Searching loaded software vulnerabilities

Internet Explorer 5.5 and 6.0 allows remote att

vulnerability | potentially | information | sensitive | attackers | Internet | contains | Explorer | executed | Cookies" | "Script | Reading | cookies | within | loaded | cookie | remote | allows | script | steal | which | page | aka | via |

Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability.


Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.

Assistant | Trolltech |

Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service.


RealOne player allows remote attackers to execu

demonstrated | presentation | references | previously | arbitrary | scripting | attackers | Computer" | executed | security | protocol | RealOne | execute | context | script | remote | allows | player | loaded | using | which | zone | SMIL | "My | URL | via |

RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.


The loadClass method of the sun.applet.AppletCl

sunappletAppletClassLoader | loadClass | Virtual | Machine | method | class | Java |

The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.


vos24u.c in SAP database server (SAP DB) 7.4.03

database | vos24uc | server | SAP |

vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.


chatbox.php in e107 0.554 and 0.603 allows remo

chatboxphp | e107 |

chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded.


The CFPlugIn in Core Foundation framework in Ma

Foundation | privileges | libraries | framework | supplied | CFPlugIn | loaded | allows | allow | users | local | could | which | gain | user | Core | Mac |

The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges.


The POSIX Capability Linux Security Module (LSM

Capability | Security | Module | POSIX | Linux |

The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.


PHP remote file inclusion vulnerability in main

vulnerability | demonstrated | arbitrary | attackers | reference | parameter | modifying | KorWeblog | inclusion | indexphp | contains | maininc | 162-cvs | earlier | execute | remote | server | G_PATH | allows | using | file | code | web | URL | PHP |

PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and earlier allows remote attackers to execute arbitrary PHP code by modifying the G_PATH parameter to reference a URL on a remote web server that contains the code, as demonstrated in index.php when using .. (dot dot) sequences in the lng parameter to cause main.inc to be loaded.


RealOne player 6.0.11.868 allows remote attacke

RealOne | player |

RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.


Unknown vulnerability in Novell GroupWise and G

vulnerability | GWAPACHECONF | directories | attackers | WebAccess | GroupWise | NetWare | through | Unknown | running | remote | allows | Server | Apache | Novell | loaded | using | files | read | Web |

Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.


A race condition in Opera web browser 7.53 Buil

condition | browser | Opera | race | web |

A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.


Firefox before 1.0 and Mozilla before 1.7.5 dis

Mozilla | Firefox | before |

Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.


QDBM before 1.8.33-r2 allows local users in the

privileges | directory | temporary | increase | allowing | 1833-r2 | runtime | objects | portage | object | loaded | search | allows | before | shared | users | local | added | group | build | which | QDBM | path | via |

QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.


GDAL before 1.3.0-r1 allows local users in the

privileges | directory | temporary | increase | allowing | runtime | portage | objects | object | search | loaded | shared | allows | 130-r1 | before | added | local | build | group | which | users | GDAL | path | via |

GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.


ImageMagick before 6.2.4.2-r1 allows local user

ImageMagick | privileges | directory | temporary | increase | allowing | 6242-r1 | runtime | objects | portage | search | loaded | object | allows | before | shared | users | local | group | which | build | added | path | via |

ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.


Unspecified vulnerability in PEAR installer 1.4

vulnerability | Unspecified | installer | PEAR |

Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.


CRE Loaded 6.15 allows remote attackers to perf

Loaded | CRE |

CRE Loaded 6.15 allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to files.php. NOTE: the vendor states "The initial announcement of this risk was made on our website... and it included a patch which will close the vulnerability on all known 6.0x and 6.1x releases. We strongly encourage users of CRE Loaded 6.x, osCMax, and other users of osCommerce who have installed HTMLArea based WYSIWYG editors and Admin Access with Levels to modify thier installations at the earliest possible moment."


The CheckLoadURI function in Mozilla Firefox 1.

CheckLoadURI | function | Firefox | Mozilla | lists |

The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history.


Unspecified vulnerability in Apple Safari allow

vulnerability | information | Unspecified | sensitive | obtain | allows | Safari | Apple | local | users |

Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an AppleScript script.


Software vulnerabilities results 1 to 20 of 34     
Page: 12