Max CVSS 10.0 Min CVSS 1.2 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2010-3282 1.9
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-root
09-01-2020 - 21:32 09-01-2020 - 21:15
CVE-2010-3493 4.3
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept f
25-10-2019 - 11:53 19-10-2010 - 20:00
CVE-2005-0758 4.6
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
16-10-2019 - 20:01 13-05-2005 - 04:00
CVE-2008-1447 5.0
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
09-10-2019 - 22:55 08-07-2008 - 23:41
CVE-2006-4226 3.6
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have pe
07-10-2019 - 16:42 18-08-2006 - 20:04
CVE-2006-3081 4.0
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
07-10-2019 - 16:42 19-06-2006 - 18:02
CVE-2006-1517 5.0
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error m
07-10-2019 - 16:42 05-05-2006 - 12:46
CVE-2006-1516 5.0
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
07-10-2019 - 16:42 05-05-2006 - 12:46
CVE-2005-1636 4.6
mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
07-10-2019 - 16:42 17-05-2005 - 04:00
CVE-2005-0711 2.1
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
07-10-2019 - 16:42 02-05-2005 - 04:00
CVE-2005-0710 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is pr
07-10-2019 - 16:42 02-05-2005 - 04:00
CVE-2005-0709 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
07-10-2019 - 16:42 02-05-2005 - 04:00
CVE-2003-0150 9.0
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by mod
07-10-2019 - 16:41 24-03-2003 - 05:00
CVE-2003-0073 5.0
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
07-10-2019 - 16:41 19-02-2003 - 05:00
CVE-2010-1029 5.0
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap
26-09-2019 - 17:05 19-03-2010 - 21:30
CVE-2013-2461 7.5
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and
18-07-2019 - 12:27 18-06-2013 - 22:55
CVE-2012-2531 2.1
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."
03-07-2019 - 17:25 14-11-2012 - 00:55
CVE-2010-3972 10.0
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a den
03-07-2019 - 17:25 23-12-2010 - 18:00
CVE-2010-2731 6.8
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted
03-07-2019 - 17:25 15-09-2010 - 19:00
CVE-2009-3555 5.8
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
03-07-2019 - 17:25 09-11-2009 - 17:30
CVE-2009-3023 9.3
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption,
03-07-2019 - 17:25 31-08-2009 - 20:30
CVE-2009-1535 7.6
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary
03-07-2019 - 17:25 10-06-2009 - 14:30
CVE-2008-0074 7.2
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
03-07-2019 - 17:25 12-02-2008 - 21:00
CVE-2013-3918 9.3
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold
14-05-2019 - 14:24 12-11-2013 - 14:35
CVE-2010-0478 9.3
Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Med
30-04-2019 - 14:27 14-04-2010 - 16:00
CVE-2009-1139 7.8
Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (m
30-04-2019 - 14:27 10-06-2009 - 18:00
CVE-2008-4609 7.1
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vect
30-04-2019 - 14:27 20-10-2008 - 17:59
CVE-2006-2379 9.3
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
30-04-2019 - 14:27 13-06-2006 - 19:06
CVE-2005-1218 5.0
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
30-04-2019 - 14:27 10-08-2005 - 04:00
CVE-2005-1214 5.1
Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.
30-04-2019 - 14:27 14-06-2005 - 04:00
CVE-2005-0061 7.2
The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests.
30-04-2019 - 14:27 02-05-2005 - 04:00
CVE-2005-0060 7.2
Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.
30-04-2019 - 14:27 02-05-2005 - 04:00
CVE-2005-0057 7.5
The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow.
30-04-2019 - 14:27 02-05-2005 - 04:00
CVE-2005-0048 7.5
Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Valid
30-04-2019 - 14:27 02-05-2005 - 04:00
CVE-2005-0045 7.5
The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2)
30-04-2019 - 14:27 02-05-2005 - 04:00
CVE-2004-1319 5.0
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the par
30-04-2019 - 14:27 15-12-2004 - 05:00
CVE-2004-1080 10.0
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS re
30-04-2019 - 14:27 10-01-2005 - 05:00
CVE-2004-0901 10.0
Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site,
30-04-2019 - 14:27 10-01-2005 - 05:00
CVE-2004-0893 7.2
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges,
30-04-2019 - 14:27 10-01-2005 - 05:00
CVE-2004-0574 10.0
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, poss
30-04-2019 - 14:27 03-11-2004 - 05:00
CVE-2004-0571 10.0
Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability
30-04-2019 - 14:27 10-01-2005 - 05:00
CVE-2004-0568 10.0
HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious
30-04-2019 - 14:27 10-01-2005 - 05:00
CVE-2004-0212 10.0
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Interne
30-04-2019 - 14:27 06-08-2004 - 04:00
CVE-2003-0825 9.3
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute
30-04-2019 - 14:27 03-03-2004 - 05:00
CVE-2003-0824 5.0
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain
30-04-2019 - 14:27 15-12-2003 - 05:00
CVE-2003-0822 7.5
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
30-04-2019 - 14:27 15-12-2003 - 05:00
CVE-2003-0818 7.5
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encod
30-04-2019 - 14:27 03-03-2004 - 05:00
CVE-2003-0662 9.3
Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.
30-04-2019 - 14:27 17-11-2003 - 05:00
CVE-2003-0660 7.5
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user appr
30-04-2019 - 14:27 17-11-2003 - 05:00
CVE-2003-0659 7.2
Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
30-04-2019 - 14:27 17-11-2003 - 05:00
CVE-2003-0345 7.5
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
30-04-2019 - 14:27 18-08-2003 - 04:00
CVE-2003-0111 7.5
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Fla
30-04-2019 - 14:27 05-05-2003 - 04:00
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
30-04-2019 - 14:27 17-01-2003 - 05:00
CVE-2002-1258 5.0
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in
30-04-2019 - 14:27 23-12-2002 - 05:00
CVE-2002-0863 5.0
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka
30-04-2019 - 14:27 11-10-2002 - 04:00
CVE-2002-0151 7.2
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
30-04-2019 - 14:27 04-04-2002 - 05:00
CVE-2002-0055 5.0
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
30-04-2019 - 14:27 08-03-2002 - 05:00
CVE-2006-2373 10.0
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEIT
26-03-2019 - 19:17 13-06-2006 - 19:06
CVE-2011-2729 5.0
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows re
25-03-2019 - 11:33 15-08-2011 - 21:55
CVE-2011-2204 1.9
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive inf
25-03-2019 - 11:33 29-06-2011 - 17:55
CVE-2011-0013 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the displ
25-03-2019 - 11:33 19-02-2011 - 01:00
CVE-2010-1157 2.6
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the re
25-03-2019 - 11:32 23-04-2010 - 14:30
CVE-2009-2902 4.3
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
25-03-2019 - 11:31 28-01-2010 - 20:30
CVE-2009-2693 5.8
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat
25-03-2019 - 11:30 28-01-2010 - 20:30
CVE-2008-2370 5.0
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traver
25-03-2019 - 11:30 04-08-2008 - 01:41
CVE-2008-1947 4.3
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
25-03-2019 - 11:30 04-06-2008 - 19:32
CVE-2008-1232 4.3
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to
25-03-2019 - 11:30 04-08-2008 - 01:41
CVE-2009-3609 4.3
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via
06-03-2019 - 16:30 21-10-2009 - 17:30
CVE-2009-3606 9.3
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overf
06-03-2019 - 16:30 21-10-2009 - 17:30
CVE-2013-3200 7.2
The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate a
26-02-2019 - 14:04 09-10-2013 - 14:53
CVE-2013-3129 9.3
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
26-02-2019 - 14:04 10-07-2013 - 03:46
CVE-2013-1294 4.9
Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain p
26-02-2019 - 14:04 09-04-2013 - 22:55
CVE-2013-1287 7.2
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory,
26-02-2019 - 14:04 13-03-2013 - 00:55
CVE-2013-1286 7.2
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory,
26-02-2019 - 14:04 13-03-2013 - 00:55
CVE-2013-1285 7.2
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory,
26-02-2019 - 14:04 13-03-2013 - 00:55
CVE-2013-0029 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
26-02-2019 - 14:04 13-02-2013 - 12:04
CVE-2013-0024 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
26-02-2019 - 14:04 13-02-2013 - 12:04
CVE-2013-0019 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
26-02-2019 - 14:04 13-02-2013 - 12:04
CVE-2013-0001 4.3
The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via (1) a crafted XAML bro
26-02-2019 - 14:04 09-01-2013 - 18:09
CVE-2012-2556 9.3
The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT
26-02-2019 - 14:04 12-12-2012 - 00:55
CVE-2012-2519 7.9
Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated
26-02-2019 - 14:04 14-11-2012 - 00:55
CVE-2012-1896 5.0
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafte
26-02-2019 - 14:04 14-11-2012 - 00:55
CVE-2012-1895 9.3
The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XB
26-02-2019 - 14:04 14-11-2012 - 00:55
CVE-2012-1528 9.3
Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileg
26-02-2019 - 14:04 14-11-2012 - 00:55
CVE-2012-1527 9.3
Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privile
26-02-2019 - 14:04 14-11-2012 - 00:55
CVE-2012-0149 7.2
afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elev
26-02-2019 - 14:04 14-02-2012 - 22:55
CVE-2012-0015 9.3
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
26-02-2019 - 14:04 14-02-2012 - 22:55
CVE-2012-0014 9.3
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser
26-02-2019 - 14:04 14-02-2012 - 22:55
CVE-2012-0011 9.3
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
26-02-2019 - 14:04 14-02-2012 - 22:55
CVE-2012-0004 9.3
Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code
26-02-2019 - 14:04 10-01-2012 - 21:55
CVE-2011-3406 9.0
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, a
26-02-2019 - 14:04 14-12-2011 - 00:55
CVE-2011-3402 9.3
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP
26-02-2019 - 14:04 04-11-2011 - 21:55
CVE-2011-2005 7.2
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary F
26-02-2019 - 14:04 12-10-2011 - 02:52
CVE-2011-1999 9.3
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
26-02-2019 - 14:04 12-10-2011 - 02:52
CVE-2011-1996 9.3
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
26-02-2019 - 14:04 12-10-2011 - 02:52
CVE-2011-1992 4.3
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
26-02-2019 - 14:04 14-12-2011 - 00:55
CVE-2011-1991 9.3
Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan hors
26-02-2019 - 14:04 15-09-2011 - 12:26
CVE-2011-1978 4.3
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser a
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1977 4.3
The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HT
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1974 7.2
NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1968 7.1
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP p
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1964 9.3
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1963 9.3
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1961 9.3
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1960 4.3
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1257 7.6
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
26-02-2019 - 14:04 10-08-2011 - 21:55
CVE-2011-1249 7.2
The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode inp
26-02-2019 - 14:04 16-06-2011 - 20:55
CVE-2011-1248 9.3
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 does not properly handle socket send exceptions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted
26-02-2019 - 14:04 13-05-2011 - 17:05
CVE-2011-1245 4.3
Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Informati
26-02-2019 - 14:04 13-04-2011 - 18:55
CVE-2011-0676 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a craft
26-02-2019 - 14:04 13-04-2011 - 20:26
CVE-2011-0663 9.3
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."
