Searching extended software vulnerabilities

Cisco IOS 9.1 and earlier does not properly han

"established" | attackers | properly | extended | keyword | earlier | filters | enabled | access | handle | bypass | could | allow | which | lists | Cisco | route | cache | does | set | IOS | not |

Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.


Buffer overflow in iParty server 1.2 and earlie

attackers | overflow | service | earlier | remote | denial | Buffer | iParty | allows | server | cause |

Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.


The xp_displayparamstmt function in SQL Server

xp_displayparamstmt | Microsoft | function | Desktop | Engine | Server | SQL |

The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_enumresultset function in SQL Server and

xp_enumresultset | Microsoft | function | Desktop | Engine | Server | SQL |

The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_showcolv function in SQL Server and Micr

xp_showcolv | Microsoft | function | Desktop | Engine | Server | SQL |

The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The Extended Control List (ECL) feature of the

Extended | Control | List |

The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.


McAfee WebShield SMTP 4.5 allows remote attacke

characters | attachment | including | attackers | WebShield | filtering | Extended | content | remote | allows | McAfee | bypass | email | ASCII | rules | name | SMTP |

McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.


SQLQHit.asp sample file in Microsoft Index Serv

information | attributes | SQLQHitasp | parameter | attackers | sensitive | Microsoft | physical | portions | directly | CiScope | calling | source | Server | sample | allows | obtain | remote | Index | such | file | code | path | set |

SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.


Buffer overflows in extended stored procedures

procedures | Microsoft | overflows | extended | Server | Buffer | stored | SQL |

Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.


Cross-site scripting vulnerability in Internet

vulnerability | Cross-site | attackers | arbitrary | scripting | Internet | Extended | cleansed | properly | Explorer | earlier | execute | server | output | script | remote | allows | whose | HTML | Form | via | not |

Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.


Cross-site scripting vulnerability in Opera 6.0

vulnerability | Cross-site | arbitrary | attackers | scripting | Extended | properly | cleansed | earlier | execute | server | output | script | remote | allows | Opera | whose | HTML | Form | via | not |

Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.


Microsoft SQL Server before Windows 2000 SP4 al

Microsoft | Windows | before | Server | SQL |

Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.


Heap-based buffer overflow in the SvrAppendRece

SvrAppendReceivedChunk | xlsasinkdll | Heap-based | Exchange | function | overflow | service | Server | buffer | SMTP |

Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.


Mac OS X 10.3.9, when using an LDAP server that

Mac |

Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.


Heap-based buffer overflow in rsync in Mac OS X

Heap-based | overflow | buffer | rsync | Mac |

Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes.


Buffer overflow in tar 1.14 through 1.15.90 all

overflow | Buffer | tar |

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.


Heap-based buffer overflow in SpIDer for Dr.Web

Heap-based | overflow | Scanner | SpIDer | buffer | Linux | DrWeb |

Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name.


SQL injection vulnerability in Extended Tracker

vulnerability | injection | Extended | Tracker | SQL |

SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs."


Format string vulnerability in Songbird Media P

vulnerability | attackers | Songbird | earlier | service | string | denial | Format | remote | Player | allows | Media | cause |

Format string vulnerability in Songbird Media Player 0.2 and earlier allows remote attackers to cause a denial of service (crash) via an M3U Playlist file containing extended ASCII, which causes the Unicode converter to be invoked.


Unspecified vulnerability in Hitachi TP1/NET/OS

TP1/NET/OSI-TP-Extended | vulnerability | Unspecified | HI-UX/WE2 | Hitachi | before |

Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on HI-UX/WE2 before Tuesday, February 13, 2007, and on HP-UX before Wednesday, March 14, 2007, allows remote attackers to cause a denial of service via certain data to a port.


Software vulnerabilities results 1 to 20 of 52     
Page: 123