JMS. |
WebLogic vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_weblogic | ||
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows remote attackers to affect confidentiality via unknown vectors related to Web Services. |
WebLogic vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_weblogic | ||
|
Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect integrity and availability, related to SYSDBA. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives. |
HP Mercury LoadRunner vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_mercuryloadrunnerver | ||
|
Google V8, as used in Google Chrome before 12.0.742.91, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
The DOM implementation in Google Chrome before 12.0.742.91 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 12.0.742.112 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 12.0.742.112, performs an incorrect bounds check, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text selection. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The HTML parser in Google Chrome before 12.0.742.112 does not properly address "lifetime and re-entrancy issues," which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer." |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release. |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. |
MacOSX vulnerabilities Apple iOS vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_mobile_iosver |
||
|
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
HP SiteScope vulnerabilities |
web_server_sitescope | ||
|
Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors. |
HP SiteScope vulnerabilities |
web_server_sitescope | ||
|
Cross-site scripting (XSS) vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
Cross site scripting |
web_tool_hpanm | ||
|
SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. |
Cross site scripting |
web_tool_hpanm | ||
|
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue." |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass." |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability." |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "security bypass vulnerability." |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2434 and CVE-2011-2437. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Heap-based buffer overflow in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Multiple stack-based buffer overflows in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "memory leakage condition vulnerability." |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error vulnerability." |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2448. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2446. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Shockwave vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_shockwave | ||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459. |
Flash vulnerabilities Google Chrome vulnerabilities HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_flash web_client_googlechrome web_tool_hpsim |
||
|
Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains. |
HP Systems Insight Manager |
web_tool_hpsim | ||
|
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the cfform tag. |
http Cold Fusion Note: Authentication is recommended to improve the accuracy of this check |
web_prog_cfm_mx | ||
|
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. |
DNS vulnerabilities MacOSX vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_bindver misc_macosx_version |
||
|
Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query. |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_bindver | ||
|
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path. |
Sybase EAServer app server vulnerabilities |
web_server_easerver | ||
|
The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression. |
Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_tomcatver | ||
|
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file. |
Gaim vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_gaim | ||
|
The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability." |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and consequently execute arbitrary PHP code, by leveraging the ability to modify the SESSION superglobal array. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. |
VMWare ESX vulnerabilities Samba vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild win_samba |
||
|
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. |
vsftpd FTP Server vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
ftp_vsftpd ftp_vsftpdsmiley |
||
|
Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI. |
http server read access |
web_server_read | ||
|
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application. |
IBM Rational AppScan vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver web_dev_tomcatver |
||
|
Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720. |
Plone vulnerabilities Zope vulnerabilities |
web_cms_plone web_dev_zope |
||
|
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted packet. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x before 1.4.41.1, 1.6.2.x before 1.6.2.18.1, and 1.8.x before 1.8.4.3, and Asterisk Business Edition C.3 before C.3.7.3, accesses a memory address contained in an option control frame, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a crafted frame. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669. |
Cisco ASA vulnerabilities |
net_cisco_asa500sqli | ||
|
The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681. |
Cisco ASA vulnerabilities |
net_cisco_asa500sqli | ||
|
The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (service outage) via a SIP INVITE message, aka Bug ID CSCth43256. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth19417. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file. |
VLC vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vlc | ||
|
The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Opera before 11.50 does not properly restrict data: URIs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.50 has unknown impact and attack vectors, related to a "moderately severe issue." |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by progorod.ru. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a non-array object that contains initial holes. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
The SVG implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving a path on which many characters are drawn. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application hang) via unknown content on a web page, as demonstrated by domiteca.com. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (memory consumption) via unknown content on a web page, as demonstrated by test262.ecmascript.org. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to selecting a text node, and closed pop-up windows, removed pop-up windows, and IFRAME elements. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via web script that moves a (1) AUDIO element or (2) VIDEO element between windows. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a gradient with many stops, related to the implementation of CANVAS elements, SVG, and Cascading Style Sheets (CSS). |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving SVG animation. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to form layout. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in the Web Workers implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown vectors. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in the SVG BiDi implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash or hang) via unknown vectors. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in the DOM implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by live.com. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the (1) Directory.Item.name or (2) Directory.Item.displayName parameter. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.3 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a SIP packet with a Contact header that lacks a < (less than) character. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file. |