26-02-2019 - 14:04 13-04-2011 - 18:55
CVE-2011-0661 10.0
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows
26-02-2019 - 14:04 13-04-2011 - 18:55
CVE-2011-0033 9.3
The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts,
26-02-2019 - 14:04 10-02-2011 - 16:00
CVE-2011-0026 9.3
Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long s
26-02-2019 - 14:04 12-01-2011 - 01:00
CVE-2010-3965 9.3
Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL
26-02-2019 - 14:04 16-12-2010 - 19:33
CVE-2010-3963 7.2
Buffer overflow in the Routing and Remote Access NDProxy component in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, related to the Routing and Remote Access service
26-02-2019 - 14:04 16-12-2010 - 19:33
CVE-2010-3958 9.3
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted A
26-02-2019 - 14:04 13-04-2011 - 18:55
CVE-2010-3147 9.3
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to
26-02-2019 - 14:04 27-08-2010 - 19:00
CVE-2010-2550 10.0
The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute
26-02-2019 - 14:04 11-08-2010 - 18:47
CVE-2010-1896 7.2
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 do not properly validate user-mode input passed to kernel mode, which allows l
26-02-2019 - 14:04 11-08-2010 - 18:47
CVE-2010-1885 9.3
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist
26-02-2019 - 14:04 15-06-2010 - 14:04
CVE-2010-0820 9.0
Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP S
26-02-2019 - 14:04 15-09-2010 - 19:00
CVE-2010-0016 9.3
The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted respo
26-02-2019 - 14:04 10-02-2010 - 18:30
CVE-2009-2531 9.3
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
26-02-2019 - 14:04 14-10-2009 - 10:30
CVE-2009-2530 9.3
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
26-02-2019 - 14:04 14-10-2009 - 10:30
CVE-2009-2529 9.3
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnera
26-02-2019 - 14:04 14-10-2009 - 10:30
CVE-2009-2509 9.0
Active Directory Federation Services (ADFS) in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly validate headers in HTTP requests, which allows remote authenticated users to execute arbitrary code via a crafted request
26-02-2019 - 14:04 09-12-2009 - 18:30
CVE-2009-2508 6.9
The single sign-on implementation in Active Directory Federation Services (ADFS) in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly remove credentials at the end of a network session, which allows physically proximate
26-02-2019 - 14:04 09-12-2009 - 18:30
CVE-2009-2494 10.0
The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operation
26-02-2019 - 14:04 12-08-2009 - 17:30
CVE-2009-1926 7.8
Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small o
26-02-2019 - 14:04 08-09-2009 - 22:30
CVE-2009-1925 10.0
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and th
26-02-2019 - 14:04 08-09-2009 - 22:30
CVE-2009-1919 9.3
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
26-02-2019 - 14:04 29-07-2009 - 17:30
CVE-2009-1918 10.0
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
26-02-2019 - 14:04 29-07-2009 - 17:30
CVE-2009-1917 9.3
Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly h
26-02-2019 - 14:04 29-07-2009 - 17:30
CVE-2009-1547 9.3
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."
26-02-2019 - 14:04 14-10-2009 - 10:30
CVE-2009-1531 9.3
Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code via frequent calls to the getElementsByTagName function combi
26-02-2019 - 14:04 10-06-2009 - 18:30
CVE-2009-1530 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML doc
26-02-2019 - 14:04 10-06-2009 - 18:30
CVE-2009-1529 9.3
Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling
26-02-2019 - 14:04 10-06-2009 - 18:30
CVE-2009-1528 9.3
Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitr
26-02-2019 - 14:04 10-06-2009 - 18:30
CVE-2009-1140 7.1
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers t
26-02-2019 - 14:04 10-06-2009 - 18:30
CVE-2009-0091 9.3
Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a craf
26-02-2019 - 14:04 14-10-2009 - 10:30
CVE-2008-4834 10.0
Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Tra
26-02-2019 - 14:04 14-01-2009 - 22:30
CVE-2008-4114 7.1
srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact vi
26-02-2019 - 14:04 16-09-2008 - 23:00
CVE-2008-3477 9.3
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel fil
26-02-2019 - 14:04 15-10-2008 - 00:12
CVE-2011-3866 4.3
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion data events, which makes it easier for remote attackers to read keystrokes by leveraging JavaScript code running in a background tab.
29-11-2018 - 16:02 29-09-2011 - 00:55
CVE-2011-3003 10.0
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting
29-11-2018 - 16:02 29-09-2011 - 00:55
CVE-2011-3002 9.3
Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application
29-11-2018 - 16:02 29-09-2011 - 00:55
CVE-2010-3405 6.8
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
28-11-2018 - 17:13 16-09-2010 - 21:00
CVE-2010-0159 10.0
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute
16-11-2018 - 15:56 22-02-2010 - 13:00
CVE-2009-3002 4.9
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to th
16-11-2018 - 15:43 28-08-2009 - 15:30
CVE-2009-0143 4.3
Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast.
08-11-2018 - 20:21 14-03-2009 - 18:30
CVE-2008-2712 9.3
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3)
01-11-2018 - 15:07 16-06-2008 - 21:41
CVE-2010-0017 9.3
Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, an
30-10-2018 - 16:28 10-02-2010 - 18:30
CVE-2012-5144 10.0
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impa
30-10-2018 - 16:27 12-12-2012 - 11:38
CVE-2012-2888 7.5
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2887 7.5
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2886 4.3
Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)."
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2885 7.5
Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2883 7.5
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2882 6.8
FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2881 7.5
Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2880 7.5
Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2879 4.3
Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2878 7.5
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2877 5.0
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2876 7.5
Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2874 7.5
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883
30-10-2018 - 16:27 26-09-2012 - 10:56
CVE-2012-2872 4.3
Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
30-10-2018 - 16:27 31-08-2012 - 19:55
CVE-2012-2869 7.5
Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."
30-10-2018 - 16:27 31-08-2012 - 19:55
CVE-2012-2868 6.8
Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) obj
30-10-2018 - 16:27 31-08-2012 - 19:55
CVE-2012-2867 5.0
The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
30-10-2018 - 16:27 31-08-2012 - 19:55
CVE-2012-2866 7.5
Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
30-10-2018 - 16:27 31-08-2012 - 19:55
CVE-2012-2865 4.3
Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
30-10-2018 - 16:27 31-08-2012 - 19:55
CVE-2011-3404 4.3
Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web
30-10-2018 - 16:27 14-12-2011 - 00:55
CVE-2011-3401 9.3
ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memo
30-10-2018 - 16:27 14-12-2011 - 00:55
CVE-2011-1998 9.3
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
30-10-2018 - 16:27 12-10-2011 - 02:52
CVE-2011-1267 7.8
The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 request, aka "SMB
30-10-2018 - 16:27 16-06-2011 - 20:55
CVE-2011-0091 6.4
Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not prevent a session from changing from strong encryption to DES encryption, which allows man-in-the-middle attackers to spoof network traffic and obtain sensitive information via a DES
30-10-2018 - 16:27 10-02-2011 - 16:00
CVE-2011-0042 9.3
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack fo
30-10-2018 - 16:27 09-03-2011 - 23:00
CVE-2011-0032 9.3
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan
30-10-2018 - 16:27 09-03-2011 - 23:00
CVE-2010-2555 6.8
The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a de
30-10-2018 - 16:27 11-08-2010 - 18:47
CVE-2010-2554 6.8
The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and
30-10-2018 - 16:27 11-08-2010 - 18:47
CVE-2010-2552 7.8
Stack consumption vulnerability in the SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denial of service (system hang) via a malformed SMBv2 compounded request
30-10-2018 - 16:27 11-08-2010 - 18:47
CVE-2010-2551 7.8
The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate an internal variable in an SMB packet, which allows remote attackers to cause a denial of service (system hang) via
30-10-2018 - 16:27 11-08-2010 - 18:47
CVE-2010-0265 9.3
Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." Per:
30-10-2018 - 16:27 10-03-2010 - 22:30
CVE-2009-3678 9.3
Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot
30-10-2018 - 16:27 14-05-2010 - 19:30
CVE-2007-2926 4.3
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query i
30-10-2018 - 16:27 24-07-2007 - 17:30
CVE-2013-5601 10.0
Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey bef
30-10-2018 - 16:26 30-10-2013 - 10:55
CVE-2010-3574 10.0
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2009-4018 7.5
The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute pr
30-10-2018 - 16:26 29-11-2009 - 13:07
CVE-2009-3877 5.0
Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consum
30-10-2018 - 16:26 05-11-2009 - 16:30
CVE-2009-3876 5.0
Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consum
30-10-2018 - 16:26 05-11-2009 - 16:30
CVE-2009-3875 5.0
The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers
30-10-2018 - 16:26 05-11-2009 - 16:30
CVE-2009-3800 9.3
Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
30-10-2018 - 16:26 10-12-2009 - 19:30
CVE-2009-3799 9.3
Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers me
30-10-2018 - 16:26 10-12-2009 - 19:30
CVE-2009-3798 9.3
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
30-10-2018 - 16:26 10-12-2009 - 19:30
CVE-2009-3796 9.3
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."
30-10-2018 - 16:26 10-12-2009 - 19:30
CVE-2009-3794 9.3
Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.
30-10-2018 - 16:26 10-12-2009 - 19:30
CVE-2009-3291 7.5
The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
30-10-2018 - 16:26 22-09-2009 - 10:30
CVE-2009-3049 5.0
Opera before 10.00 does not properly display all characters in Internationalized Domain Names (IDN) in the address bar, which allows remote attackers to spoof URLs and conduct phishing attacks, related to Unicode and Punycode.
30-10-2018 - 16:26 02-09-2009 - 17:30
CVE-2009-2676 6.8
Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attacke
30-10-2018 - 16:26 05-08-2009 - 19:30
CVE-2009-1805 4.0
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build
30-10-2018 - 16:26 01-06-2009 - 19:30
CVE-2008-4037 9.3
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as
30-10-2018 - 16:26 12-11-2008 - 23:30
CVE-2008-3006 9.3
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 a
30-10-2018 - 16:26 12-08-2008 - 23:41
CVE-2008-0080 10.0
Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.
30-10-2018 - 16:26 12-02-2008 - 23:00
CVE-2006-5823 4.0
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.
30-10-2018 - 16:26 09-11-2006 - 11:07
CVE-2006-5751 7.2
Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request.
30-10-2018 - 16:26 02-12-2006 - 02:28
CVE-2006-5215 2.6
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a sy
30-10-2018 - 16:26 10-10-2006 - 04:06
CVE-2006-5174 2.1
The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file fro
30-10-2018 - 16:26 10-10-2006 - 04:06
CVE-2006-4997 7.1
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (f
30-10-2018 - 16:26 10-10-2006 - 04:06
CVE-2006-4813 2.1
The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.
30-10-2018 - 16:26 12-10-2006 - 20:07
CVE-2006-4538 4.9
Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries.
30-10-2018 - 16:26 05-09-2006 - 19:04
CVE-2006-4319 7.2
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.
30-10-2018 - 16:26 24-08-2006 - 01:04
CVE-2006-3906 5.0
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the sess
30-10-2018 - 16:26 27-07-2006 - 22:04
CVE-2006-3741 4.9
The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file de
30-10-2018 - 16:26 10-10-2006 - 04:05
CVE-2006-3664 5.0
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors.
30-10-2018 - 16:26 18-07-2006 - 15:47
CVE-2006-3468 7.8
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error an
30-10-2018 - 16:26 21-07-2006 - 14:03
CVE-2006-2935 4.6
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device
30-10-2018 - 16:26 05-07-2006 - 18:05
CVE-2006-2444 7.8
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees o
30-10-2018 - 16:26 25-05-2006 - 10:02
CVE-2006-1528 4.9
Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.
