Searching edition software vulnerabilities

Vulnerability in iPlanet Web Server Enterprise

Vulnerability | Enterprise | Edition | iPlanet | Server | Web |

Vulnerability in iPlanet Web Server Enterprise Edition 4.x.


BadBlue Personal Edition v1.02 beta allows remo

executable | attackers | appending | Personal | programs | BadBlue | Edition | source | allows | remote | code | v102 | beta | read | %00 |

BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (null byte) to the request.


Directory traversal vulnerability in (1) Deerfi

vulnerability | traversal | Directory |

Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents.


Cross-site scripting vulnerability (XSS) in Bad

vulnerability | Cross-site | scripting |

Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.


Integer overflow in DUNZIP32.DLL for Microsoft

DUNZIP32DLL | Microsoft | overflow | Edition | Windows | Integer | Server | 64-bit |

Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.


MailEnable Professional Edition before 1.53 and

Professional | MailEnable | Edition | before |

MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands.


Buffer overflow in the IMAP service of MailEnab

Professional | MailEnable | overflow | Edition | service | Buffer | IMAP |

Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.


Directory traversal vulnerability in a third-pa

vulnerability | third-party | compression | traversal | Directory | library |

Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames.


Buffer overflow in a third-party compression li

third-party | compression | overflow | library | Buffer |

Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename.


Cross-site scripting (XSS) vulnerability in N-S

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in N-Stealth Commercial Edition before 5.8.0.38 and Free Edition before 5.8.1.03 allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report.


Multiple SQL injection vulnerabilities in NetCl

vulnerabilities | NetClassifieds | injection | Multiple | Edition | Premium | SQL |

Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition 1.0.1, Professional Edition 1.5.1, Standard Edition 1.9.6.3, and Free Edition 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter in (a) ViewCat.php and (b) gallery.php, and the (2) ItemNum parameter in (c) ViewItem.php.


Multiple SQL injection vulnerabilities in phpYe

vulnerabilities | phpYellowTM | injection | Multiple | Edition | Lite | SQL | Pro |

Multiple SQL injection vulnerabilities in phpYellowTM Pro Edition and Lite Edition 5.33 allow remote attackers to execute arbitrary SQL commands via the (1) haystack parameter to search_result.php or (2) ckey parameter to print_me.php.


Unspecified vulnerability in Sun Java System Ap

vulnerability | Application | Unspecified | Enterprise | Platform | Edition | Server | System | Java | Sun |

Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications.


Unspecified vulnerability in Sun Java System Ap

vulnerability | Application | Unspecified | attackers | Platform | Standard | earlier | Edition | remote | allows | source | obtain | Update | System | Server | 2004Q2 | pages | code | Java | Sun |

Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors.


Buffer overflow in the POP 3 (POP3) service in

overflow | Buffer | POP |

Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication.


Webmail in MailEnable Professional Edition befo

Professional | MailEnable | Edition | Webmail | before |

Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors involving "incorrectly encoded quoted-printable emails".


Unspecified vulnerability in the POP service in

vulnerability | Unspecified | MailEnable | Standard | Edition | service | before | POP |

Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probably a different vulnerability than CVE-2006-1337.


Unspecified vulnerability in a cryptographic fe

cryptographic | vulnerability | Unspecified | MailEnable | Standard | Edition | feature | before |

Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to "weakened authentication security" with unknown impact and attack vectors. NOTE: due to lack of details, it is not clear whether this is the same as CVE-2006-1792.


The Citrix EPA ActiveX control (aka the "endpoi

ActiveX | control | Citrix | EPA |

The Citrix EPA ActiveX control (aka the "endpoint checking control" or CCAOControl Object) before 4.5.0.0 in npCtxCAO.dll in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows remote attackers to download and execute arbitrary programs onto a client system.


Unspecified vulnerability in the client compone

vulnerability | Unspecified | components | Standard | Gateway | Edition | before | client | Citrix | Access |

Unspecified vulnerability in the client components in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows attackers to execute arbitrary code via unspecified vectors.


Software vulnerabilities results 1 to 20 of 173     
Page: 12345...9