OpenOffice vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_libreoffice misc_openoffice |
||
|
Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table. |
Drupal vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_cms_drupal | ||
|
The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. |
HP OA vulnerabilities MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_hponboard misc_macosx_version |
||
|
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). |
VMWare ESX vulnerabilities Samba vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild win_samba |
||
|
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. |
VMWare ESX vulnerabilities Cisco FireSIGHT vulnerabilities |
misc_esxbuild web_prog_firesightver |
||
|
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser. |
OpenOffice vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_libreoffice misc_openoffice |
||
|
Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. |
ClamAV vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_av_clam misc_av_clamwinupx |
||
|
The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL. |
Drupal vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_cms_drupal | ||
|
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference. |
perl vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_lang_perl | ||
|
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application. |
IBM Rational AppScan vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver web_dev_tomcatver |
||
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. |
dhcpd vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_dhcpver | ||
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. |
dhcpd vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_dhcpver | ||
|
IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not require authentication for access to LDAP Server log files, which allows remote attackers to obtain sensitive information via a crafted URL. |
Tivoli LDAP vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_ldaptivoliver | ||
|
mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes. |
Apache module vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_mod_perlver | ||
|
The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation of the Pepper plug-in. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not prevent calls to functions in other frames, which allows remote attackers to bypass intended access restrictions via a crafted web site, related to a "cross-frame function leak." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Google Chrome before 13.0.782.215 on Windows does not properly handle vertex data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. |
VMWare ESX vulnerabilities Google Chrome vulnerabilities HP SMH vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild web_client_googlechrome web_tool_hpsmh |
||
|
Google Chrome before 13.0.782.215 on Windows does not properly parse URLs located on the command line, which has unspecified impact and attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google V8, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. |
VMWare ESX vulnerabilities Google Chrome vulnerabilities HP SMH vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild web_client_googlechrome web_tool_hpsmh |
||
|
Race condition in Google Chrome before 14.0.835.163 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the certificate cache. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not require Infobar interaction before use of the Windows Media Player plug-in, which makes it easier for remote attackers to have an unspecified impact via crafted Flash content. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 on Linux does not use the PIC and PIE compiler options for position-independent code, which has unspecified impact and attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not properly consider the MIME type during the loading of a plug-in, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to "unusual user interaction." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The installer in Google Chrome before 14.0.835.163 on Mac OS X does not properly handle lock files, which has unspecified impact and attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to the forward button. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The WebSockets implementation in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font." |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896. |
MacOSX vulnerabilities Apple iOS vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_mobile_iosver |
||
|
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. |
CUPS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
printer_cupsversion | ||
|
Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page. |
Red Hat Network Satellite Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatsatellitever | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms. |
Red Hat Network Satellite Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatsatellitever | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms. |
Red Hat Network Satellite Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatsatellitever | ||
|
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name. |
Ruby on Rails vulnerabilities Note: Authentication is required to detect this vulnerability |
web_dev_rubyonrails | ||
|
Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a tag with an invalid name. |
Ruby on Rails vulnerabilities Note: Authentication is required to detect this vulnerability |
web_dev_rubyonrails | ||
|
Cross-site scripting (XSS) vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow. |
perl vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_lang_perl | ||
|
Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter. |
JBoss Enterprise Portal Platform |
web_dev_jbossportaluri | ||
|
The irc_msg_who function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted nickname that is not properly handled in a WHO response. |
Gaim vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_gaim | ||
|
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Unspecified vulnerability in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bounds condition. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail change notifications, which makes it easier for remote attackers to perform arbitrary address changes by leveraging an unattended workstation. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756 regression. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox | ||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox | ||
|
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior. |
Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin. |
TWiki vulnerabilities |