30-10-2018 - 16:26 18-05-2006 - 19:06
CVE-2006-1056 2.1
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allow
30-10-2018 - 16:26 20-04-2006 - 10:02
CVE-2006-1052 2.1
The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.
30-10-2018 - 16:26 05-05-2006 - 12:46
CVE-2006-0744 4.9
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with
30-10-2018 - 16:26 18-04-2006 - 10:02
CVE-2006-0227 2.6
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.
30-10-2018 - 16:26 17-01-2006 - 20:07
CVE-2005-3669 5.0
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the
30-10-2018 - 16:26 18-11-2005 - 21:03
CVE-2005-3099 4.6
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.
30-10-2018 - 16:26 28-09-2005 - 23:03
CVE-2005-0136 2.1
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761
30-10-2018 - 16:26 31-12-2005 - 05:00
CVE-2004-2686 7.2
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but
30-10-2018 - 16:26 31-12-2004 - 05:00
CVE-2004-2660 4.9
Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests. This vulnerability is addressed in the following product release: Li
30-10-2018 - 16:26 31-12-2004 - 05:00
CVE-2004-1767 7.2
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function.
30-10-2018 - 16:26 31-12-2004 - 05:00
CVE-2004-1360 2.1
Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.
30-10-2018 - 16:26 27-02-2004 - 05:00
CVE-2004-1359 4.6
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
30-10-2018 - 16:26 04-03-2004 - 05:00
CVE-2004-1352 7.2
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.
30-10-2018 - 16:26 01-12-2004 - 05:00
CVE-2004-1351 10.0
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code.
30-10-2018 - 16:26 07-12-2004 - 05:00
CVE-2004-1347 5.0
X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request.
30-10-2018 - 16:26 10-08-2004 - 04:00
CVE-2004-1307 7.5
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be a
30-10-2018 - 16:26 21-12-2004 - 05:00
CVE-2004-0791 5.0
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench a
30-10-2018 - 16:26 12-04-2005 - 04:00
CVE-2004-0790 5.0
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have
30-10-2018 - 16:26 12-04-2005 - 04:00
CVE-2004-0654 2.1
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic
30-10-2018 - 16:26 06-08-2004 - 04:00
CVE-2004-0112 5.0
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a
30-10-2018 - 16:26 23-11-2004 - 05:00
CVE-2004-0081 5.0
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
30-10-2018 - 16:26 23-11-2004 - 05:00
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
30-10-2018 - 16:26 23-11-2004 - 05:00
CVE-2003-0999 7.2
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
30-10-2018 - 16:26 05-01-2004 - 05:00
CVE-2003-0914 4.3
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
30-10-2018 - 16:26 15-12-2003 - 05:00
CVE-2003-0694 10.0
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
30-10-2018 - 16:26 06-10-2003 - 04:00
CVE-2003-0669 1.2
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.
30-10-2018 - 16:26 27-08-2003 - 04:00
CVE-2003-0609 7.2
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
30-10-2018 - 16:26 27-08-2003 - 04:00
CVE-2003-0567 7.8
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
30-10-2018 - 16:26 18-08-2003 - 04:00
CVE-2003-0201 10.0
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
30-10-2018 - 16:26 05-05-2003 - 04:00
CVE-2003-0196 10.0
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
30-10-2018 - 16:26 05-05-2003 - 04:00
CVE-2003-0092 7.2
Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.
30-10-2018 - 16:26 02-04-2003 - 05:00
CVE-2003-0091 7.2
Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.
30-10-2018 - 16:26 02-04-2003 - 05:00
CVE-2003-0028 7.5
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via
30-10-2018 - 16:26 25-03-2003 - 05:00
CVE-2003-0027 5.0
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
30-10-2018 - 16:26 07-02-2003 - 05:00
CVE-2002-1337 10.0
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
30-10-2018 - 16:26 07-03-2003 - 05:00
CVE-2002-1317 7.5
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
30-10-2018 - 16:26 11-12-2002 - 05:00
CVE-2002-1296 7.2
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
30-10-2018 - 16:26 23-12-2002 - 05:00
CVE-2002-1199 5.0
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
30-10-2018 - 16:26 28-10-2002 - 05:00
CVE-2002-0797 10.0
Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
30-10-2018 - 16:26 12-08-2002 - 04:00
CVE-2002-0796 10.0
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
30-10-2018 - 16:26 12-08-2002 - 04:00
CVE-2002-0679 10.0
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
30-10-2018 - 16:26 05-09-2002 - 04:00
CVE-2002-0678 7.2
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
30-10-2018 - 16:26 23-07-2002 - 04:00
CVE-2002-0677 7.5
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the
30-10-2018 - 16:26 23-07-2002 - 04:00
CVE-2002-0573 7.5
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command canno
30-10-2018 - 16:26 03-07-2002 - 04:00
CVE-2002-0391 10.0
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array
30-10-2018 - 16:26 12-08-2002 - 04:00
CVE-2002-0089 7.2
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
30-10-2018 - 16:26 15-03-2002 - 05:00
CVE-2002-0088 7.2
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
30-10-2018 - 16:26 15-03-2002 - 05:00
CVE-2002-0085 5.0
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
30-10-2018 - 16:26 15-03-2002 - 05:00
CVE-2002-0084 7.2
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
30-10-2018 - 16:26 15-03-2002 - 05:00
CVE-2001-1076 7.2
Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.
30-10-2018 - 16:26 05-07-2001 - 04:00
CVE-2001-0797 10.0
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
30-10-2018 - 16:26 12-12-2001 - 05:00
CVE-2001-0779 10.0
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
30-10-2018 - 16:26 18-10-2001 - 04:00
CVE-2001-0594 4.6
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
30-10-2018 - 16:26 02-08-2001 - 04:00
CVE-2001-0422 7.2
Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
30-10-2018 - 16:26 02-07-2001 - 04:00
CVE-1999-0691 7.2
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
30-10-2018 - 16:26 13-09-1999 - 04:00
CVE-1999-0689 7.2
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
30-10-2018 - 16:26 13-09-1999 - 04:00
CVE-2010-3658 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, C
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3657 4.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656. Per: http://www.adobe
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3656 4.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657. Per: http://www.adobe
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3632 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, C
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3630 9.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. Per: http://www.adobe.com/suppor
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3629 9.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620. Per: http://www.adobe.co
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3628 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, C
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3627 9.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via unknown vectors. Per: http://www.adobe.com/support/security/bulletins/apsb10-21.html
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3626 9.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-2889. Per: http://www.adobe.com
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3625 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." Per: http://www.adobe.com/support/security
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3622 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, C
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3621 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, C
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3620 9.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629.
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-3619 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, C
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-2890 9.3
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-3619, C
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-2889 9.3
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-3626. Per: http://www.adobe.com
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-2888 9.3
Multiple unspecified vulnerabilities in an ActiveX control in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Windows allow attackers to execute arbitrary code via unknown vectors. Per: http://www.adobe.com/support/security/bulletins/
30-10-2018 - 16:25 06-10-2010 - 17:00
CVE-2010-2179 4.3
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecifi
30-10-2018 - 16:25 15-06-2010 - 18:00
CVE-2010-0182 4.3
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0181 4.3
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial o
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0176 9.3
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0175 9.3
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of se
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0174 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0173 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and applica
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0171 4.3
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) at
30-10-2018 - 16:25 25-03-2010 - 21:00
CVE-2010-0169 5.0
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings i
30-10-2018 - 16:25 25-03-2010 - 21:00
CVE-2010-0167 9.3
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash)
30-10-2018 - 16:25 25-03-2010 - 21:00
CVE-2009-3873 9.3
The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem,"
30-10-2018 - 16:25 05-11-2009 - 16:30
CVE-2009-3872 9.3
Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges
30-10-2018 - 16:25 05-11-2009 - 16:30
CVE-2009-3871 9.3
Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and
30-10-2018 - 16:25 05-11-2009 - 16:30
CVE-2009-3869 9.3
Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and S
30-10-2018 - 16:25 05-11-2009 - 16:30
CVE-2009-3868 9.3
Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a c
30-10-2018 - 16:25 05-11-2009 - 16:30
CVE-2009-3867 9.3
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to
30-10-2018 - 16:25 05-11-2009 - 16:30
CVE-2009-3373 10.0
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
30-10-2018 - 16:25 29-10-2009 - 14:30
CVE-2009-3372 9.3
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
30-10-2018 - 16:25 29-10-2009 - 14:30
CVE-2009-1303 5.0
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGE
30-10-2018 - 16:25 22-04-2009 - 18:30
CVE-2009-0838 4.9
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.
30-10-2018 - 16:25 06-03-2009 - 18:30
CVE-2008-3666 7.1
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrat
30-10-2018 - 16:25 13-08-2008 - 17:41
CVE-2008-3450 7.2
Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors.
30-10-2018 - 16:25 04-08-2008 - 18:41
CVE-2008-3014 9.3
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 20
30-10-2018 - 16:25 11-09-2008 - 01:11
CVE-2008-3013 9.3
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint
30-10-2018 - 16:25 11-09-2008 - 01:11
CVE-2008-3012 9.3
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint
30-10-2018 - 16:25 11-09-2008 - 01:11
CVE-2008-2710 7.2
Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones vi
30-10-2018 - 16:25 16-06-2008 - 20:41
CVE-2008-2365 4.7
Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another
30-10-2018 - 16:25 30-06-2008 - 21:41
CVE-2008-2144 10.0
Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.
30-10-2018 - 16:25 12-05-2008 - 19:20
CVE-2008-1778 6.6
Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknow
30-10-2018 - 16:25 14-04-2008 - 16:05
CVE-2008-1480 4.3
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.
30-10-2018 - 16:25 24-03-2008 - 22:44
CVE-2008-1095 6.8
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets
30-10-2018 - 16:25 29-02-2008 - 11:44
CVE-2008-0965 9.3
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.
30-10-2018 - 16:25 08-08-2008 - 18:41
CVE-2008-0964 9.3
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.
30-10-2018 - 16:25 08-08-2008 - 18:41
CVE-2008-0269 4.9
Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors.
30-10-2018 - 16:25 15-01-2008 - 20:00
CVE-2007-5921 4.7
Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.
30-10-2018 - 16:25 10-11-2007 - 02:46
CVE-2007-5422 4.9
Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors.
30-10-2018 - 16:25 12-10-2007 - 21:17
CVE-2007-5348 9.3
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerP
30-10-2018 - 16:25 11-09-2008 - 01:01
CVE-2007-5225 4.9
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
30-10-2018 - 16:25 05-10-2007 - 00:17
CVE-2007-4395 7.6
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. Successful exploitation requires that the attacker k
30-10-2018 - 16:25 17-08-2007 - 23:17
CVE-2007-3717 6.9
rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue
30-10-2018 - 16:25 12-07-2007 - 16:30
CVE-2007-3223 7.8
Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk
30-10-2018 - 16:25 14-06-2007 - 23:30
CVE-2007-3094 9.0
Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.
30-10-2018 - 16:25 06-06-2007 - 21:30
CVE-2007-3093 10.0
Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.
30-10-2018 - 16:25 06-06-2007 - 21:30
CVE-2007-3091 7.1
Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions
30-10-2018 - 16:25 06-06-2007 - 21:30
CVE-2007-2882 5.0
Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.
