[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 7347 Download | Alert*

The host is installed with ALZip and is prone to buffer-overflow vulnerability. A flaw is present in the application which fails to perform adequate boundary checks on user-supplied data. Successful exploitation allows remote attacker to execute arbitrary code.

The host is installed with Adobe ColdFusion and is prone to cross-site request forgery (CSRF) vulnerability. A flaw is present in the application which fails to properly handle unauthorized actions. Successful exploitation allows remote attacker to hijack the authentication

The host is installed with Apache Archiva and is prone to multiple cross-site request forgery (CSRF) vulnerabilities. The flaws are present in the application which is caused by improper validation of user-supplied input. Successful exploitation allows remote attacker to perform certain administrative actions and gain unauthorized access to the affected application.

The host is installed with HP System Management Homepage (SMH) before 7.0 and is prone to cross-site request forgery (CSRF) vulnerability. A flaw is present in the application, which fails to properly validate user-supplied input. Successful exploitation allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files."

Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate i ...

Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability."

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability."

Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.


Pages:      Start    628    629    630    631    632    633    634    635    636    637    638    639    640    641    ..   734

© SecPod Technologies