web_prog_cgi_twikiver | ||
|
BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors. |
ARCserve vulnerabilities |
misc_arcservecategory_d2dyi | ||
|
Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. |
Lotus Notes email client vulnerabilities Mozilla Thunderbird vulnerabilities MacOSX vulnerabilities VLC vulnerabilities Mozilla vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_notesfilever mail_client_thunderbird misc_macosx_version misc_vlc web_client_firefox web_client_googlechrome web_client_seamonkey |
||
|
Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an error in the plug-in loading mechanism. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. |
MacOSX vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version web_client_googlechrome |
||
|
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Google Chrome vulnerabilities Pale Moon vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_googlechrome web_client_palemoonver web_client_seamonkey |
||
|
Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_cyberfoxver web_client_firefox web_client_googlechrome web_client_waterfox |
||
|
Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.46 does not properly draw dash paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. |
VMWare ESX vulnerabilities iTunes vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_itunes |
||
|
Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unknown function calls. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security." |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening." |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption. |
ClearSCADA vulnerabilities |
misc_scada_clearscadaver | ||
|
Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
ClearSCADA vulnerabilities |
misc_scada_clearscadaver | ||
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208. |
HP Openview vulnerabilities |
net_ovnodemgrver | ||
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209. |
HP Openview vulnerabilities |
net_ovnodemgrver | ||
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210. |
HP Openview vulnerabilities |
net_ovnodemgrver | ||
|
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896. |
CUPS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
printer_cupsversion | ||
|
Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request. |
Novell ZENworks Configuration Management vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_novellzenconfigmgmt | ||
|
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request. |
Novell ZENworks Configuration Management vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_novellzenconfigmgmt | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and earlier. |
Concrete vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_concrete5ver | ||
|
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message. |
Gaim vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_gaim | ||
|
gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message. |
Gaim vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_gaim | ||
|
CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header. |
Ruby on Rails vulnerabilities Note: Authentication is required to detect this vulnerability |
web_dev_rubyonrails | ||
|
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_ibmappscanver web_dev_tomcatver |
||
|
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. |
Oracle Secure Backup vulnerabilities Oracle vulnerabilities HP OA vulnerabilities MacOSX vulnerabilities IBM HTTP Server vulnerabilities Apache vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_backupver database_oracle_ias misc_hponboard misc_macosx_version web_dev_ibmhttpserver web_server_apache_byterange web_server_apache_version web_tool_hpsmh |
||
|
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression. |
Squid vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_proxy_squid | ||
|
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. |
MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. |
Cyrus imap version |
mail_imap_cyrus | ||
|
The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. |
MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. |
iTunes vulnerabilities MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes misc_macosx_version misc_quicktime |
||
|
QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote attackers to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-mail message. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized memory during the processing of X.509 certificates, which allows remote web servers to execute arbitrary code via a crafted certificate. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript. |
Mozilla Thunderbird vulnerabilities iTunes vulnerabilities Mozilla vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
mail_client_thunderbird misc_itunes web_client_firefox web_client_safari web_client_seamonkey |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_safari |
||
|
The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X does not properly recognize the Always value of the Block Cookies setting, which makes it easier for remote web servers to track users via a cookie. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
iTunes vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes | ||
|
CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies to unintended web sites, via a crafted (1) http or (2) https URL. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT file. |
QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_quicktime | ||
|
Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime movie file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime movie file. |
QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_quicktime | ||
|
Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream. |
iTunes vulnerabilities MacOSX vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes misc_macosx_version |
||
|
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. |
FreeType vulnerabilities MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_lib_freetype misc_macosx_version |
||
|
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483. |
MacOSX vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_prog_php_version web_tool_hpsmh |
||
|
Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and 15.0S before 15.0(1)S3a on Cisco 10000 series routers allows remote attackers to cause a denial of service (device reload) via a sequence of crafted ICMP packets, aka Bug ID CSCtk62453. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via crafted TCP packets to port 4786, aka Bug ID CSCto10165. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15.1, and IOS XE 2.1.x through 3.3.x, allows remote attackers to cause a denial of service (memory corruption and device reload) via malformed IP SLA packets, aka Bug ID CSCtk67073. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted SIP message, aka Bug ID CSCti48504. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060, aka Bug ID CSCso02147. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted H.323 packets to TCP port 1720, aka Bug ID CSCth11006. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCti48483. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain HTTP Layer 7 Application Control and Inspection configurations, allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTP packet, aka Bug ID CSCto68554. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device reload) via an ICMPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCtj30155. |
