[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253650

 
 

909

 
 

197367

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31491 Download | Alert*

Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."

Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed.

The host is installed with Microsoft Visio 2003, 2007 or 2010 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle XML external entities that are resolved within other XML external entity declarations. Successful exploitation allows attackers to read data from a file located on the target system.

The host is installed with IBM Tivoli Directory Server 6.2 before 6.2.0.3-TIV-ITDS-IF0004 and is prone to a security bypass vulnerability. A flaw is present in the Web Administration Tool, which fails to prevent auto completion of passwords in IDSWebApp login page. Successful exploitation could allow an attacker to bypass security and obtain access to an unattended workstation.

The host is installed with Apple Safari before 3.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly mask the password field when reverse conversion is used with the Kotoeri input method. Successful exploitation allows physically proximate attackers to read the password.

The host is installed with Apple Safari before 3.1 and is prone to a secure website spoofing vulnerability. A flaw is present in the application, which fails to properly handle a 502 Bad Gateway error. Successful exploitation allows remote attackers to retrieve arbitrary data.

The host is installed with Apple Safari before 3.2.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Safari RSS feeds. Successful exploitation could allow attackers to obtain passwords, cookies or other sensitive information.

The host is installed with Sun JDK or JRE 6 Update 10 or earlier and is prone to an multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages. Successful exploitation could allow applications to gain privileges.

The host is installed with Sun JDK or JRE 6 Update 10 or earlier, 5.0 Update 16 or earlier or 1.4.2_18 or earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to crash the service.

The host is installed with Sun JDK or JRE 6 Update 10 or earlier or 5.0 Update 16 or earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a crafted RSA public key. Successful exploitation could allow attackers to crash the service.


Pages:      Start    3062    3063    3064    3065    3066    3067    3068    3069    3070    3071    3072    3073    3074    3075    ..   3149

© SecPod Technologies