[Forgot Password]
Login  Register Subscribe

24547

 
 

132805

 
 

131423

 
 

909

 
 

108504

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 13765 Download | Alert*

The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.

Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.

The host is installed with Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Mozilla Thunderbird before 3.0.11 and 3.1.x before 3.1.7, or Mozilla SeaMonkey before 2.0.11 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to validate downloadable fonts before use within an operating system's font implementation. Successful exploitation could ...

The host is installed with Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13 or Mozilla SeaMonkey before 2.0.11 and is prone to SSL spoofing vulnerability. A flaw is present in the network or certificate error page handling, which allows opening site to access documents inside the window and inject arbitrary content. Successful exploitation could allow remote attackers to spoof the location ba ...

The host is installed with PHP and is prone to use-after-free vulnerability. A flaw is present in PHP before 5.3.4 which allows a NULL byte injection where anything after a null byte in a string is truncated. Successful exploitation allows an attacker to bypass intended access restrictions by placing a safe file extension after a NULL character.

The host is installed with Opera before 11.01 and is prone to information disclosure vulnerability. A flaw is present in Opera which does not properly handle redirections and HTTP responses. Successful exploitation allows remote web servers to obtain sufficient access to local files and obtain potentially sensitive information from the contents of the files using an unknown response manipulation.

The host is installed with Opera before 11.01 and is prone to information disclosure vulnerability. A flaw is present in Delete Private Data feature in Opera, which fails to delete passwords until the browser is restarted, when "Delete Private Data" is used and an option to "Clear all email account passwords" is selected. Successful exploitation allows physically proximate attackers to access an e ...

The host is installed with Opera before 11.01 and is prone to denial of service vulnerability. A flaw is present in Opera, which fails to properly implement Wireless Application Protocol (WAP) dropdown lists. Successful exploitation allows user-assisted remote attackers to cause application crash using a crafted WAP document.

The host is installed with PHP and is prone to security bypass vulnerability. A flaw is present is in the extract function in PHP before 5.2.15, which overwrites $GLOBALS and $this when using EXTR_OVERWRITE. Successful exploitation allows context-dependent attackers to bypass intended access restrictions by modifying data structures that are not intended to depend on external input.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1376

© SecPod Technologies