[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15028 Download | Alert*

PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability".

The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability."

The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code.

The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation could allow attackers to execute arbitrary code.

The host is installed with Microsoft Internet Explorer 6 through 10 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted web site that triggers access to a deleted object. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Publisher 2003 and is prone to signed integer vulnerability. A flaw is present in the application, which fails to expect a signed value when allocating memory while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Windows XP or Windows server 2003 and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) that is caused by an integer overflow condition. Successful exploitation allows remote attacker to execute code in the context of the system account.

The host is installed with HP OpenView Storage Data Protector and is prone to a denial of service of service vulnerability. A flaw is present in the application, as it fails to handle a request containing crafted parameters. Successful exploitation could allow remote attacker to cause a denial of service (daemon exit).

The host is installed with Novell File Reporter 1.0.4.2 or earlier and is prone to arbitrary files deletion vulnerability. A flaw is present in the application which is caused due to an error in the NFR Agent (NFRAgent.exe) when handling "OPERATION " and "CMD" commands in the "SRS" tag. Successful exploitation allows remote attacker to delete arbitrary files.

The host is installed with Apple Safari before 3.1.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted download filename. Successful exploitation allows remote attackers to crash the service or execute arbitrary code.


Pages:      Start    1442    1443    1444    1445    1446    1447    1448    1449    1450    1451    1452    1453    1454    1455    ..   1502

© SecPod Technologies