30-10-2018 - 16:25 30-05-2007 - 01:30
CVE-2007-2529 7.2
Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL.
30-10-2018 - 16:25 09-05-2007 - 00:19
CVE-2007-2465 4.7
Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related
30-10-2018 - 16:25 02-05-2007 - 22:19
CVE-2007-2045 5.0
Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.
30-10-2018 - 16:25 16-04-2007 - 22:19
CVE-2007-0918 7.1
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations tha
30-10-2018 - 16:25 14-02-2007 - 02:28
CVE-2007-0895 2.6
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level
30-10-2018 - 16:25 13-02-2007 - 01:28
CVE-2007-0882 10.0
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to
30-10-2018 - 16:25 12-02-2007 - 20:28
CVE-2007-0503 6.9
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
30-10-2018 - 16:25 25-01-2007 - 21:28
CVE-2007-0470 7.2
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
30-10-2018 - 16:25 24-01-2007 - 01:28
CVE-2007-0165 7.8
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
30-10-2018 - 16:25 10-01-2007 - 00:28
CVE-2007-0043 9.3
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer,
30-10-2018 - 16:25 10-07-2007 - 22:30
CVE-2007-0042 7.8
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechani
30-10-2018 - 16:25 10-07-2007 - 22:30
CVE-2007-0041 9.3
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths
30-10-2018 - 16:25 10-07-2007 - 22:30
CVE-2006-7140 5.8
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed
30-10-2018 - 16:25 07-03-2007 - 20:19
CVE-2006-6495 6.6
Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally
30-10-2018 - 16:25 13-12-2006 - 01:28
CVE-2006-6494 6.6
Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format stri
30-10-2018 - 16:25 13-12-2006 - 01:28
CVE-2006-6275 4.7
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
30-10-2018 - 16:25 04-12-2006 - 11:28
CVE-2006-5465 7.5
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
30-10-2018 - 16:25 04-11-2006 - 00:07
CVE-2006-5214 1.2
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is perf
30-10-2018 - 16:25 10-10-2006 - 04:06
CVE-2006-5073 7.8
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013.
30-10-2018 - 16:25 29-09-2006 - 00:07
CVE-2006-4486 2.6
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.
30-10-2018 - 16:25 31-08-2006 - 21:04
CVE-2006-4482 9.3
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990
30-10-2018 - 16:25 31-08-2006 - 21:04
CVE-2006-4307 7.2
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than
30-10-2018 - 16:25 23-08-2006 - 19:04
CVE-2006-4306 7.2
Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile.
30-10-2018 - 16:25 23-08-2006 - 19:04
CVE-2006-4020 4.6
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a bu
30-10-2018 - 16:25 08-08-2006 - 20:04
CVE-2006-3920 5.0
The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm.
30-10-2018 - 16:25 28-07-2006 - 22:04
CVE-2006-3606 5.0
Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library.
30-10-2018 - 16:25 18-07-2006 - 15:46
CVE-2006-3017 9.3
zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the varia
30-10-2018 - 16:25 14-06-2006 - 23:02
CVE-2006-2387 5.1
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS
30-10-2018 - 16:25 10-10-2006 - 22:07
CVE-2006-1782 2.1
Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including
30-10-2018 - 16:25 13-04-2006 - 10:02
CVE-2006-1780 2.1
The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh crash) via an unspecified attack vector that causes sh processes to crash during creation of temporary files. Apply patches.
30-10-2018 - 16:25 13-04-2006 - 10:02
CVE-2006-1494 2.6
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.
30-10-2018 - 16:25 10-04-2006 - 19:02
CVE-2006-1490 5.0
PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safet
30-10-2018 - 16:25 29-03-2006 - 21:06
CVE-2006-1092 2.1
Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena
30-10-2018 - 16:25 09-03-2006 - 13:06
CVE-2006-0901 7.2
Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code.
30-10-2018 - 16:25 27-02-2006 - 19:06
CVE-2006-0161 4.6
Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780.
30-10-2018 - 16:25 10-01-2006 - 19:03
CVE-2006-0026 6.5
Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).
30-10-2018 - 16:25 11-07-2006 - 22:05
CVE-2005-3883 5.0
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
30-10-2018 - 16:25 29-11-2005 - 11:03
CVE-2005-3398 4.3
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data fro
30-10-2018 - 16:25 01-11-2005 - 12:47
CVE-2005-3390 7.5
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST reque
30-10-2018 - 16:25 01-11-2005 - 12:47
CVE-2005-3389 5.0
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting,
30-10-2018 - 16:25 01-11-2005 - 12:47
CVE-2005-3388 4.3
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
30-10-2018 - 16:25 01-11-2005 - 12:47
CVE-2005-3353 5.0
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
30-10-2018 - 16:25 18-11-2005 - 23:03
CVE-2005-1043 5.0
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
30-10-2018 - 16:25 14-04-2005 - 04:00
CVE-2005-1042 7.5
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.
30-10-2018 - 16:25 02-05-2005 - 04:00
CVE-2004-1356 2.1
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
30-10-2018 - 16:25 23-04-2004 - 04:00
CVE-2004-1355 2.1
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
30-10-2018 - 16:25 26-04-2004 - 04:00
CVE-2004-1354 5.0
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information
30-10-2018 - 16:25 14-05-2004 - 04:00
CVE-2004-1353 7.2
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges.
30-10-2018 - 16:25 19-10-2004 - 04:00
CVE-2004-1349 2.1
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.
30-10-2018 - 16:25 04-10-2004 - 04:00
CVE-2004-1348 5.0
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
30-10-2018 - 16:25 06-09-2004 - 04:00
CVE-2004-1154 10.0
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of securit
30-10-2018 - 16:25 10-01-2005 - 05:00
CVE-2004-1065 10.0
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
30-10-2018 - 16:25 10-01-2005 - 05:00
CVE-2004-1019 10.0
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free
30-10-2018 - 16:25 10-01-2005 - 05:00
CVE-2004-0882 10.0
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
30-10-2018 - 16:25 27-01-2005 - 05:00
CVE-2004-0808 5.0
The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of
30-10-2018 - 16:25 31-12-2004 - 05:00
CVE-2004-0800 4.6
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
30-10-2018 - 16:25 24-08-2004 - 04:00
CVE-2004-0686 5.0
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
30-10-2018 - 16:25 27-07-2004 - 04:00
CVE-2004-0595 6.8
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explore
30-10-2018 - 16:25 27-07-2004 - 04:00
CVE-2004-0594 5.1
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of
30-10-2018 - 16:25 27-07-2004 - 04:00
CVE-2004-0573 7.5
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
30-10-2018 - 16:25 28-09-2004 - 04:00
CVE-2004-0523 10.0
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
30-10-2018 - 16:25 18-08-2004 - 04:00
CVE-2004-0200 9.3
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to
30-10-2018 - 16:25 28-09-2004 - 04:00
CVE-2004-0082 7.5
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable pas
30-10-2018 - 16:25 03-03-2004 - 05:00
CVE-2003-1303 5.0
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in
30-10-2018 - 16:25 31-12-2003 - 05:00
CVE-2003-1024 7.2
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.
30-10-2018 - 16:25 20-01-2004 - 05:00
CVE-2003-0718 5.0
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML element
30-10-2018 - 16:25 03-11-2004 - 05:00
CVE-2003-0225 5.0
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory cons
30-10-2018 - 16:25 09-06-2003 - 04:00
CVE-2003-0224 10.0
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer
30-10-2018 - 16:25 09-06-2003 - 04:00
CVE-2003-0223 6.8
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.
30-10-2018 - 16:25 09-06-2003 - 04:00
CVE-2003-0058 5.0
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
30-10-2018 - 16:25 19-02-2003 - 05:00
CVE-2002-1323 4.6
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
30-10-2018 - 16:25 11-12-2002 - 05:00
CVE-2002-0364 7.5
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
30-10-2018 - 16:25 03-07-2002 - 04:00
CVE-2002-0158 7.2
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.
30-10-2018 - 16:25 02-04-2002 - 05:00
CVE-2002-0150 7.5
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0149 7.5
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0148 7.5
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0147 7.5
Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0079 7.5
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0075 7.5
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0074 7.5
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0073 5.0
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0071 7.5
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
30-10-2018 - 16:25 22-04-2002 - 04:00
CVE-2002-0033 10.0
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
30-10-2018 - 16:25 29-05-2002 - 04:00
CVE-2001-0652 7.2
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
30-10-2018 - 16:25 30-10-2001 - 05:00
CVE-2001-0151 5.0
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
30-10-2018 - 16:25 02-06-2001 - 04:00
CVE-2000-0886 7.5
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
30-10-2018 - 16:25 19-12-2000 - 05:00
CVE-2000-0884 7.5
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
30-10-2018 - 16:25 19-12-2000 - 05:00
CVE-1999-1587 2.1
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.
30-10-2018 - 16:25 31-12-1999 - 05:00
CVE-2007-4632 4.3
Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authent
26-10-2018 - 14:04 31-08-2007 - 23:17
CVE-2006-0749 9.3
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via
19-10-2018 - 15:46 14-04-2006 - 10:02
CVE-2006-0748 9.3
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that
19-10-2018 - 15:46 14-04-2006 - 10:02
CVE-2006-0747 5.0
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of val
19-10-2018 - 15:46 23-05-2006 - 10:06
CVE-2006-0746 7.5
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
19-10-2018 - 15:46 09-03-2006 - 00:02
CVE-2006-0745 7.2
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute ar
19-10-2018 - 15:46 21-03-2006 - 02:06
CVE-2006-0645 7.5
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by inva
19-10-2018 - 15:45 10-02-2006 - 18:06
CVE-2006-0455 4.6
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature
19-10-2018 - 15:44 15-02-2006 - 22:06
CVE-2006-0301 7.5
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted
19-10-2018 - 15:44 30-01-2006 - 22:03
CVE-2006-0300 5.1
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
19-10-2018 - 15:44 24-02-2006 - 00:02
CVE-2006-0292 7.5
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garb
19-10-2018 - 15:43 02-02-2006 - 20:06
CVE-2006-0225 4.6
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
19-10-2018 - 15:43 25-01-2006 - 11:03
CVE-2006-0095 2.1
dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.
19-10-2018 - 15:42 06-01-2006 - 11:03
CVE-2006-0082 5.1
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric fo
19-10-2018 - 15:42 04-01-2006 - 23:03
CVE-2006-0058 7.6
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory location
19-10-2018 - 15:42 22-03-2006 - 20:06
CVE-2006-0023 4.3
Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1)
19-10-2018 - 15:42 08-02-2006 - 02:18
CVE-2006-0021 7.8
Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."
