[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

251139

 
 

909

 
 

196159

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31404 Download | Alert*

Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.

Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.

The host is installed with Apple QuickTime 6.x or 7.x before 7.6.8 and is prone to remote code execution vulnerability. The flaw is present in IPersistPropertyBag2::Read function in QTPlugin.ocx, which fails to properly handle the _Marshaled_pUnk attribute. Successful exploitation allows attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshaling of an untrus ...

The host is installed with .NET Framework 2.0, 3.5, 3.5.1, 4.0 or 4.5 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to check signatures in XML file. Successful exploitation allows attackers to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity.

The host is installed with .NET Framework 4.5 and is prone to authentication bypass vulnerability. A flaw is present in the application, which fails to create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTPS. Successful exploitation allows attackers to bypass authentication by sending queries to an en ...

The host is installed with IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 and is prone to an information disclosure vulnerability. A flaw is present in the web administration tool, which fails to restrict access to certain log files. Successful exploitation could allow an attacker to disclose sensitive information.

The host is installed with Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10 or Symantec System Center (SSC) 10.x or Symantec Quarantine Server 3.5 or 3.6 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to sanitize user supplied input to 38292 port. Successful exploitation could allow an attacker to execute arbitrary code.

The host is installed with Apple Safari before 3.1 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to properly handle crafted certificates. Successful exploitation allows remote attackers to spoof trusted SSL certificates.


Pages:      Start    3109    3110    3111    3112    3113    3114    3115    3116    3117    3118    3119    3120    3121    3122    ..   3140

© SecPod Technologies