Cisco vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_ios | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacscto40365 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92380 and CSCtq09972. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacscto92380 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06065 and CSCtq09978. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacscto92380 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06062 and CSCtq09986. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacscto92380 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92398 and CSCtq09989. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacscto92380 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via malformed ILS traffic, aka Bug IDs CSCtq57697 and CSCtq57802. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacsctq57697 | ||
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.2 before 7.2(5.3), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2), and 8.5 before 8.5(1.1) allow remote attackers to cause a denial of service (device reload) via crafted MSN Instant Messenger traffic, aka Bug ID CSCtl67486. |
Cisco ASA vulnerabilities Note: A valid SNMP read community string is required to detect this vulnerability |
net_cisco_asacsctl67486 | ||
|
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. |
Cisco WebEx Player vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_ciscosa20111026 | ||
|
The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length. |
Zebra Quagga Routing Suite Note: Authentication is recommended to improve the accuracy of this check |
net_quagga | ||
|
The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message. |
Zebra Quagga Routing Suite Note: Authentication is recommended to improve the accuracy of this check |
net_quagga | ||
|
ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet. |
Zebra Quagga Routing Suite Note: Authentication is recommended to improve the accuracy of this check |
net_quagga | ||
|
The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message. |
Zebra Quagga Routing Suite Note: Authentication is recommended to improve the accuracy of this check |
net_quagga | ||
|
Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4. |
Zebra Quagga Routing Suite Note: Authentication is recommended to improve the accuracy of this check |
net_quagga | ||
|
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Cross-site scripting (XSS) vulnerability in the Lookup Login/Password form in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the URI. |
Red Hat Network Satellite Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatsatellitever | ||
|
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request. |
MacOSX vulnerabilities IBM HTTP Server vulnerabilities Apache vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_macosx_version web_dev_ibmhttpserver web_server_apache_version web_tool_hpsmh |
||
|
The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share. |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. |
Oracle vulnerabilities MacOSX vulnerabilities HP Openview vulnerabilities IBM HTTP Server vulnerabilities Apache module vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias misc_macosx_version net_ovnodemgrver web_dev_ibmhttpserver web_mod_proxyver web_tool_hpsmh |
||
|
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command. |
Cyrus imap version |
mail_imap_cyrus | ||
|
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data. |
VMWare ESX vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild web_dev_tomcatver |
||
|
org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality. |
Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_tomcatver | ||
|
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. |
HP SMH vulnerabilities |
web_tool_hpsmh | ||
|
Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site, instead of the insecure site. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. |
Oracle Database vulnerabilities VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities MacOSX vulnerabilities Novell Access Manager vulnerabilities Browser Exploit against SSL TLS Asterisk vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Opera vulnerabilities Lotus Domino HTTP vulnerability Sun Java System Web Server vulnerabilities HP SMH vulnerabilities Windows updates needed Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version misc_esxbuild misc_ibmappscanver misc_macosx_version misc_novellaccessmanager misc_tls_beast net_asteriskver net_ovnodemgriver web_client_jre web_client_opera9 web_dev_jdk web_server_lotus_domino web_server_sjswsver web_tool_hpsmh win_patch_ssl |
||
|
Cross-site scripting (XSS) vulnerability in control.php in the controlcenter in Phorum before 5.2.17 allows remote attackers to inject arbitrary web script or HTML via the real_name parameter. |
Phorum vulnerabilities |
web_prog_php_phorumver | ||
|
Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ppt2007 win_patch_ppt2010 |
||
|
The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Microsoft Time Remote Code Execution Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms11090 | ||
|
Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_olems11093 | ||
|
ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memory Corruption Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_mediams11092 | ||
|
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability." |
Microsoft Silverlight vulnerabilities Windows updates needed Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_silverlightmacver misc_silverlightver win_patch_ms11087 win_patch_ms12039lync win_patch_office2003ogl win_patch_office2007ogl win_patch_office2010ogl |
||
|
Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_excel2003 win_patch_office2004macver |
||
|
Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability." |
Internet Explorer vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_ie_v6 win_patch_ie_v7 win_patch_ie_v8 win_patch_ie_v9 |
||
|
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote authenticated users to execute arbitrary code via a crafted query that leverages incorrect memory initialization, aka "Active Directory Buffer Overflow Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_activedir11095 win_patch_adam11095 |
||
|
Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Local Privilege Elevation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_csrss11097 | ||
|
Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Out-of-bounds Array Index Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_officepubver win_patch_publisher2007 |
||
|
Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_officepubver | ||
|
Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_officepubver win_patch_publisher2007 |
||
|
Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka "OfficeArt Shape RCE Vulnerability." |
Microsoft Office vulnerabilities Note: Authentication is required to detect this vulnerability |
win_patch_office2008macver win_patch_ppt2007 win_patch_pptconv2007 win_patch_pptview2007 |
||
|
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka "Collisions in HashTable May Cause DoS Vulnerability." |
Microsoft NET Framework Note: Authentication is recommended to improve the accuracy of this check |
win_dotnet11100 | ||
|
Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka "Insecure Redirect in .NET Form Authentication Vulnerability." |