19-10-2018 - 15:42 14-02-2006 - 19:06
CVE-2006-0019 7.5
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
19-10-2018 - 15:42 20-01-2006 - 21:03
CVE-2006-0003 5.1
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown att
19-10-2018 - 15:41 12-04-2006 - 00:02
CVE-2006-0002 7.5
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulatio
19-10-2018 - 15:41 10-01-2006 - 22:03
CVE-2005-4826 6.1
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different iss
19-10-2018 - 15:41 31-12-2005 - 05:00
CVE-2005-4667 3.7
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses
19-10-2018 - 15:41 31-12-2005 - 05:00
CVE-2005-4605 2.1
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
19-10-2018 - 15:41 31-12-2005 - 05:00
CVE-2005-4601 7.5
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
19-10-2018 - 15:41 31-12-2005 - 05:00
CVE-2005-4451 7.5
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
19-10-2018 - 15:40 21-12-2005 - 11:03
CVE-2005-4437 7.5
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message
19-10-2018 - 15:40 21-12-2005 - 01:03
CVE-2005-4436 7.8
Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) m
19-10-2018 - 15:40 21-12-2005 - 01:03
CVE-2005-4360 7.8
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.d
19-10-2018 - 15:40 20-12-2005 - 01:03
CVE-2005-4348 7.8
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
19-10-2018 - 15:40 21-12-2005 - 00:03
CVE-2005-4316 7.8
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
19-10-2018 - 15:40 17-12-2005 - 11:03
CVE-2005-4134 5.0
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not
19-10-2018 - 15:40 09-12-2005 - 15:03
CVE-2005-4077 4.6
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prev
19-10-2018 - 15:40 08-12-2005 - 01:03
CVE-2005-3962 4.6
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an int
19-10-2018 - 15:39 01-12-2005 - 17:03
CVE-2005-3921 2.6
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memor
19-10-2018 - 15:39 30-11-2005 - 11:03
CVE-2005-3857 4.9
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk func
19-10-2018 - 15:39 27-11-2005 - 21:03
CVE-2005-3806 6.6
The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) b
19-10-2018 - 15:39 25-11-2005 - 21:03
CVE-2005-3784 4.9
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.
19-10-2018 - 15:39 23-11-2005 - 21:03
CVE-2005-3732 7.8
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packet
19-10-2018 - 15:38 21-11-2005 - 22:03
CVE-2005-3627 7.5
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components"
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3626 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3625 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3624 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3358 4.9
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
19-10-2018 - 15:36 14-12-2005 - 19:03
CVE-2005-3357 5.4
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers
19-10-2018 - 15:36 31-12-2005 - 05:00
CVE-2005-3356 2.1
The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause
19-10-2018 - 15:36 31-12-2005 - 05:00
CVE-2005-3352 4.3
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
19-10-2018 - 15:35 13-12-2005 - 20:03
CVE-2005-3276 2.1
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
19-10-2018 - 15:35 21-10-2005 - 01:02
CVE-2005-3275 2.6
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by
19-10-2018 - 15:35 21-10-2005 - 01:02
CVE-2005-3274 1.2
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection tab
19-10-2018 - 15:35 21-10-2005 - 01:02
CVE-2005-3273 5.0
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array ou
19-10-2018 - 15:35 21-10-2005 - 01:02
CVE-2005-3193 5.1
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-
19-10-2018 - 15:35 07-12-2005 - 00:03
CVE-2005-3192 7.5
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitra
19-10-2018 - 15:35 08-12-2005 - 01:03
CVE-2005-3191 5.1
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KD
19-10-2018 - 15:34 07-12-2005 - 01:03
CVE-2005-3186 7.5
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer o
19-10-2018 - 15:34 18-11-2005 - 06:03
CVE-2005-3181 2.1
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a m
19-10-2018 - 15:34 12-10-2005 - 13:04
CVE-2005-3120 7.5
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
19-10-2018 - 15:34 17-10-2005 - 20:06
CVE-2005-3110 2.6
Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to
19-10-2018 - 15:34 30-09-2005 - 10:05
CVE-2005-3109 2.1
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.
19-10-2018 - 15:34 30-09-2005 - 10:05
CVE-2005-3106 1.2
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just per
19-10-2018 - 15:34 30-09-2005 - 10:05
CVE-2005-3055 2.1
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer ref
19-10-2018 - 15:34 26-09-2005 - 19:03
CVE-2005-3053 2.1
The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument.
19-10-2018 - 15:34 26-09-2005 - 19:03
CVE-2005-3044 2.1
Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on
19-10-2018 - 15:34 22-09-2005 - 21:03
CVE-2005-2993 1.7
Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).
19-10-2018 - 15:34 20-09-2005 - 20:03
CVE-2005-2976 7.5
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-200
19-10-2018 - 15:34 18-11-2005 - 06:03
CVE-2005-2975 7.8
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
19-10-2018 - 15:34 18-11-2005 - 06:03
CVE-2005-2933 7.5
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a
19-10-2018 - 15:34 13-10-2005 - 22:02
CVE-2005-2929 7.5
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
19-10-2018 - 15:34 18-11-2005 - 06:03
CVE-2005-2876 7.2
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just
19-10-2018 - 15:34 13-09-2005 - 23:03
CVE-2005-2872 5.0
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads t
19-10-2018 - 15:34 09-09-2005 - 19:07
CVE-2005-2801 5.0
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
19-10-2018 - 15:33 06-09-2005 - 17:03
CVE-2005-2798 5.0
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
19-10-2018 - 15:33 06-09-2005 - 17:03
CVE-2005-2728 5.0
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
19-10-2018 - 15:33 30-08-2005 - 11:45
CVE-2005-2709 4.6
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unreg
19-10-2018 - 15:33 20-11-2005 - 22:03
CVE-2005-2708 2.1
The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as dem
19-10-2018 - 15:33 25-10-2005 - 18:02
CVE-2005-2641 7.5
Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate
19-10-2018 - 15:33 23-08-2005 - 04:00
CVE-2005-2555 4.6
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.
19-10-2018 - 15:33 16-08-2005 - 04:00
CVE-2005-2553 2.1
The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace pr
19-10-2018 - 15:33 12-08-2005 - 04:00
CVE-2005-2495 5.1
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
19-10-2018 - 15:33 15-09-2005 - 20:03
CVE-2005-2492 3.6
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.
19-10-2018 - 15:33 14-09-2005 - 19:03
CVE-2005-2491 7.5
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, whic
19-10-2018 - 15:33 23-08-2005 - 04:00
CVE-2005-2490 4.6
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
19-10-2018 - 15:32 14-09-2005 - 19:03
CVE-2005-2458 5.0
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
19-10-2018 - 15:32 23-08-2005 - 04:00
CVE-2005-2456 2.1
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OU
19-10-2018 - 15:32 04-08-2005 - 04:00
CVE-2005-2335 5.0
Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifie
19-10-2018 - 15:32 27-07-2005 - 04:00
CVE-2005-2177 5.0
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an
19-10-2018 - 15:32 11-07-2005 - 04:00
CVE-2005-2103 7.5
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %
19-10-2018 - 15:32 16-08-2005 - 04:00
CVE-2005-2102 5.0
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
19-10-2018 - 15:32 16-08-2005 - 04:00
CVE-2005-2099 5.0
The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which caus
19-10-2018 - 15:32 23-08-2005 - 04:00
CVE-2005-2098 5.0
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore
19-10-2018 - 15:32 23-08-2005 - 04:00
CVE-2005-2096 7.5
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted
19-10-2018 - 15:32 06-07-2005 - 04:00
CVE-2005-2088 4.3
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfe
19-10-2018 - 15:32 05-07-2005 - 04:00
CVE-2005-1993 3.7
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
19-10-2018 - 15:32 20-06-2005 - 04:00
CVE-2005-1934 5.0
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
19-10-2018 - 15:32 19-05-2005 - 04:00
CVE-2005-1921 7.5
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) Mail
19-10-2018 - 15:32 05-07-2005 - 04:00
CVE-2005-1920 5.0
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive info
19-10-2018 - 15:32 26-07-2005 - 04:00
CVE-2005-1918 2.6
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probabl
19-10-2018 - 15:32 31-12-2005 - 05:00
CVE-2005-1763 7.2
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.
19-10-2018 - 15:31 09-06-2005 - 04:00
CVE-2005-1762 2.1
The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.
19-10-2018 - 15:31 02-08-2005 - 04:00
CVE-2005-1761 2.1
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
19-10-2018 - 15:31 05-08-2005 - 04:00
CVE-2005-1704 4.6
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of sect
19-10-2018 - 15:31 24-05-2005 - 04:00
CVE-2005-1689 7.5
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
19-10-2018 - 15:31 18-07-2005 - 04:00
CVE-2005-1410 2.1
The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause
19-10-2018 - 15:31 03-05-2005 - 04:00
CVE-2005-1409 7.5
PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."
19-10-2018 - 15:31 03-05-2005 - 04:00
CVE-2005-1280 5.0
The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-1279 5.0
tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-1278 5.0
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-1269 5.0
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
19-10-2018 - 15:31 16-06-2005 - 04:00
CVE-2005-1268 5.0
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one
19-10-2018 - 15:31 05-08-2005 - 04:00
CVE-2005-1267 5.0
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
19-10-2018 - 15:31 10-06-2005 - 04:00
CVE-2005-1265 2.1
The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).
19-10-2018 - 15:31 16-06-2005 - 04:00
CVE-2005-1264 7.2
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2
19-10-2018 - 15:31 17-05-2005 - 04:00
CVE-2005-1263 7.2
The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables
19-10-2018 - 15:31 11-05-2005 - 04:00
CVE-2005-1262 5.0
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
19-10-2018 - 15:31 11-05-2005 - 04:00
CVE-2005-1261 7.5
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
19-10-2018 - 15:31 11-05-2005 - 04:00
CVE-2005-1046 7.5
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-1041 2.1
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0977 2.1
The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0967 5.0
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0966 6.4
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and po
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0965 5.0
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0953 3.7
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0937 1.2
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is exe
19-10-2018 - 15:31 22-02-2005 - 05:00
CVE-2005-0891 5.0
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0867 7.2
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0839 7.2
Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0756 2.1
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).
19-10-2018 - 15:31 08-06-2005 - 04:00
CVE-2005-0688 5.0
Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence o
19-10-2018 - 15:31 05-03-2005 - 05:00
CVE-2005-0473 5.0
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
19-10-2018 - 15:31 14-03-2005 - 05:00
CVE-2005-0472 5.0
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
19-10-2018 - 15:31 14-03-2005 - 05:00
CVE-2005-0396 2.1
Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0237 5.0
The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from o
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0208 5.0
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2005-0124 2.1
The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may
19-10-2018 - 15:31 14-04-2005 - 04:00
CVE-2005-0100 7.5
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
19-10-2018 - 15:31 07-02-2005 - 05:00
CVE-2005-0088 7.5
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2004-2069 5.0
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the co
19-10-2018 - 15:30 31-12-2004 - 05:00
CVE-2004-1186 5.0
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
19-10-2018 - 15:30 31-12-2004 - 05:00
CVE-2004-1185 7.5
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
19-10-2018 - 15:30 21-01-2005 - 05:00
CVE-2004-1184 4.6
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
19-10-2018 - 15:30 21-01-2005 - 05:00
CVE-2004-1060 5.0
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment w
19-10-2018 - 15:30 12-04-2004 - 04:00
CVE-2004-1014 5.0
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
19-10-2018 - 15:30 10-01-2005 - 05:00
CVE-2004-0946 10.0
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS reque
19-10-2018 - 15:30 10-01-2005 - 05:00
CVE-2004-0788 5.0
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
19-10-2018 - 15:30 20-10-2004 - 04:00
CVE-2004-0783 7.5
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifie
19-10-2018 - 15:30 20-10-2004 - 04:00
CVE-2004-0782 7.5
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based
19-10-2018 - 15:30 20-10-2004 - 04:00
CVE-2004-0753 5.0
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
19-10-2018 - 15:30 20-10-2004 - 04:00
CVE-2004-0688 7.5
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a
19-10-2018 - 15:30 20-10-2004 - 04:00
CVE-2004-0687 7.5
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
19-10-2018 - 15:30 20-10-2004 - 04:00
CVE-2004-0230 5.0
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that u
19-10-2018 - 15:30 18-08-2004 - 04:00
CVE-2004-0057 5.0
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be
19-10-2018 - 15:29 17-02-2004 - 05:00
CVE-2003-0989 7.5
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
19-10-2018 - 15:29 17-02-2004 - 05:00
CVE-2003-0251 5.0
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.
