model software vulnerabilities

Searching model software vulnerabilities

The URLConnection function in MacOS Runtime Jav

The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.

Internet Explorer 5.5 and 6.0 allows remote att

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."

Heap-based buffer overflow in the Distributed C

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.

Microsoft Word 2002, 2000, 97, and 98(J) does n

Microsoft | Word |

Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.

Heap-based buffer overflow in the Distributed C

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.

Microsoft Excel 97, 2000, and 2002 allows remot

Microsoft | Excel |

Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.

Sun Java Runtime Environment (JRE) and SDK 1.4.

Environment | Runtime | Java | Sun |

Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.

Internet Explorer 6 allows remote attackers to

Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model (DOM) methods in the DHTML Dynamic HTML (DHTML) Editing Component (DEC) and Javascript that calls showModalDialog.

The scripts that handle players in Kreed 1.05 a

players | scripts | handle | Kreed |

The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game.

Firefox 1.0 does not invoke the Javascript Secu

Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."

Cross-site scripting (XSS) vulnerability in Gal

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.

Cross-site scripting (XSS) vulnerability in php

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.

Cross-site scripting (XSS) vulnerability in YaP

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.

Cross-site scripting (XSS) vulnerability in Pho

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.

Multiple buffer overflows in the receiver funct

Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields.

3Com Baseline Switch 2848-SFP Plus Model #3C164

3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before 1.0.2.0 allows remote attackers to cause a denial of service (unstable operation) via long DHCP packets.

Mozilla Firefox before 1.5.0.7 and SeaMonkey be

Firefox | Mozilla | before |

Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks.

The Avaya 4602SW IP Phone (Model 4602D02A) with

4602SW | Phone | Avaya |

The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact.

The Avaya 4602 SW IP Phone (Model 4602D02A) wit

Avaya |

The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp).

CA ERwin Data Model Validator (formerly AllFusi

Validator | Model | ERwin | Data |

CA ERwin Data Model Validator (formerly AllFusion Data Model Validator) allows remote attackers to (1) cause a denial of service (application hang) via a malformed .EXP database file and (2) cause a denial of service (aaplication crash) via a crafted .EXP database file, which triggers a NULL dereference.

Software vulnerabilities results 1 to 20 of 37

Page: 12 ►

model software vulnerabilities

vulnerabilities.aspcode.net

Searching model software vulnerabilities