[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

251139

 
 

909

 
 

196159

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26632 Download | Alert*

PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilit ...

Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."

Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.

Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.

Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."

The host is installed with IBM Tivoli Endpoint Manager (TEM) 8.0 before 8.2.1372 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to properly sanitize user-supplied input. Successful exploitation allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

The host is installed with Microsoft Infopath 2010, SharePoint Server 2010, SharePoint Foundation 2010, Office Web Apps 2010 or Groove Server 2010 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which is caused by the way that HTML strings are sanitized. Successful exploitation allows attackers to perform cross-site scripting attacks on affected systems ...

The host is installed with AWStats and is prone to remote command execution vulnerability. A flaw is present in the application, which fails to properly handle "\\" when specifying a configuration file directory. Successful exploitation could allow an attacker to specify an arbitrary configuration file located on an SMB share.

The host is installed with AWStats and is prone to remote command execution vulnerability. A flaw is present in the application, which fails to avoid accepting a configdir parameter in the URL. Successful exploitation could allow remote attackers to execute arbitrary commands.

The host is installed with Microsoft Publisher 2003 and is prone to incorrect NULL value handling vulnerability. A flaw is present in the application, which fails to properly handle NULL values while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.


Pages:      Start    2624    2625    2626    2627    2628    2629    2630    2631    2632    2633    2634    2635    2636    2637    ..   2663

© SecPod Technologies