19-10-2018 - 15:29 24-07-2003 - 04:00
CVE-2003-0147 5.0
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the us
19-10-2018 - 15:29 31-03-2003 - 05:00
CVE-2003-0139 7.5
Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-p
19-10-2018 - 15:29 24-03-2003 - 05:00
CVE-2003-0138 7.5
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
19-10-2018 - 15:29 24-03-2003 - 05:00
CVE-2003-0131 7.5
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKC
19-10-2018 - 15:29 24-03-2003 - 05:00
CVE-2003-0086 1.2
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
19-10-2018 - 15:29 31-03-2003 - 05:00
CVE-2003-0085 10.0
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
19-10-2018 - 15:29 31-03-2003 - 05:00
CVE-2003-0082 5.0
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its hea
19-10-2018 - 15:29 02-04-2003 - 05:00
CVE-2002-2185 4.9
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the
19-10-2018 - 15:29 31-12-2002 - 05:00
CVE-2006-3677 7.5
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a cra
18-10-2018 - 16:48 27-07-2006 - 19:04
CVE-2006-3636 6.8
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
18-10-2018 - 16:48 06-09-2006 - 00:04
CVE-2006-3632 10.0
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. This vulnerability is addressed in the following product release: Ethereal G
18-10-2018 - 16:48 21-07-2006 - 14:03
CVE-2006-3631 5.0
Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. This vulnerability is addressed in the following product rele
18-10-2018 - 16:48 21-07-2006 - 14:03
CVE-2006-3629 7.8
Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. This vulnerability is addressed in the following product r
18-10-2018 - 16:48 21-07-2006 - 14:03
CVE-2006-3628 10.0
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissec
18-10-2018 - 16:48 21-07-2006 - 14:03
CVE-2006-3627 5.0
Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (aka Ethereal) 0.10.11 to 0.99.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors. This vulnerability is addressed in the following product release
18-10-2018 - 16:48 21-07-2006 - 14:03
CVE-2006-3626 6.2
Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.
18-10-2018 - 16:48 18-07-2006 - 15:46
CVE-2006-3467 7.5
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
18-10-2018 - 16:47 21-07-2006 - 14:03
CVE-2006-3448 9.3
Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, cbl
18-10-2018 - 16:47 13-02-2007 - 20:28
CVE-2006-3445 7.5
Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which resu
18-10-2018 - 16:47 14-11-2006 - 21:07
CVE-2006-3442 7.6
Unspecified vulnerability in Pragmatic General Multicast (PGM) in Microsoft Windows XP SP2 and earlier allows remote attackers to execute arbitrary code via a crafted multicast message. Successful exploitation requires that the MSMQ (Microsoft Messag
18-10-2018 - 16:47 12-09-2006 - 23:07
CVE-2006-3431 7.5
Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document o
18-10-2018 - 16:47 07-07-2006 - 18:05
CVE-2006-3404 5.1
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VE
18-10-2018 - 16:47 06-07-2006 - 20:05
CVE-2006-3376 7.5
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field i
18-10-2018 - 16:47 06-07-2006 - 20:05
CVE-2006-3335 7.2
Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.
18-10-2018 - 16:46 03-07-2006 - 01:05
CVE-2006-3242 7.5
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
18-10-2018 - 16:46 27-06-2006 - 10:05
CVE-2006-3201 4.9
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
18-10-2018 - 16:46 23-06-2006 - 20:06
CVE-2006-3117 7.6
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw,
18-10-2018 - 16:45 30-06-2006 - 18:05
CVE-2006-3113 7.5
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to
18-10-2018 - 16:45 27-07-2006 - 20:04
CVE-2006-3097 4.9
Unspecified vulnerability in Support Tools Manager (xstm, cstm, and stm) on HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. This vulnerability only affects HP-UX running Support Tools Manage
18-10-2018 - 16:45 20-06-2006 - 17:02
CVE-2006-3083 7.2
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain pr
18-10-2018 - 16:45 09-08-2006 - 10:04
CVE-2006-3082 5.0
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to a
18-10-2018 - 16:45 19-06-2006 - 18:02
CVE-2006-3016 9.3
Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-
18-10-2018 - 16:45 14-06-2006 - 23:02
CVE-2006-2940 7.8
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates tha
18-10-2018 - 16:44 28-09-2006 - 18:07
CVE-2006-2937 7.8
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.
18-10-2018 - 16:43 28-09-2006 - 18:07
CVE-2006-2936 7.8
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, wh
18-10-2018 - 16:43 10-07-2006 - 19:05
CVE-2006-2934 5.0
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to conta
18-10-2018 - 16:43 30-06-2006 - 21:05
CVE-2006-2842 7.5
** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the
18-10-2018 - 16:43 06-06-2006 - 20:06
CVE-2006-2786 2.6
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites
18-10-2018 - 16:42 02-06-2006 - 20:02
CVE-2006-2785 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2006-2784 5.1
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascrip
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2006-2783 4.3
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the mi
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2006-2782 4.3
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. Fixed in: Firefox 1.5
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2006-2781 6.4
Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 charact
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2006-2780 9.3
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption. Fixed in: Firefox 1.5.0.4 Thu
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2006-2779 9.3
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2006-2778 5.0
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer over
18-10-2018 - 16:42 02-06-2006 - 18:02
CVE-2006-2776 7.5
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended. This vulnerability is addressed in t
18-10-2018 - 16:41 02-06-2006 - 18:02
CVE-2006-2661 5.0
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. This vulnerability is addressed in the following product release: FreeType, FreeType, 2.2
18-10-2018 - 16:41 30-05-2006 - 19:02
CVE-2006-2607 7.2
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a progr
18-10-2018 - 16:40 25-05-2006 - 20:02
CVE-2006-2574 7.2
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
18-10-2018 - 16:40 24-05-2006 - 23:02
CVE-2006-2551 2.1
Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local users to cause an unspecified denial of service via unknown vectors.
18-10-2018 - 16:40 23-05-2006 - 16:06
CVE-2006-2451 4.6
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prc
18-10-2018 - 16:40 07-07-2006 - 18:05
CVE-2006-2449 4.0
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. Vendor links provide patches for each version affected.
18-10-2018 - 16:40 15-06-2006 - 10:02
CVE-2006-2448 5.6
Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and
18-10-2018 - 16:40 23-06-2006 - 10:02
CVE-2006-2447 5.1
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
18-10-2018 - 16:40 06-06-2006 - 21:06
CVE-2006-2314 7.5
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow th
18-10-2018 - 16:39 24-05-2006 - 10:06
CVE-2006-2313 7.5
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte charact
18-10-2018 - 16:39 24-05-2006 - 10:06
CVE-2006-2224 5.0
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
18-10-2018 - 16:38 05-05-2006 - 19:02
CVE-2006-2223 5.0
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST p
18-10-2018 - 16:38 05-05-2006 - 19:02
CVE-2006-2198 7.6
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
18-10-2018 - 16:38 30-06-2006 - 18:05
CVE-2006-2071 2.1
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issu
18-10-2018 - 16:37 27-04-2006 - 17:06
CVE-2006-1990 5.0
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer ov
18-10-2018 - 16:37 24-04-2006 - 23:02
CVE-2006-1864 4.6
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863.
18-10-2018 - 16:36 26-04-2006 - 18:06
CVE-2006-1861 7.5
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_
18-10-2018 - 16:36 23-05-2006 - 10:06
CVE-2006-1790 10.0
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.
18-10-2018 - 16:36 14-04-2006 - 19:02
CVE-2006-1741 4.3
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new p
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1740 2.6
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1739 9.3
The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1738 5.0
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (
18-10-2018 - 16:35 14-04-2006 - 18:02
CVE-2006-1737 9.3
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via
18-10-2018 - 16:35 14-04-2006 - 18:02
CVE-2006-1734 6.8
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal func
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1733 6.8
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1732 4.3
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS)
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1731 4.3
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are calle
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1730 9.3
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing prop
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1728 9.3
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypt
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1727 7.6
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to t
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1724 7.5
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via atta
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1721 2.6
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in
18-10-2018 - 16:34 11-04-2006 - 23:02
CVE-2006-1689 7.2
Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access. HP-UX B.11.11: Install PHCO_34545 or later.
18-10-2018 - 16:33 11-04-2006 - 00:02
CVE-2006-1526 2.1
Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest fro
18-10-2018 - 16:33 02-05-2006 - 21:06
CVE-2006-1343 2.1
net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGIN
18-10-2018 - 16:32 21-03-2006 - 18:02
CVE-2006-1242 5.0
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which b
18-10-2018 - 16:31 15-03-2006 - 17:06
CVE-2006-1173 5.0
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Se
18-10-2018 - 16:31 07-06-2006 - 23:06
CVE-2006-1045 2.6
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive info
18-10-2018 - 16:30 07-03-2006 - 11:02
CVE-2006-0884 9.3
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript U
18-10-2018 - 16:29 24-02-2006 - 22:02
CVE-2006-6504 9.3
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6503 6.8
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript:
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6502 7.1
Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6501 6.8
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6498 6.8
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6497 6.8
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6235 10.0
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated s
17-10-2018 - 21:47 07-12-2006 - 11:28
CVE-2006-6169 6.8
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable
17-10-2018 - 21:47 29-11-2006 - 18:28
CVE-2006-6106 7.5
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service
17-10-2018 - 21:46 19-12-2006 - 19:28
CVE-2006-6104 5.0
The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for
17-10-2018 - 21:46 21-12-2006 - 19:28
CVE-2006-6097 4.0
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function
17-10-2018 - 21:46 24-11-2006 - 18:07
CVE-2006-5925 7.5
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.
17-10-2018 - 21:45 15-11-2006 - 19:07
CVE-2006-5870 9.3
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that trig
17-10-2018 - 21:45 31-12-2006 - 05:00
CVE-2006-5867 7.8
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
17-10-2018 - 21:45 31-12-2006 - 05:00
CVE-2006-5794 7.5
Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed th
17-10-2018 - 21:45 08-11-2006 - 20:07
CVE-2006-5748 5.0
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi
17-10-2018 - 21:44 08-11-2006 - 21:07
CVE-2006-5747 7.5
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function.
17-10-2018 - 21:44 08-11-2006 - 21:07
CVE-2006-5740 5.0
Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
17-10-2018 - 21:44 27-10-2006 - 23:07
CVE-2006-5619 2.1
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flow
17-10-2018 - 21:43 31-10-2006 - 19:07
CVE-2006-5469 5.0
Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference.
17-10-2018 - 21:43 28-10-2006 - 00:07
CVE-2006-5468 5.0
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
17-10-2018 - 21:43 27-10-2006 - 23:07
CVE-2006-5464 5.0
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors.