Microsoft NET Framework Note: Authentication is recommended to improve the accuracy of this check |
win_dotnet11100 | ||
|
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability." |
Microsoft NET Framework Note: Authentication is recommended to improve the accuracy of this check |
win_dotnet11100 | ||
|
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access to arbitrary user accounts via a crafted URL, aka "ASP.NET Forms Authentication Ticket Caching Vulnerability." |
Microsoft NET Framework Note: Authentication is recommended to improve the accuracy of this check |
win_dotnet11100 | ||
|
The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate, as demonstrated by https access with Safari. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before 5 allows remote web servers to inject arbitrary web script or HTML via a file accompanied by a "Content-Disposition: attachment" HTTP header. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. |
FreeType vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_lib_freetype | ||
|
libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via crafted DNS data. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading Language (aka GLSL) compilation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted program. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie file that triggers a buffer overflow. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. |
MacOSX vulnerabilities QuickTime vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version misc_quicktime |
||
|
Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631. |
pcAnywhere vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_pcanywherefilever misc_pcanywherever |
||
|
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file. |
pcAnywhere vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_pcanywherefilever misc_pcanywherever |
||
|
Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command. |
ScadaPro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_scada_scadaprover | ||
|
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. |
eSignal vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esignalver | ||
|
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command. |
ScadaPro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_scada_scadaprover | ||
|
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command. |
ScadaPro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_scada_scadaprover | ||
|
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method. |
ScadaPro vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_scada_scadaprover | ||
|
Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRS_UT.dll that is located in the same folder as a .quo (QUOTE) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
eSignal vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esignalver | ||
|
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect integrity and availability via unknown vectors related to Privileged Account. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. |
Oracle Database vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_version | ||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-2237. |
Oracle vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias | ||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to Deployment. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_javafx web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, and 7 allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity and availability via unknown vectors. |
VMWare ESX vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot. |
VMWare ESX vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability HP Systems Insight Manager Note: Authentication is required to detect this vulnerability |
misc_esxbuild net_ovnodemgriver web_client_jre web_dev_jdk web_tool_hpsim |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity, related to JSSE. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_javafx web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound. |
VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk |
||
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4, 10.0.2, 10.3.3, 10.3.4, and 10.3.5 allows remote attackers to affect availability via unknown vectors related to Web Container. |
WebLogic vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_weblogic | ||
|
server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference. |
IceWarp vulnerabilities |
mail_web_icewarp | ||
|
IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function. |
IceWarp vulnerabilities |
mail_web_icewarp | ||
|
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists. |
Samba vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
win_samba | ||
|
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules. |
Plone vulnerabilities Zope vulnerabilities |
web_cms_plone web_dev_zope |
||
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) js/functions.js and (2) js/tbl_structure.js. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php. |
phpPgAdmin vulnerabilities |
web_prog_php_pgadminwebver | ||
|
A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DOM environment modification and arbitrary HTML or web script execution. |
JBoss Application Server |
web_dev_jbossasxss | ||
|
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. |
Oracle vulnerabilities MacOSX vulnerabilities HP Openview vulnerabilities IBM HTTP Server vulnerabilities Apache vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_httpserver misc_macosx_version net_ovnodemgrver web_dev_ibmhttpserver web_server_apache_version web_tool_hpsmh |
||
|
A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker. |
JBoss Application Server |
web_dev_jbossasxss | ||
|
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c. |
ClamAV vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_av_clam misc_av_clamwinupx |
||
|
fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. |
IBM HTTP Server vulnerabilities Apache module vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_dev_ibmhttpserver web_mod_proxyver web_tool_hpsmh |
||
|
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug." |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) extension for TYPO3 and Mahara, allows remote attackers to inject arbitrary web script or HTML via the plugin configuration directive in a reference to an external domain plugin. |
TYPO3 vulnerabilities |
web_prog_php_typo3ver | ||
|
The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE: this issue exists because of a CVE-2011-2986 regression. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when debug mode is used, allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) tabular report, (2) graphical report, or (3) new chart. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox web_client_seamonkey |
||
|
Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files to be executable files, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted file. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-2372 on Mac OS X. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers to create user accounts by leveraging a token contained in an e-mail message. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that upload attachments. |
Bugzilla vulnerabilities |
web_prog_cgi_bugzilla | ||
|
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. |
