Searching method software vulnerabilities

The default encryption method of PcAnywhere 9.x

PcAnywhere | encryption | attackers | accounts | decrypt | default | remote | method | domain | allows | sniff | which | uses | weak |

The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.


upgrade.php3 in Phorum 3.0.7 could allow remote

upgradephp3 | Phorum |

upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method.


Digital Creations Zope 2.3.1 b1 and earlier con

Creations | Digital | Zope |

Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet.


Microsoft Office Web Components (OWC) 2000 and

Components | Microsoft | Office | Web |

Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.


The loadClass method of the sun.applet.AppletCl

sunappletAppletClassLoader | loadClass | Virtual | Machine | method | class | Java |

The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.


Safari in Mac OS X before 10.3.5, after sending

before | Safari | Mac |

Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak.


The SimpleXMLRPCServer library module in Python

SimpleXMLRPCServer | library | before | Python | module |

The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes.


The InstallTrigger.install method in Firefox be

InstallTriggerinstall | Firefox | before | method |

The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation.


The ActiveX control for NateOn Messenger (Nateo

Messenger | control | ActiveX | NateOn |

The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to download and execute arbitrary programs by setting the arguments to the GotNate.Excute method.


Panda ActiveScan 5.53.00, and other versions be

ActiveScan | Panda |

Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control.


Acer Notebook LunchApp.APlunch ActiveX control

LunchAppAPlunch | attackers | arbitrary | Notebook | commands | execute | ActiveX | control | calling | method | allows | remote | Acer | Run |

Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.


The Method method in WikkaWiki (Wikka Wiki) bef

WikkaWiki | Method |

The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the strstr and strrpos functions with the wrong argument order, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files.


The DWUpdateService ActiveX control in the agen

DWUpdateService | control | ActiveX | agent |

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.


Multiple buffer overflows in an ActiveX control

overflows | Multiple | control | ActiveX | buffer |

Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.


The TEC-IT TBarCode OCX ActiveX control (TBarCo

TBarCode | ActiveX | control | TEC-IT | OCX |

The TEC-IT TBarCode OCX ActiveX control (TBarCode7.ocx) 7.0.2.3524 allows remote attackers to overwrite arbitrary files via the SaveImage method.


Absolute path traversal vulnerability in the Ch

ChilkatZip2dll | vulnerability | traversal | Software | Absolute | ActiveX | control | Chilkat | path | Zip |

Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveLastError method and probably the (2) WriteExe method.


The Data Dynamics ActiveBar ActiveX control (ac

ActiveBar | Dynamics | ActiveX | control | Data |

The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.1 and earlier allows remote attackers to create or overwrite files via a full pathname in (1) the second argument to the Save method, or the first argument to the (2) SaveLayoutChanges or (3) SaveMenuUsageData method.


Multiple heap-based buffer overflows in GlobalL

GlobalLink | heap-based | overflows | Multiple | buffer |

Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.


Absolute directory traversal vulnerability in a

vulnerability | traversal | directory | Absolute | Support | Library | control | certain | ActiveX | VSI |

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.


Multiple buffer overflows in a certain ActiveX

CryptoXdll | arbitrary | Component | attackers | overflows | Multiple | execute | earlier | ActiveX | certain | control | buffer | remote | Crypto | Ultra | allow | code | via |

Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method.


Software vulnerabilities results 1 to 20 of 260     
Page: 12345...14