media software vulnerabilities
vulnerabilities.aspcode.net
Searching media software vulnerabilities
A Windows NT system does not restrict access to
removable
|
restrict
|
Windows
|
floppy
|
drives
|
access
|
system
|
CDROM
|
drive
|
media
|
does
|
disk
|
such
|
not
|
A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.
Windows Media Player ActiveX object as used in
existence
|
determine
|
malicious
|
Internet
|
Explorer
|
specific
|
returns
|
ActiveX
|
Windows
|
Player
|
allows
|
remote
|
object
|
client
|
which
|
error
|
Media
|
files
|
exist
|
sites
|
file
|
code
|
used
|
does
|
web
|
not
|
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
Real Media RealServer (rmserver) 6.0.3.353 stor
RealServer
|
Media
|
Real
|
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.
join.cfm in e-Zone Media Fuse Talk allows a loc
semi-colon
|
arbitrary
|
execute
|
joincfm
|
allows
|
e-Zone
|
local
|
Media
|
code
|
Fuse
|
user
|
Talk
|
via
|
SQL
|
join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.
Buffer overflow in admintool in Solaris 2.6, 7,
installation
|
privileges
|
admintool
|
overflow
|
Solaris
|
Buffer
|
allows
|
media
|
local
|
users
|
path
|
long
|
gain
|
root
|
via
|
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
Directory traversal vulnerability in Microsoft
vulnerability
|
hex-encoded
|
characters
|
containing
|
Directory
|
arbitrary
|
attackers
|
Microsoft
|
backslash
|
traversal
|
execute
|
Windows
|
Player
|
allows
|
remote
|
Media
|
skins
|
code
|
file
|
URL
|
via
|
Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location.
A certain Microsoft Windows Media Player 9 Seri
manipulate
|
attackers
|
Microsoft
|
ActiveX
|
control
|
Library
|
Windows
|
certain
|
script
|
system
|
Series
|
Player
|
allows
|
remote
|
Media
|
local
|
HTML
|
view
|
via
|
A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script.
Buffer overflow in the streaming media componen
capability
|
component
|
multicast
|
Microsoft
|
streaming
|
requests
|
overflow
|
Services
|
Windows
|
logging
|
Buffer
|
media
|
ISAPI
|
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.
Microsoft Outlook 2003 allows remote attackers
Microsoft
|
Outlook
|
Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502.
Keene Digital Media Server 1.0.2 allows local u
Digital
|
Server
|
Media
|
Keene
|
Keene Digital Media Server 1.0.2 allows local users to obtain usernames and passwords by reading the dmscore.db file on the local system.
SQL injection vulnerability in index.php for zO
vulnerability
|
injection
|
indexphp
|
Gallery
|
Media
|
zOOm
|
SQL
|
SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Unknown vulnerability in "the function used to
vulnerability
|
Serendipity
|
path-names
|
uploading
|
function
|
validate
|
Unknown
|
impact
|
before
|
media"
|
used
|
"the
|
has
|
Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact.
The media manager in Serendipity before 0.8 all
Serendipity
|
arbitrary
|
attackers
|
execute
|
manager
|
upload
|
before
|
allows
|
remote
|
media
|
The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
Windows Media Player 9 and 10, in certain cases
Management
|
protected
|
Digital
|
content
|
Windows
|
certain
|
Rights
|
Player
|
allows
|
Media
|
cases
|
Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled.
Unknown vulnerability in Serendipity 0.8, when
vulnerability
|
unprivileged
|
Serendipity
|
arbitrary
|
multiple
|
authors
|
Unknown
|
upload
|
allows
|
files
|
media
|
used
|
Unknown vulnerability in Serendipity 0.8, when used with multiple authors, allows unprivileged authors to upload arbitrary media files.
Unspecified vulnerability in Joomla! before 1.0
vulnerability
|
Unspecified
|
before
|
Joomla
|
Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions."
Buffer overflow in the plug-in for Microsoft Wi
Microsoft
|
overflow
|
Windows
|
plug-in
|
Player
|
Buffer
|
Media
|
Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.
Heap-based buffer overflow in the bitmap proces
processing
|
Heap-based
|
Microsoft
|
overflow
|
Windows
|
routine
|
Player
|
buffer
|
bitmap
|
Media
|
Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
Buffer overflow in the Windows Media Format Run
Microsoft
|
overflow
|
Runtime
|
Windows
|
Format
|
Buffer
|
Player
|
Media
|
Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
Unspecified vulnerability in Microsoft Windows
vulnerability
|
Unspecified
|
arbitrary
|
attackers
|
Microsoft
|
execute
|
Windows
|
remote
|
Player
|
allows
|
Media
|
skin
|
file
|
code
|
via
|
Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Windows Media Player Code Execution Vulnerability Decompressing Skins."
Software vulnerabilities results 1 to 20 of 121
Page:
1
2
3
4
5
...
7
►