Mozilla Thunderbird vulnerabilities Mozilla vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_client_thunderbird web_client_firefox |
||
|
WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted date-time string in a .ics attachment. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow. |
Winamp vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_winampver | ||
|
Apple Safari 5.0.5 does not properly implement the setInterval function, which allows remote attackers to spoof the address bar via a crafted web page. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in with a blocking function is installed, allows user-assisted remote attackers to execute arbitrary code via a crafted web page that is accessed during user interaction with the plug-in, leading to improper coordination between an API call and the plug-in unloading functionality, as demonstrated by the Adobe Flash and RealPlayer plug-ins. |
Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_safari | ||
|
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. |
HP SMH vulnerabilities |
web_tool_hpsmh | ||
|
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image. |
VMware vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_vmware_fusion misc_vmwareplayerver misc_vmwarewkstnver |
||
|
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not properly handle drag and drop operations on URL strings, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not properly handle downloading files that have whitespace characters at the end of a filename, which has unspecified impact and user-assisted remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Cross-site scripting (XSS) vulnerability in the appcache internals page in Google Chrome before 15.0.874.102 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not prevent redirects to chrome: URLs, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a delimiter in HTTP headers, which has unknown impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media buffers. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers out-of-bounds write operations. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write operation. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
VMWare ESX vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild web_client_googlechrome |
||
|
The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The internationalization (aka i18n) functionality in Google V8, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
VMWare ESX vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild web_client_googlechrome |
||
|
Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. |
Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome web_client_safari |
||
|
Google Chrome before 17.0.963.46 does not prevent monitoring of the clipboard after a paste event, which has unspecified impact and remote attack vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that trigger the aborting of an IndexedDB transaction. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Unspecified vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via a crafted certificate. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
VMWare ESX vulnerabilities libxslt vulnerabilities Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_lib_libxslt web_client_googlechrome |
||
|
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. |
iTunes vulnerabilities Google Chrome vulnerabilities Safari vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_itunes web_client_googlechrome web_client_safari |
||
|
The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. |
Cisco WebEx Player vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_ciscosa20111026 | ||
|
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists. |
X11 vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_x11 | ||
|
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file. |
X11 vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_x11 | ||
|
Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401. |
IGSS SCADA vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_igssscadabo | ||
|
Untrusted search path vulnerability in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) before 9.0.0.11291 allows local users to gain privileges via a Trojan horse DLL in the current working directory. |
IGSS SCADA vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_igssscadabo | ||
|
Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservationdata parameter. |
Cross site scripting |
web_prog_cgi_casiteminderxss | ||
|
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header. |
DB2 vulnerabilities |
database_db2ver | ||
|
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command. |
phpLDAPadmin vulnerabilities |
web_prog_php_phpldapadminver | ||
|
The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011. |
phpLDAPadmin vulnerabilities |
web_prog_php_phpldapadminver | ||
|
Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379. |
HP SMH vulnerabilities |
web_tool_hpsmh | ||
|
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry. |
OpenLDAP vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_openldap | ||
|
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. |
Squid vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_proxy_squid | ||
|
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. |
Ethereal vulnerabilities Note: Authentication is required to detect this vulnerability |
net_wireshark | ||
|
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. |
VMWare ESX vulnerabilities HP OA vulnerabilities MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_hponboard misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. |
VMWare ESX vulnerabilities MacOSX vulnerabilities OpenSSL vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_macosx_version misc_openssl |
||
|
The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key." |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer. |
ProFTPD vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
ftp_proftp | ||
|
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words. |
Linux Kernel vulnerabilities Cisco FireSIGHT vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel web_prog_firesightver |
||
|
The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value." |
VMWare ESX vulnerabilities Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_linuxkernel |
||
|
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different vulnerability than CVE-2011-1528. |
Kerberos detected Note: Authentication is required to detect this vulnerability |
misc_kerberospkg | ||
|
PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c. |
HP SMH vulnerabilities |
web_tool_hpsmh | ||
|
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156. |
HP Openview vulnerabilities Note: Authentication is required to detect this vulnerability |
net_ovnodemgriver | ||
|
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155. |
HP Openview vulnerabilities Note: Authentication is required to detect this vulnerability |
net_ovnodemgriver | ||
|
Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data. |
HP Managed Printing Administration vulnerabilities |
misc_hpmpa | ||
|
Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp. |
HP Managed Printing Administration vulnerabilities |
misc_hpmpa | ||
|
Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data. |
HP Managed Printing Administration vulnerabilities |
misc_hpmpa | ||
|
Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. |
HP Managed Printing Administration vulnerabilities |
