message software vulnerabilities
vulnerabilities.aspcode.net
Searching message software vulnerabilities
When the Microsoft SMTP service attempts to sen
repeatedly
|
redeliver
|
Microsoft
|
receives
|
attempts
|
service
|
causing
|
message
|
quickly
|
server
|
denial
|
error
|
send
|
SMTP
|
code
|
4xx
|
When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service.
A system does not present an appropriate legal
appropriate
|
accessing
|
message
|
present
|
warning
|
system
|
legal
|
user
|
does
|
not
|
A system does not present an appropriate legal message or warning to a user who is accessing it.
The RC4 stream cipher as used by SSH1 allows re
redundancy
|
attackers
|
message's
|
detection
|
messages
|
original
|
without
|
cyclic
|
XORing
|
stream
|
cipher
|
allows
|
modify
|
remote
|
check
|
SSH1
|
used
|
RC4
|
The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
The IDEA cipher as implemented by SSH1 does not
modification
|
implemented
|
redundancy
|
detection
|
attackers
|
changing
|
message
|
without
|
against
|
protect
|
allows
|
remote
|
cipher
|
cyclic
|
modify
|
check
|
block
|
final
|
which
|
does
|
SSH1
|
IDEA
|
its
|
not
|
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
The Web Folder component for Internet Explorer
injecting
|
arbitrary
|
temporary
|
referring
|
attackers
|
component
|
location
|
Internet
|
Explorer
|
execute
|
message
|
remote
|
Folder
|
writes
|
allows
|
error
|
known
|
which
|
then
|
file
|
code
|
into
|
via
|
Web
|
The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post.
Trend Micro InterScan VirusWall for Windows NT
InterScan
|
VirusWall
|
Windows
|
Trend
|
Micro
|
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message.
SQL injection vulnerability in the "public mess
vulnerability
|
capability
|
injection
|
message"
|
"public
|
SQL
|
SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers obtain the administrator password via the c_mid parameter.
Format string vulnerability in smtp.c for smtp.
vulnerability
|
smtpproxy
|
Format
|
string
|
smtpc
|
Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, which are injected into a syslog message.
Format string vulnerability in the msg command
vulnerability
|
command
|
Format
|
string
|
msg
|
Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.
GUI overlay vulnerability in the Java API in Si
vulnerability
|
unauthorized
|
confirmation
|
overlaying
|
malicious
|
attackers
|
cellular
|
messages
|
overlay
|
message
|
Siemens
|
allows
|
phones
|
remote
|
Java
|
send
|
GUI
|
API
|
SMS
|
S55
|
GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message.
Buffer overflow in the Message Queuing componen
Microsoft
|
component
|
overflow
|
Windows
|
Message
|
Queuing
|
Buffer
|
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.
wp-login.php in WordPress 1.5.1.2 and earlier a
wp-loginphp
|
WordPress
|
wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.
The kernel driver in Prevx Pro 2005 1.0 does no
driver
|
kernel
|
Prevx
|
Pro
|
The kernel driver in Prevx Pro 2005 1.0 does not verify the source of certain messages, which allows local users to bypass protection by sending certain messages to the driver, as demonstrated by sending an "allow" message to bypass a warning message.
Cisco 7940/7960 Voice over IP (VoIP) phones do
7940/7960
|
Voice
|
Cisco
|
over
|
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
Mail.app in Mail for Apple Mac OS X 10.3.9 and
Mailapp
|
Apple
|
Mail
|
Mac
|
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
Mailman 2.1.4 through 2.1.6 allows remote attac
Mailman
|
Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573.
Cross-site scripting (XSS) vulnerability in Azt
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitrary web script or HTML via the message body in a new message.
Cross-site scripting (XSS) vulnerability in gen
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in genmessage.php in Accounting Receiving and Inventory Administration (ARIA) 0.99-6 allows remote attackers to inject arbitrary web script or HTML via the Message Field (message parameter).
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.
Software vulnerabilities results 1 to 20 of 1032
Page:
1
2
3
4
5
...
52
►