applications software vulnerabilities
vulnerabilities.aspcode.net
Searching applications software vulnerabilities
Denial of service in SMTP applications such as
applications
|
Sendmail
|
attacker
|
service
|
remote
|
Denial
|
SMTP
|
such
|
Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.
ZAK in Appstation mode allows users to bypass t
applications
|
Appstation
|
starting
|
Explorer
|
allowed
|
policy
|
allows
|
Office
|
bypass
|
apps"
|
users
|
mode
|
"Run
|
only
|
ZAK
|
ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.
DNSTools CGI applications allow remote attacker
metacharacters
|
applications
|
attackers
|
arbitrary
|
DNSTools
|
commands
|
execute
|
remote
|
shell
|
allow
|
CGI
|
via
|
DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.
NetInfo Manager for Mac OS X 10.0 through 10.1
Manager
|
NetInfo
|
Mac
|
NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.
Citrix NFuse 1.6 may allow remote attackers to
authentication
|
applications
|
applistasp
|
attackers
|
accessing
|
without
|
Citrix
|
remote
|
NFuse
|
allow
|
page
|
list
|
may
|
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page.
Multiple buffer overflows in the XView library
applications
|
arbitrary
|
overflows
|
Multiple
|
execute
|
library
|
buffer
|
setuid
|
users
|
XView
|
allow
|
local
|
code
|
use
|
via
|
may
|
Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.
uim before 0.4.5.1 trusts certain environment v
before
|
uim
|
uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.
FreeBSD
|
kernel
|
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory.
Java Web Start in Java 2 Platform Standard Edit
Platform
|
Standard
|
Edition
|
Start
|
Java
|
Web
|
Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges.
Multiple "endianness errors" in libgadu in ekg
"endianness
|
attackers
|
Multiple
|
service
|
errors"
|
libgadu
|
remote
|
before
|
denial
|
cause
|
16rc2
|
allow
|
ekg
|
Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.
Multiple unspecified vulnerabilities in Oracle
vulnerabilities
|
Applications
|
unspecified
|
E-Business
|
Multiple
|
Oracle
|
Suite
|
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in Application Install; (2) APPS02 and (3) APPS03 in Application Object Library; (4) APPS05 and (5) APPS06 in Applications Technology Stack; (6) APPS07 in Applications Utilities; (7) APPS09, (8) APPS10, and (9) APPS11 in HRMS; (10) APPS12 in Mobile Application Foundation; (11) APPS13 in SDP Number Portability; (12) APPS14 in Oracle Service; (13) APPS15 in Service Fulfillment Manage, (14) APPS16 in Universal Work Queue; and (15) APPS20 in Workflow Cartridge.
Unspecified vulnerability in Oracle E-Business
vulnerability
|
Applications
|
Unspecified
|
E-Business
|
Oracle
|
Suite
|
Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS.
Multiple unspecified vulnerabilities in Oracle
vulnerabilities
|
Applications
|
unspecified
|
E-Business
|
Multiple
|
Oracle
|
Suite
|
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS07 in the (b) Oracle Applications Framework component; (3) APPS08, (4) APPS09, (5) APPS10, and (6) APPS11 in the (c) Oracle Applications Technology Stack component; (7) APPS12 in the (d) Oracle Human Resources component; (8) APPS15 and (9) APPS16 in the (e) Oracle Marketing component; (10) APPS17 in the (f) Marketing Encyclopedia System component; (11) APPS18 in the (g) Oracle Trade Management component; and (12) APPS19 in the (h) Oracle Web Applications Desktop Integration component.
Unspecified vulnerability in BEA WebLogic Serve
vulnerability
|
applications
|
Unspecified
|
untrusted
|
WebLogic
|
identity
|
server's
|
unknown
|
vectors
|
Express
|
attack
|
allows
|
Server
|
obtain
|
SP5
|
SSL
|
BEA
|
via
|
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 SP5 allows untrusted applications to obtain the server's SSL identity via unknown attack vectors.
Multiple unspecified vulnerabilities in Oracle
vulnerabilities
|
Applications
|
unspecified
|
E-Business
|
11510CU2
|
Multiple
|
unknown
|
vectors
|
impact
|
attack
|
Oracle
|
Vuln#
|
Suite
|
have
|
aka
|
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS01 for Internet Expenses; (2) APPS02, (3) APPS05, (4) APPS06, (5) APPS07, (6) APPS08, (7) APPS09, and (8) APPS10 for Oracle Application Object Library; (9) APPS11, (10) APPS12, and (11) APPS13 for Oracle Applications Technology Stack; (12) APPS14 for Oracle Call Center Technology; (13) APPS15 for Oracle Common Applications; (14) APPS18 for Oracle Self-Service Web Applications; and (15) APPS19 for Oracle Workflow Cartridge.
Unspecified vulnerability in Oracle Pharmaceuti
Pharmaceutical
|
vulnerability
|
Applications
|
Unspecified
|
Oracle
|
Unspecified vulnerability in Oracle Pharmaceutical Applications 4.5.1 has unknown impact and remote authenticated attack vectors, aka Vuln# PHAR01.
Unspecified vulnerability in the match_rule_equ
match_rule_equal
|
vulnerability
|
bus/signalsc
|
Unspecified
|
function
|
before
|
D-Bus
|
Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service (lost process messages).
Multiple unspecified vulnerabilities in Oracle
vulnerabilities
|
Applications
|
unspecified
|
E-Business
|
Multiple
|
11510CU2
|
unknown
|
vectors
|
related
|
attack
|
Oracle
|
impact
|
Suite
|
have
|
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors related to (1) Application Object Library (APPS01), (2) Human Resources (APPS03), (3) Payables (APPS04), (4) Trading Community Architecture (APPS05), and (5) Web Applications Desktop Integrator (APPS06).
Unspecified vulnerability in Oracle E-Business
vulnerability
|
Applications
|
Unspecified
|
E-Business
|
Oracle
|
Suite
|
Unspecified vulnerability in Oracle E-Business Suite and Applications 6.2.3 has unknown impact and attack vectors related to Oracle Exchange, aka APPS02.
Unspecified vulnerability in Oracle E-Business
vulnerability
|
Unspecified
|
E-Business
|
11510CU2
|
unknown
|
vectors
|
remote
|
attack
|
impact
|
Oracle
|
Suite
|
has
|
Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02).
Software vulnerabilities results 1 to 20 of 212
Page:
1
2
3
4
5
...
11
►