misc_hpmpa | ||
|
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. |
Novell Print Services vulnerabilities Note: Authentication is required to detect this vulnerability |
printer_novelliprtax | ||
|
Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929. |
Novell iManager vulnerabilities Note: Authentication is required to detect this vulnerability |
web_server_novell_imanagerver | ||
|
The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file. |
Novell GroupWise vulnerabilities |
mail_smtp_groupwise | ||
|
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key. |
pfSense vulnerabilities |
net_pfsense | ||
|
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a series of queries, aka Bug ID CSCtt94070. |
Cisco Unified MeetingPlace vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_tool_ciscompwebver | ||
|
Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted sample size in a RealAudio file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer misc_realplayercategory_macver |
||
|
The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted width value in an MPG file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted MP4 file. |
RealPlayer vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_realplayer | ||
|
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. |
DNS vulnerabilities MacOSX vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
dns_bindver misc_macosx_version |
||
|
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. |
nginx HTTP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_server_nginx | ||
|
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. |
Oracle vulnerabilities MacOSX vulnerabilities HP Openview vulnerabilities IBM HTTP Server vulnerabilities Apache module vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias misc_macosx_version net_ovnodemgrver web_dev_ibmhttpserver web_mod_proxyver web_tool_hpsmh |
||
|
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname. |
Dovecot vulnerabilities Note: Authentication is required to detect this vulnerability |
mail_misc_dovecotver | ||
|
The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via an HFS image with a crafted len field. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field of the asset tag in a Custom Info page. |
Red Hat Network Satellite Server vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_redhatsatellitever | ||
|
The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF. |
Oracle Glassfish Server vulnerabilities |
web_server_glassfishver | ||
|
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter. |
MediaWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_mediawiki | ||
|
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index. |
Lighttpd vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_server_lighttpd_version | ||
|
Cross-site scripting (XSS) vulnerability in Remote Development Services (RDS) in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
http Cold Fusion Note: Authentication is recommended to improve the accuracy of this check |
web_prog_cfm_mx | ||
|
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. |
Adobe Acrobat vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_acrobat misc_acroread |
||
|
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607. |
Apache vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_server_apache_version web_tool_hpsmh |
||
|
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
Jetty vulnerabilities |
web_dev_jetty | ||
|
Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
Plone vulnerabilities |
web_cms_plone | ||
|
Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers to cause a denial of service (device reload) via a crafted SCCP registration, aka Bug ID CSCtu73538. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allows remote attackers to execute arbitrary SQL commands via a crafted SCCP registration, aka Bug ID CSCtu73538. |
Cisco voice products Note: Authentication is required to detect this vulnerability |
net_cisco_cucmver | ||
|
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file. |
Ghostscript vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_ghostscriptver | ||
|
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file. |
Ghostscript vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_ghostscriptver | ||
|
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response. |
unbound vulnerabilities |
dns_unbound | ||
|
Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11355 and earlier allow remote attackers to execute arbitrary code or cause a denial of service via a crafted packet to TCP port (1) 12397 or (2) 12399. |
IGSS SCADA vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_igssscadabo | ||
|
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. |
dhcpd vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_dhcpver | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) 1.04 allow remote attackers to inject arbitrary web script or HTML via the func parameter to (1) ldap.php or (2) search.php. |
Cross site scripting |
web_prog_php_atmailopenxss | ||
|
Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters. |
TikiWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_tikiwikiver | ||
|
Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters. |
TikiWiki vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_tikiwikiver | ||
|
Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php. NOTE: some of these details are obtained from third party information. |
Phorum vulnerabilities |
web_prog_php_phorumver | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.5.1.a, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) text parameter to include/formdhtmltextarea_preview.php or (2) img BBCODE tag within the message parameter to pmlite.php (aka Private Message). NOTE: some of these details are obtained from third party information. |
Cross site scripting |
web_prog_php_xoopspostxss | ||
|
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. |
VMWare ESX vulnerabilities HP OA vulnerabilities MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_hponboard misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. |
VMWare ESX vulnerabilities MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
The handle_request_info function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted sequence of SIP requests. |
Asterisk vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_asteriskver | ||
|
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization. |
MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_macosx_version | ||
|
The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly restrict write access, which allows remote attackers to add, delete, or modify items in a JNDI tree via unspecified vectors. |
HP Openview vulnerabilities Note: Authentication is required to detect this vulnerability |
net_ovnodemgriver | ||
|
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. |
VMWare ESX vulnerabilities HP OA vulnerabilities MacOSX vulnerabilities OpenSSL vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_esxbuild misc_hponboard misc_macosx_version misc_openssl web_tool_hpsmh |
||
|
