[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15162 Download | Alert*

The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.

The host is installed with Microsoft Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) or Active Directory Services and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to handle a crafted query. Successful exploitation could allow attackers to cause memory consumption and service o ...

The host is installed with Microsoft Publisher 2003 and is prone to negative value allocation vulnerability. A flaw is present in the application, which fails to properly validate an array size while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Publisher 2003 and is prone to corrupt interface pointer vulnerability. A flaw is present in the application, which incorrectly uses a corrupted pointer while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Publisher 2003 and is prone to return value validation vulnerability. A flaw is present in the application, which fails to properly validate a returned value type while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Publisher 2003, 2007 or 2010 and is prone to pointer handling vulnerability. A flaw is present in the application, which fails to properly validate a pointer while handling specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Publisher 2003 and is prone to buffer overflow vulnerability. A flaw is present in the application, which allows a negative number to be passed into a byte array insertion while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Symantec AntiVirus Corporate Edition (SAVCE) or Symantec System Center (SSC) or Symantec Quarantine Server and is prone to a remote code execution vulnerability. A flaw is present in the Intel Alert Management System, which fails to validate input passed to msgsys.exe a UNC share pathname which is directly used in a function call. Successful exploitation could allow an a ...

The host is installed with Apple Safari before 4.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which misinterprets downloaded image files as local HTML documents in unspecified circumstances. Successful exploitation could allow attackers to execute arbitrary JavaScript code by placing it in an image file.


Pages:      Start    1434    1435    1436    1437    1438    1439    1440    1441    1442    1443    1444    1445    1446    1447    ..   1516

© SecPod Technologies