ISS Multiple Product Application Protection Module Local Privilege Escalation
ISS BlackICE and RealSecure Desktop packages contain a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user resets a help dialog file mask and will permit a user to execute arbitrary code with the system level privileges. This flaw may lead to a loss of confidentiality or integrity.. Read more.
HP-UX swagentd Unspecified DoS
HP-UX contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified error in the 'swagentd' daemon occurs, and will result in loss of availability for the service.. Read more.
ADOdb tmssql.php Variable Arbitrary PHP Function Execution
ADOdb contains a flaw that may allow a malicious user to execute arbitrary PHP functions via the do parameter. The issue is triggered due to the insecure "tests/tmssql.php" test script. It is possible that the flaw may result in a loss of integrity.. Read more.
Horde Admin Account Default Null Password
By default, Horde installs with a default password if configuration is started, but aren't completed. The admin account has a blank password which is publicly known and documented. This allows attackers to trivially access the program or system.. Read more.
Microsoft IE mshtml.dll Multiple Script Action Handler Overflow
Remote overflow exists in Microsoft Internet Explorer. The product fails to properly check bounds for handling HTML tags with multiple event handlers resulting in a buffer overflow. With a specially crafted HTML document, an attacker can cause affected web browsers to crash or remote code execution resulting in a loss of integrity, and/or availability.. Read more.
Microsoft IE createTextRange() Function Arbitrary Code Execution
Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered due to a memory corruption error when processing a specially crafted "createTextRange()" call associated with a "checkbox" object. It is possible that the flaw may allow attackers to remotely take complete control of an affected system resulting in a loss of integrity.. Read more.
Microsoft IE Arbitrary HTA File Execution
Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute HTA files (HTML Applications) in the context of targeted users. The issue is triggered when unspecified condition occurs. It is possible that the flaw may allow to execute code and potentially to compromise affected system resulting in a loss of integrity.. Read more.
Linux Kernel ctnetlink ip_conntrack_proto_tcp.c Multiple Function DoS
Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered via a message without ICMP ID (ICMP_ID) information or via an update message without private protocol information, and will result in loss of availability for the platform.. Read more.
mIRC DCC Get Folder Dialog Long String Overflow
A local overflow exists in mIRC. The product fails to check bounds for elements of the locally opened "DCC Get Folder" dialog resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution with the current user privileges resulting in a loss of integrity.. Read more.
Mac OS X BOMArchiveHelper Traversal Arbitrary File Overwrite
Mac OS X contains a flaw that allows an attacker to create archive files which unpack to arbitrary directories which are writable by the current user. The issue is due to the BOM framework not properly sanitizing paths to be written.. Read more.
Vuln: Flex Code Generation Buffer Overflow Vulnerability
Flex Code Generation Buffer Overflow Vulnerability. Read more.
Vuln: Xigla Absolute Live Support XE Multiple HTML Injection Vulnerabilities
Xigla Absolute Live Support XE Multiple HTML Injection Vulnerabilities. Read more.
Vuln: Caloris Planitia Technologies School Management System Cross-Site Scripting Vulnerability
Caloris Planitia Technologies School Management System Cross-Site Scripting Vulnerability
. Read more.
Vuln: Veritas Backup Exec Multiple Remote Denial of Service Vulnerabilities
Veritas Backup Exec Multiple Remote Denial of Service Vulnerabilities. Read more.
[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation. Read more.
PHPLiveHelper 1.8 remote command execution (include) Xploit (perl)
PHPLiveHelper 1.8 remote command execution (include) Xploit (perl)
. Read more.
SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons
SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons. Read more.
ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow
ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow. Read more.