The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Database Synchronize panel; (2) a crafted database name, related to the Database rename panel; (3) a crafted SQL query, related to the table overview panel; (4) a crafted SQL query, related to the view creation dialog; (5) a crafted column type, related to the table search dialog; or (6) a crafted column type, related to the create index dialog. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Same Origin Policy by leveraging access to a different domain name in the same top-level domain, as demonstrated by the .no or .uk domain. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue." |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. |
Opera vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_opera9 | ||
|
Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. |
PHP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_version | ||
|
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. |
TFTP file access |
ftp_tftptrav | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter. |
phpMyAdmin vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_myadminver | ||
|
Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors. |
Cross site scripting |
web_tool_hpanm | ||
|
Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. |
Serv U vulnerabilities |
ftp_servu | ||
|
Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter. |
SAP Crystal Reports vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_crystalreportsserver | ||
|
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter. |
Cacti vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_cacti | ||
|
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
HP Openview vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
net_ovnodemgrver web_dev_tomcatver |
||
|
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. |
VMWare ESX vulnerabilities Kerberos detected FreeBSD telnetd vulnerability Heimdal telnetd vulnerability Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_kerberospkg shell_telnet_freebsd shell_telnet_heimdal |
||
|
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528. |
unbound vulnerabilities |
dns_unbound | ||
|
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
Oracle Secure Backup vulnerabilities PHP vulnerabilities HP SMH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_backupver web_prog_php_version web_tool_hpsmh |
||
|
The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery. |
solidDB vulnerabilities Note: Authentication is required to detect this vulnerability |
database_soliddbver | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26, and other versions before 1.0.0, allow remote attackers to inject arbitrary web script or HTML via the URL to (1) e107_images/thumb.php or (2) rate.php, (3) resend_name parameter to e107_admin/users.php, and (4) link BBCode in user signatures. |
Cross site scripting |
web_prog_php_e107xssrate | ||
|
The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by changing a nickname while in an XMPP chat room. |
Gaim vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_gaim | ||
|
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding. |
VMWare ESX vulnerabilities |
misc_esxbuild | ||
|
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file. |
VMWare ESX vulnerabilities MacOSX vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_esxbuild misc_macosx_version |
||
|
Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request. |
nginx HTTP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_server_nginx | ||
|
nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) |
nginx HTTP vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_server_nginx | ||
|
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag. |
jQuery vulnerabilities Jenkins vulnerabilities HP SMH vulnerabilities |
web_lib_jquery web_prog_jsp_jenkinsver web_tool_hpsmh |
||
|
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant. |
OpenSSH vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
shell_ssh_openssh | ||
|
Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC packet to TCP port 20101. |
Trend Micro vulnerabilities |
misc_av_trendmicro_cmver | ||
|
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. |
Oracle vulnerabilities VMWare ESX vulnerabilities IBM Rational AppScan vulnerabilities HP Openview vulnerabilities Java Plugin vulnerability WebLogic vulnerabilities Sun Java System Web Server vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
database_oracle_ias misc_esxbuild misc_ibmappscanver net_ovnodemgriver web_client_jre web_dev_jdk web_dev_weblogic web_server_sjswsver |
||
|
The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted data, as demonstrated by a large height attribute of an IFRAME element rendered by Safari, aka "GDI Access Violation Vulnerability." |
Windows updates needed Note: Authentication is required to detect this vulnerability |
win_patch_ms12008 | ||
|
Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the style parameter. |
pfSense vulnerabilities |
net_pfsense | ||
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184. |
IBM Rational AppScan vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver web_dev_tomcatver |
||
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184. |
IBM Rational AppScan vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver web_dev_tomcatver |
||
|
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184. |
IBM Rational AppScan vulnerabilities Apache Tomcat vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
misc_ibmappscanver web_dev_tomcatver |
||
|
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter. |
MyBB vulnerabilities |
web_prog_php_mybb | ||
|
Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "usernames via AJAX." |
MyBB vulnerabilities |
web_prog_php_mybb | ||
|
Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list." |
MyBB vulnerabilities |
web_prog_php_mybb | ||
|
Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence. |
Citect SCADA Vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_scada_citectscadaver | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter. |
Infoblox NetMRI vulnerabilities |
misc_infobloxnetmrixss | ||
|
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156. |
HP Openview vulnerabilities Note: Authentication is required to detect this vulnerability |
net_ovnodemgriver | ||
|
Cross-site scripting (XSS) vulnerability in the getLog function in svnlook.php in WebSVN before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the path parameter to (1) comp.php, (2) diff.php, or (3) revision.php. |
WebSVN vulnerabilities |
web_prog_php_websvnver | ||
|
Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file. |
IrfanView vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_irfanviewver | ||
|
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link. |
mnoGoSearch vulnerabilities |
web_prog_cgi_mnogosearchver | ||
|
Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter in a lostpw action. |
vBulletin vulnerabilities |
web_prog_php_vbulletin | ||
|
wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contributor role. |
WordPress vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
web_prog_php_wordpress | ||
|
content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote attackers to capture keystrokes via a crafted web site that listens for ondevicemotion events, a different vulnerability than CVE-2015-1231. |
Google Chrome vulnerabilities Note: Authentication is required to detect this vulnerability |
web_client_googlechrome | ||
|
The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted access to a device file under the /dev/pts directory. |
Linux Kernel vulnerabilities Note: Authentication is required to detect this vulnerability |
misc_linuxkernel |
: A dangerous check is available for this vulnerability.