Searching block software vulnerabilities

BlackIce Defender 2.1 and earlier, and BlackIce

Defender | BlackIce | earlier | Pro |

BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower.


The IDEA cipher as implemented by SSH1 does not

modification | implemented | redundancy | detection | attackers | changing | message | without | against | protect | allows | remote | cipher | cyclic | modify | check | block | final | which | does | SSH1 | IDEA | its | not |

The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.


Outlook Express 6.0, with "Do not allow attachm

attachments | potentially | forwarded | arbitrary | attackers | messages | execute | enabled | Express | Outlook | remote | opened | virus" | allow | which | could | saved | block | email | code | does | not | "Do |

Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.


Netgear RP114 Cable/DSL Web Safe Router Firmwar

Cable/DSL | Firmware | Netgear | Router | RP114 | Safe | Web |

Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.


The "block fragmented IP Packets" option in Sym

fragmented | Personal | Symantec | Firewall | Packets" | Norton | "block | option |

The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).


InfBlocks.java in JCraft JZlib before 0.0.7 all

InfBlocksjava | before | JCraft | JZlib |

InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data.


ypserv NIS server before 2.7 allows remote atta

attackers | service | respond | request | causes | server | ypserv | client | denial | remote | allows | before | cause | which | block | does | TCP | via | not | NIS |

ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.


Privacyware Privatefirewall 3.0 does not block

Privatefirewall | Privacyware | attackers | Traffic" | Internet | identify | services | incoming | certain | running | packets | "Filter | remote | allows | scans | block | modes | which | Xmas | does | Deny | not | via | FIN |

Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans.


Cisco IOS 11.x and 12.0 through 12.2 allows rem

Cisco | 11x | IOS |

Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.


Team Factor 1.25 and earlier allows remote atta

Factor | Team |

Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Team Factor to read unallocated memory.


CRLF injection vulnerability in index.php in ph

block_username | vulnerability | phpWebSite | attackers | Splitting | injection | parameter | Response | expected | indexphp | content | attacks | perform | server | modify | remote | module | allows | 093-4 | CRLF | user | HTTP | HTML | via |

CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the block_username parameter in the user module.


The (1) modules.php, (2) block-Calendar.php, (3


The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote attackers to obtain sensitive information via a URL with an invalid argument, which reveals the full path in an error message.


The ext2_make_empty function call in the Linux

ext2_make_empty | function | kernel | before | Linux | call |

The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.


Buffer overflow in the Server Message Block (SM

overflow | Message | Server | Buffer | Block |

Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."


Buffer overflow in GO-Global for Windows 3.1.0.

GO-Global | overflow | Windows | Buffer |

Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size.


Heap-based buffer overflow in Apple Quicktime b

Heap-based | Quicktime | overflow | before | buffer | Apple |

Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block.


Heap-based buffer overflow in WinACE 2.60 allow

Heap-based | overflow | WinACE | buffer |

Heap-based buffer overflow in WinACE 2.60 allows user-assisted attackers to execute arbitrary code via a large header block in an ARJ archive.


Buffer overflow in the (1) DWARF (dwarfread.c)

overflow | Buffer |

Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.


Multiple array index errors in the (1) get_intr

Multiple | errors | index | array |

Multiple array index errors in the (1) get_intra_block, (2) get_inter_block_h263, and (3) get_inter_block_mpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted (a) Avi, (b) H.263, or (c) MPEG file.


Heap-based buffer overflow in the flac_buffer_c

flac_buffer_copy | libsndfile | Heap-based | function | overflow | buffer |

Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.


Software vulnerabilities results 1 to 20 of 89     
Page: 12345