17-10-2018 - 21:43 08-11-2006 - 21:07
CVE-2006-5463 7.5
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object whi
17-10-2018 - 21:43 08-11-2006 - 22:07
CVE-2006-5456 5.1
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage functio
17-10-2018 - 21:43 23-10-2006 - 17:07
CVE-2006-5452 4.6
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
17-10-2018 - 21:42 23-10-2006 - 17:07
CVE-2006-5170 7.5
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the
17-10-2018 - 21:41 10-10-2006 - 04:06
CVE-2006-5151 10.0
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.
17-10-2018 - 21:41 05-10-2006 - 04:04
CVE-2006-5091 7.2
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
17-10-2018 - 21:41 29-09-2006 - 20:07
CVE-2006-4980 7.5
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
17-10-2018 - 21:40 10-10-2006 - 04:06
CVE-2006-4924 7.8
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
17-10-2018 - 21:40 27-09-2006 - 01:07
CVE-2006-4842 3.6
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrar
17-10-2018 - 21:39 12-10-2006 - 00:07
CVE-2006-4820 2.1
Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
17-10-2018 - 21:39 15-09-2006 - 21:07
CVE-2006-4805 5.0
epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a ze
17-10-2018 - 21:39 27-10-2006 - 23:07
CVE-2006-4795 4.6
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors.
17-10-2018 - 21:39 14-09-2006 - 21:07
CVE-2006-4689 5.0
Unspecified vulnerability in the driver for the Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to cause a denial of service (hang and reboot) via has unknown attack vectors,
17-10-2018 - 21:39 14-11-2006 - 22:07
CVE-2006-4688 7.5
Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerabil
17-10-2018 - 21:39 14-11-2006 - 22:07
CVE-2006-4655 4.6
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable v
17-10-2018 - 21:38 09-09-2006 - 00:04
CVE-2006-4650 2.6
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect
17-10-2018 - 21:38 09-09-2006 - 00:04
CVE-2006-4624 2.6
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.
17-10-2018 - 21:38 07-09-2006 - 19:04
CVE-2006-4623 7.8
The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet. Ther
17-10-2018 - 21:38 11-09-2006 - 17:04
CVE-2006-4600 2.3
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
17-10-2018 - 21:38 07-09-2006 - 00:04
CVE-2006-4574 5.0
Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length valu
17-10-2018 - 21:38 28-10-2006 - 00:07
CVE-2006-4571 10.0
Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified ve
17-10-2018 - 21:38 15-09-2006 - 19:07
CVE-2006-4569 2.6
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduc
17-10-2018 - 21:37 15-09-2006 - 19:07
CVE-2006-4568 4.3
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other atta
17-10-2018 - 21:37 15-09-2006 - 19:07
CVE-2006-4567 2.6
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting
17-10-2018 - 21:37 15-09-2006 - 18:07
CVE-2006-4566 5.0
Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character
17-10-2018 - 21:37 15-09-2006 - 18:07
CVE-2006-4565 9.3
Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression
17-10-2018 - 21:37 15-09-2006 - 18:07
CVE-2006-4343 4.3
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer derefer
17-10-2018 - 21:36 28-09-2006 - 18:07
CVE-2006-4340 4.0
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature
17-10-2018 - 21:36 15-09-2006 - 18:07
CVE-2006-4338 5.0
unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
17-10-2018 - 21:35 19-09-2006 - 21:07
CVE-2006-4337 7.5
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
17-10-2018 - 21:34 19-09-2006 - 21:07
CVE-2006-4336 7.5
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
17-10-2018 - 21:34 19-09-2006 - 21:07
CVE-2006-4335 7.5
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v
17-10-2018 - 21:34 19-09-2006 - 21:07
CVE-2006-4334 5.0
Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.
17-10-2018 - 21:34 19-09-2006 - 21:07
CVE-2006-4330 4.3
Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
17-10-2018 - 21:34 24-08-2006 - 20:04
CVE-2006-4253 7.6
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by red
17-10-2018 - 21:34 21-08-2006 - 20:04
CVE-2006-4187 2.1
Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors.
17-10-2018 - 21:33 17-08-2006 - 00:04
CVE-2006-4145 4.9
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.
17-10-2018 - 21:33 21-08-2006 - 19:04
CVE-2006-4144 2.6
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values
17-10-2018 - 21:33 15-08-2006 - 23:04
CVE-2006-4096 5.0
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.
17-10-2018 - 21:33 06-09-2006 - 00:04
CVE-2006-3875 5.1
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted COLINFO record in an XLS file, a different vulnerability than CVE-2
17-10-2018 - 21:32 10-10-2006 - 22:07
CVE-2006-3867 5.1
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and
17-10-2018 - 21:32 10-10-2006 - 22:07
CVE-2006-3812 2.6
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.
17-10-2018 - 21:31 29-07-2006 - 00:04
CVE-2006-3811 7.5
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory cor
17-10-2018 - 21:31 27-07-2006 - 20:04
CVE-2006-3810 6.8
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
17-10-2018 - 21:31 27-07-2006 - 20:04
CVE-2006-3809 7.5
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a p
17-10-2018 - 21:31 27-07-2006 - 20:04
CVE-2006-3808 7.5
Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.
17-10-2018 - 21:31 27-07-2006 - 20:04
CVE-2006-3807 7.5
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and callin
17-10-2018 - 21:30 27-07-2006 - 19:04
CVE-2006-3806 7.5
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSourc
17-10-2018 - 21:30 27-07-2006 - 19:04
CVE-2006-3805 7.5
The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object
17-10-2018 - 21:30 27-07-2006 - 20:04
CVE-2006-3804 5.0
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to
17-10-2018 - 21:30 27-07-2006 - 19:04
CVE-2006-3803 5.1
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temp
17-10-2018 - 21:30 27-07-2006 - 19:04
CVE-2006-3802 5.8
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-lev
17-10-2018 - 21:30 27-07-2006 - 20:04
CVE-2006-3746 5.0
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
17-10-2018 - 21:29 28-07-2006 - 21:04
CVE-2006-3745 7.2
Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown at
17-10-2018 - 21:29 23-08-2006 - 19:04
CVE-2006-3740 7.2
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and
17-10-2018 - 21:29 13-09-2006 - 01:07
CVE-2006-3739 7.2
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-
17-10-2018 - 21:29 13-09-2006 - 01:07
CVE-2006-3738 10.0
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. Failed exploit attempts may crash appl
17-10-2018 - 21:29 28-09-2006 - 18:07
CVE-2006-5868 9.3
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
17-10-2018 - 17:51 22-11-2006 - 01:07
CVE-2006-4093 4.9
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." Upgrade to Linux Kernel version 2.4.33.1
17-10-2018 - 17:00 21-08-2006 - 21:04
CVE-2007-3040 9.3
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agen
16-10-2018 - 16:47 12-09-2007 - 01:17
CVE-2007-2953 6.8
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, relat
16-10-2018 - 16:46 31-07-2007 - 10:17
CVE-2007-2930 4.3
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote
16-10-2018 - 16:46 12-09-2007 - 01:17
CVE-2007-2798 7.4
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
16-10-2018 - 16:45 26-06-2007 - 22:30
CVE-2007-2797 2.1
xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals.
16-10-2018 - 16:45 27-08-2007 - 17:17
CVE-2007-2754 6.8
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overf
16-10-2018 - 16:45 17-05-2007 - 22:30
CVE-2007-2442 9.3
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cl
16-10-2018 - 16:43 26-06-2007 - 22:30
CVE-2007-2356 6.8
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
16-10-2018 - 16:43 30-04-2007 - 22:19
CVE-2007-1754 9.3
PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, wh
16-10-2018 - 16:40 10-07-2007 - 22:30
CVE-2007-1711 6.8
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was in
16-10-2018 - 16:40 27-03-2007 - 01:19
CVE-2007-1681 7.5
Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspe
16-10-2018 - 16:40 19-04-2007 - 10:19
CVE-2007-1667 9.3
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf
16-10-2018 - 16:40 24-03-2007 - 21:19
CVE-2007-1352 3.8
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. The vendor has addressed t
16-10-2018 - 16:38 06-04-2007 - 01:19
CVE-2007-1351 8.5
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo
16-10-2018 - 16:38 06-04-2007 - 01:19
CVE-2007-1286 6.8
Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
16-10-2018 - 16:37 06-03-2007 - 20:19
CVE-2007-1205 9.3
Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.
16-10-2018 - 16:37 10-04-2007 - 21:19
CVE-2007-1092 9.3
Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize h
16-10-2018 - 16:36 26-02-2007 - 17:28
CVE-2007-1003 9.0
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large
16-10-2018 - 16:36 06-04-2007 - 01:19
CVE-2007-0939 4.3
Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Sc
16-10-2018 - 16:35 10-04-2007 - 21:19
CVE-2007-0938 10.0
Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability."
16-10-2018 - 16:35 10-04-2007 - 21:19
CVE-2006-6899 5.4
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack.
16-10-2018 - 16:29 31-12-2006 - 05:00
CVE-2005-0109 4.7
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain
16-10-2018 - 12:06 05-03-2005 - 05:00
CVE-2008-0888 9.3
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a
15-10-2018 - 22:03 17-03-2008 - 21:44
CVE-2008-0596 5.0
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.
15-10-2018 - 22:01 26-02-2008 - 00:44
CVE-2007-6425 10.0
Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.
15-10-2018 - 21:53 23-01-2008 - 21:00
CVE-2007-6352 6.8
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.
15-10-2018 - 21:52 20-12-2007 - 02:46
CVE-2007-6284 5.0
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
15-10-2018 - 21:51 12-01-2008 - 02:46
CVE-2007-6195 10.0
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malfor
15-10-2018 - 21:50 15-12-2007 - 01:46
CVE-2007-5958 5.0
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
15-10-2018 - 21:47 18-01-2008 - 23:00
CVE-2007-5935 6.8
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
15-10-2018 - 21:47 13-11-2007 - 22:46
CVE-2007-5587 6.9
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory loc
15-10-2018 - 21:45 19-10-2007 - 21:17
CVE-2007-5378 4.3
Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is sm
15-10-2018 - 21:44 12-10-2007 - 01:17
CVE-2007-5365 7.2
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemo
15-10-2018 - 21:44 11-10-2007 - 10:17
CVE-2007-5351 10.0
Unspecified vulnerability in Server Message Block Version 2 (SMBv2) signing support in Microsoft Windows Vista allows remote attackers to force signature re-computation and execute arbitrary code via a crafted SMBv2 packet, aka "SMBv2 Signing Vulnera
15-10-2018 - 21:43 12-12-2007 - 00:46
CVE-2007-5135 6.8
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue wa
15-10-2018 - 21:40 27-09-2007 - 20:17
CVE-2007-5045 9.3
Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XM
15-10-2018 - 21:40 24-09-2007 - 00:17
CVE-2007-4990 7.5
The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of
15-10-2018 - 21:39 05-10-2007 - 21:17
CVE-2007-4965 5.8
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) t
15-10-2018 - 21:39 18-09-2007 - 22:17
CVE-2007-4771 9.3
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have uns
15-10-2018 - 21:37 29-01-2008 - 00:00
CVE-2007-4770 6.8
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory lo
15-10-2018 - 21:37 29-01-2008 - 00:00
CVE-2007-4568 6.8
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers
15-10-2018 - 21:36 05-10-2007 - 21:17
CVE-2007-4286 9.3
Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.
