inconsistent software vulnerabilities
vulnerabilities.aspcode.net
Searching inconsistent software vulnerabilities
Cisco 6000, 6500, and 7600 series systems with
Cisco
|
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
Cross-site scripting (XSS) vulnerability in Pho
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendor's patch.
webadmin-apache.conf in Novell Web Manager of N
webadmin-apacheconf
|
inconsistent
|
uppercase
|
lowercase
|
attackers
|
directory
|
NetWare
|
Manager
|
control
|
WEB-INF
|
allows
|
remote
|
Novell
|
bypass
|
folder
|
access
|
volume
|
Alias
|
which
|
uses
|
Web
|
tag
|
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
The atm module in Linux kernel 2.6 before 2.6.1
kernel
|
module
|
before
|
Linux
|
atm
|
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.
Race condition in the do_add_counters function
do_add_counters
|
condition
|
netfilter
|
function
|
kernel
|
Linux
|
Race
|
Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE.
Microsoft Windows Graphics Rendering Engine (GR
Rendering
|
Microsoft
|
Graphics
|
Windows
|
Engine
|
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.
The XClientMessageEvent struct used in certain
XClientMessageEvent
|
components
|
certain
|
struct
|
XOrg
|
used
|
The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a "long" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks.
GUI display truncation vulnerability in Mozilla
vulnerability
|
Thunderbird
|
truncation
|
Mozilla
|
display
|
GUI
|
GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by Thunderbird, along with an inconsistent Content-Type header, which could be used to trick a user into downloading dangerous content by dragging or saving the attachment.
The Linux kernel before 2.6.16.9 and the FreeBS
before
|
kernel
|
Linux
|
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processers in a security-relevant fashion that was not addressed by the kernels.
chpst in runit 1.3.3-1 for Debian GNU/Linux, wh
inconsistent
|
permissions
|
GNU/Linux
|
specified
|
dietlibc
|
machines
|
properly
|
multiple
|
compiled
|
against
|
causes
|
handle
|
groups
|
assign
|
option
|
endian
|
little
|
Debian
|
gid_t
|
runit
|
group
|
chpst
|
sizes
|
which
|
133-1
|
does
|
type
|
i386
|
root
|
not
|
bit
|
due
|
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gid_t type.
MSO.DLL in Microsoft Office 2000, Office XP (20
Microsoft
|
Office
|
MSODLL
|
MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a certain "01 00 00 00" byte sequence with an "FF FF FF FF" byte sequence, possibly causing an invalid array index, in (1) an Excel .xls document, which triggers an access violation in ole32.dll; (2) an Excel .xlw document, which triggers an access violation in excel.exe; (3) a Word document, which triggers an access violation in mso.dll in winword.exe; and (4) a PowerPoint document, which triggers an access violation in powerpnt.txt. NOTE: after the initial disclosure, this issue was demonstrated by triggering an integer overflow using an inconsistent size for a Unicode "Sheet Name" string.
SCTP in Linux kernel before 2.6.16.17 allows re
kernel
|
before
|
Linux
|
SCTP
|
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
Bitrix Site Manager 4.1.x allows remote attacke
attackers
|
back_url
|
redirect
|
modified
|
websites
|
request
|
Manager
|
during
|
Bitrix
|
remote
|
allows
|
users
|
other
|
HTTP
|
POST
|
Site
|
via
|
41x
|
Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified back_url during a HTTP POST request. NOTE: this issue has been referred to as "cross-site scripting," but that is inconsistent with the common use of the term.
The decode_stringmap function in server_transpo
server_transportcpp
|
decode_stringmap
|
function
|
UFO2000
|
svn
|
The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a keysize or valsize that is inconsistent with the packet size, which leads to a buffer over-read.
Kaspersky Anti-Hacker 1.8.180, when Stealth Mod
Anti-Hacker
|
Kaspersky
|
Kaspersky Anti-Hacker 1.8.180, when Stealth Mode is enabled, allows remote attackers to obtain responses to ICMP (1) timestamp and (2) netmask requests, which is inconsistent with the documented behavior of Stealth Mode.
Stack-based buffer overflow in the ReadFile fun
ZOO-processing
|
Stack-based
|
Compression
|
overflow
|
function
|
ReadFile
|
BeCubed
|
exports
|
before
|
buffer
|
Plus
|
Stack-based buffer overflow in the ReadFile function in the ZOO-processing exports in the BeCubed Compression Plus before 5.0.1.28, as used in products including (1) Tumbleweed EMF, (2) VCOM/Ontrack PowerDesk Pro, (3) Canyon Drag and Zip, (4) Canyon Power File, and (5) Canyon Power File Gold, allow context-dependent attackers to execute arbitrary code via an inconsistent size parameter in a ZOO file header.
Heap-based buffer overflow in the MCRegEx__Sear
MCRegEx__Search
|
Heap-based
|
function
|
overflow
|
buffer
|
2003b
|
Build
|
Pro
|
AOL
|
ICQ
|
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.
The cgi.rb CGI library for Ruby 1.8 allows remo
attackers
|
library
|
service
|
remote
|
denial
|
allows
|
cgirb
|
cause
|
Ruby
|
CGI
|
The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID.
The 64-bit versions of Microsoft Visual C++ 8.0
Microsoft
|
standard
|
versions
|
library
|
64-bit
|
Visual
|
C++
|
The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions. However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition.
Software vulnerabilities results 1 to 20 of 20
Page:
1
2
►