15-10-2018 - 21:34 09-08-2007 - 21:17
CVE-2007-4131 6.8
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
15-10-2018 - 21:33 25-08-2007 - 00:17
CVE-2007-3999 10.0
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third
15-10-2018 - 21:32 05-09-2007 - 10:17
CVE-2013-3917 9.3
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
12-10-2018 - 22:05 13-11-2013 - 00:55
CVE-2013-3916 9.3
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
12-10-2018 - 22:05 13-11-2013 - 00:55
CVE-2013-3915 9.3
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
12-10-2018 - 22:05 13-11-2013 - 00:55
CVE-2013-3914 9.3
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
12-10-2018 - 22:05 13-11-2013 - 00:55
CVE-2013-3912 9.3
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
12-10-2018 - 22:05 13-11-2013 - 00:55
CVE-2013-3890 9.3
Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."
12-10-2018 - 22:05 09-10-2013 - 14:53
CVE-2013-3871 9.3
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
12-10-2018 - 22:05 09-10-2013 - 14:53
CVE-2013-3855 9.3
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerab
12-10-2018 - 22:05 11-09-2013 - 14:03
CVE-2013-3186 7.6
The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level (aka
12-10-2018 - 22:04 14-08-2013 - 11:10
CVE-2013-3178 9.3
Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer V
12-10-2018 - 22:04 10-07-2013 - 03:46
CVE-2013-3159 4.3
Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an en
12-10-2018 - 22:04 11-09-2013 - 14:03
CVE-2013-3140 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability."
12-10-2018 - 22:04 16-12-2013 - 15:14
CVE-2013-3131 9.3
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a craf
12-10-2018 - 22:04 10-07-2013 - 03:46
CVE-2013-3127 9.3
The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafte
12-10-2018 - 22:04 10-07-2013 - 03:46
CVE-2013-1337 7.5
Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authenti
12-10-2018 - 22:04 15-05-2013 - 03:36
CVE-2013-1332 7.2
dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in m
12-10-2018 - 22:04 15-05-2013 - 03:36
CVE-2013-1315 9.3
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to exec
12-10-2018 - 22:04 11-09-2013 - 14:03
CVE-2013-0028 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CObjectElement Use After Free Vulnerabil
12-10-2018 - 22:03 13-02-2013 - 12:04
CVE-2013-0027 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CPasteCommand Use After Free Vulnerabil
12-10-2018 - 22:03 13-02-2013 - 12:04
CVE-2013-0025 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
12-10-2018 - 22:03 13-02-2013 - 12:04
CVE-2013-0021 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer vtable Use After Free Vulnerability."
12-10-2018 - 22:03 13-02-2013 - 12:04
CVE-2013-0018 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability.
12-10-2018 - 22:03 13-02-2013 - 12:04
CVE-2013-0015 4.3
Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers cross-domain scroll
12-10-2018 - 22:03 13-02-2013 - 12:04
CVE-2012-4787 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref
12-10-2018 - 22:03 12-12-2012 - 00:55
CVE-2012-4786 10.0
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute
12-10-2018 - 22:03 12-12-2012 - 00:55
CVE-2012-4782 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."
12-10-2018 - 22:03 12-12-2012 - 00:55
CVE-2012-4781 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability."
12-10-2018 - 22:03 12-12-2012 - 00:55
CVE-2012-2549 5.8
The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerab
12-10-2018 - 22:03 12-12-2012 - 00:55
CVE-2012-2539 9.3
Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RT
12-10-2018 - 22:03 12-12-2012 - 00:55
CVE-2012-2532 5.0
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka
12-10-2018 - 22:03 14-11-2012 - 00:55
CVE-2012-2528 9.3
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote atta
12-10-2018 - 22:03 09-10-2012 - 21:55
CVE-2012-2526 9.3
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to a deleted object, ak
12-10-2018 - 22:03 15-08-2012 - 01:55
CVE-2012-2524 9.3
Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Computer Graphics Metafile (CGM) file, aka "CGM File Format Memory Corruption Vulnerabilit
12-10-2018 - 22:03 15-08-2012 - 01:55
CVE-2012-2522 9.3
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka "Virtual Function Table Corru
12-10-2018 - 22:03 15-08-2012 - 01:55
CVE-2012-2521 9.3
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code Execution Vulnerability."
12-10-2018 - 22:03 15-08-2012 - 01:55
CVE-2012-1849 9.3
Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file,
12-10-2018 - 22:02 12-06-2012 - 22:55
CVE-2012-1537 9.3
Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012
12-10-2018 - 22:02 12-12-2012 - 00:55
CVE-2012-1526 9.3
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability
12-10-2018 - 22:02 15-08-2012 - 01:55
CVE-2012-0172 9.3
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."
12-10-2018 - 22:02 10-04-2012 - 21:55
CVE-2012-0171 9.3
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
12-10-2018 - 22:02 10-04-2012 - 21:55
CVE-2012-0170 9.3
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."
12-10-2018 - 22:02 10-04-2012 - 21:55
CVE-2012-0168 7.6
Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution
12-10-2018 - 22:02 10-04-2012 - 21:55
CVE-2012-0164 5.0
Microsoft .NET Framework 4 does not properly compare index values, which allows remote attackers to cause a denial of service (application hang) via crafted requests to a Windows Presentation Foundation (WPF) application, aka ".NET Framework Index Co
12-10-2018 - 22:02 09-05-2012 - 00:55
CVE-2012-0163 9.3
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted AS
12-10-2018 - 22:02 10-04-2012 - 21:55
CVE-2012-0162 9.3
Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Buffer Alloc
12-10-2018 - 22:02 09-05-2012 - 00:55
CVE-2012-0159 9.3
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 bef
12-10-2018 - 22:02 09-05-2012 - 00:55
CVE-2012-0158 9.3
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005
12-10-2018 - 22:02 10-04-2012 - 21:55
CVE-2012-0138 9.3
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
12-10-2018 - 22:02 14-02-2012 - 22:55
CVE-2012-0137 9.3
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
12-10-2018 - 22:02 14-02-2012 - 22:55
CVE-2012-0136 9.3
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
12-10-2018 - 22:02 14-02-2012 - 22:55
CVE-2012-0020 9.3
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
12-10-2018 - 22:02 14-02-2012 - 22:55
CVE-2012-0019 9.3
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
12-10-2018 - 22:02 14-02-2012 - 22:55
CVE-2012-0018 9.3
Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "VSD File Format Memory Corruption Vulnerability."
12-10-2018 - 22:02 09-05-2012 - 00:55
CVE-2012-0010 4.3
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information D
12-10-2018 - 22:01 14-02-2012 - 22:55
CVE-2011-5046 9.3
The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly valida
12-10-2018 - 22:01 30-12-2011 - 19:55
CVE-2011-3411 9.3
Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability."
12-10-2018 - 22:01 14-12-2011 - 00:55
CVE-2011-3389 4.3
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man
12-10-2018 - 22:01 06-09-2011 - 19:55
CVE-2011-2012 5.0
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Ses
12-10-2018 - 22:01 12-10-2011 - 02:52
CVE-2011-1990 9.3
Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an uns
12-10-2018 - 22:01 15-09-2011 - 12:26
CVE-2011-1989 9.3
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for
12-10-2018 - 22:01 15-09-2011 - 12:26
CVE-2011-1969 9.3
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified
12-10-2018 - 22:01 12-10-2011 - 02:52
CVE-2011-1897 4.3
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Default Reflected XSS Vul
12-10-2018 - 22:01 12-10-2011 - 02:52
CVE-2011-1896 4.3
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "ExcelTable Reflected XSS
12-10-2018 - 22:01 12-10-2011 - 02:52
CVE-2011-1895 4.3
CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XS
12-10-2018 - 22:01 12-10-2011 - 02:52
CVE-2011-1273 9.3
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly
12-10-2018 - 22:00 16-06-2011 - 20:55
CVE-2011-0656 9.3
Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint V
12-10-2018 - 21:59 13-04-2011 - 18:55
CVE-2011-0655 9.3
Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and P
12-10-2018 - 21:59 13-04-2011 - 18:55
CVE-2011-0098 9.3
Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Format
12-10-2018 - 21:59 13-04-2011 - 18:55
CVE-2011-0097 9.3
Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 a
12-10-2018 - 21:59 13-04-2011 - 18:55
CVE-2010-3973 9.3
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef met
12-10-2018 - 21:59 23-12-2010 - 18:00
CVE-2010-3240 9.3
Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a cr
12-10-2018 - 21:58 13-10-2010 - 19:00
CVE-2010-3214 9.3
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer;
12-10-2018 - 21:58 13-10-2010 - 19:00
CVE-2010-2564 9.3
Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability."
12-10-2018 - 21:57 11-08-2010 - 18:47
CVE-2010-0823 9.3
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel
12-10-2018 - 21:57 08-06-2010 - 20:30
CVE-2010-0821 9.3
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel
12-10-2018 - 21:57 08-06-2010 - 20:30
CVE-2010-0484 6.8
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to ex
12-10-2018 - 21:56 08-06-2010 - 22:30
CVE-2010-0263 9.3
Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Serv
12-10-2018 - 21:56 10-03-2010 - 22:30
CVE-2010-0242 7.8
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, ak
12-10-2018 - 21:56 10-02-2010 - 18:30
CVE-2010-0241 10.0
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitr
12-10-2018 - 21:56 10-02-2010 - 18:30
CVE-2010-0240 10.0
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which a
12-10-2018 - 21:56 10-02-2010 - 18:30
CVE-2010-0239 10.0
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arb
12-10-2018 - 21:56 10-02-2010 - 18:30
CVE-2009-2501 9.3
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 G
12-10-2018 - 21:51 14-10-2009 - 10:30
CVE-2009-1542 9.0
The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute a
12-10-2018 - 21:51 15-07-2009 - 15:30
CVE-2009-1536 2.6
ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via
12-10-2018 - 21:51 12-08-2009 - 17:30
CVE-2009-1122 7.6
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "I
12-10-2018 - 21:50 10-06-2009 - 18:30
CVE-2009-0559 9.3
Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "String Copy Stack-Based Overrun Vulnerability."
12-10-2018 - 21:50 10-06-2009 - 18:30
CVE-2009-0556 9.3
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value tha
12-10-2018 - 21:50 03-04-2009 - 18:30
CVE-2009-0224 9.3
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and
12-10-2018 - 21:50 12-05-2009 - 22:30
CVE-2009-0217 5.0
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLog
12-10-2018 - 21:49 14-07-2009 - 23:30
CVE-2008-4269 8.5
The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML docum
12-10-2018 - 21:48 10-12-2008 - 14:00
CVE-2008-4268 8.5
The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search f
12-10-2018 - 21:48 10-12-2008 - 14:00
CVE-2008-4020 4.3
Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which rende
12-10-2018 - 21:48 15-10-2008 - 00:12
CVE-2008-4019 9.3
Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold
12-10-2018 - 21:48 15-10-2008 - 00:12
CVE-2008-3464 7.2
afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a cra
12-10-2018 - 21:48 15-10-2008 - 00:12
CVE-2008-2247 4.3
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.
12-10-2018 - 21:47 08-07-2008 - 23:41
CVE-2008-1448 7.1
The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended a
12-10-2018 - 21:47 13-08-2008 - 00:41
CVE-2008-1440 7.1
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast (PGM) packets, which allows remote attackers to cause a denial of service (infinite loop and system hang)
12-10-2018 - 21:45 12-06-2008 - 02:32
CVE-2008-1086 9.3
The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, wh
12-10-2018 - 21:45 08-04-2008 - 23:05
CVE-2008-1085 9.3
Use-after-free vulnera