normally software vulnerabilities
vulnerabilities.aspcode.net
Searching normally software vulnerabilities
Control Panel "Password Security" option for Ap
inaccessible
|
aaaaaaaAPWD
|
Powerbooks
|
emergency
|
attackers
|
Security"
|
"Password
|
physical
|
password
|
normally
|
security
|
booting
|
startup
|
machine
|
Control
|
on/off
|
modify
|
option
|
toggle
|
editor
|
access
|
bypass
|
allows
|
Panel
|
which
|
Apple
|
using
|
disk
|
file
|
Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible.
The rendering engine in Internet Explorer deter
independently
|
automatically
|
determines
|
scripting
|
specified
|
rendering
|
normally
|
Explorer
|
Internet
|
servers
|
support
|
execute
|
server
|
script
|
placed
|
remote
|
allows
|
engine
|
whose
|
which
|
MIME
|
text
|
such
|
does
|
file
|
type
|
not
|
The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc.
The shared memory scoreboard in the HTTP daemon
scoreboard
|
daemon
|
Apache
|
before
|
memory
|
shared
|
HTTP
|
13x
|
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Buffer overflow in htdigest in Apache 1.3.26 an
htdigest
|
overflow
|
Apache
|
Buffer
|
Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
Adobe Reader 6.0 does not properly handle null
characters
|
components
|
triggering
|
splitting
|
arbitrary
|
attackers
|
extension
|
properly
|
overflow
|
filename
|
normally
|
handled
|
execute
|
remote
|
buffer
|
Reader
|
handle
|
allows
|
which
|
Adobe
|
null
|
does
|
long
|
path
|
code
|
file
|
into
|
via
|
not
|
Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.
A design error in the IEEE1394 specification al
specification
|
FireWire/IEEE
|
sensitive
|
attackers
|
physical
|
IEEE1394
|
modified
|
memory
|
device
|
allows
|
design
|
access
|
error
|
using
|
write
|
read
|
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allowed to add HTML by other means, e.g. through Smarty templates, then this issue would not give any additional privileges, and thus would not be considered a vulnerability.
Stack-based buffer overflow in pads.c in Passiv
Stack-based
|
Detection
|
overflow
|
Passive
|
buffer
|
System
|
padsc
|
Asset
|
Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability.
BugPort before 1.099 stores its configuration f
BugPort
|
before
|
BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information.
Buffer overflow in XBoard 4.2.7 and earlier mig
overflow
|
XBoard
|
Buffer
|
Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
Buffer overflow in htdigest in Apache 2.0.52 ma
htdigest
|
overflow
|
Apache
|
Buffer
|
Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
The browser user interface in Firefox before 1.
interface
|
Firefox
|
browser
|
before
|
user
|
The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user.
Multiple interpretation error in ArcaVir 2005 p
interpretation
|
Multiple
|
ArcaVir
|
error
|
Multiple interpretation error in ArcaVir 2005 package 2005-06-21 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
verify.php in FlatNuke 2.5.6 allows remote auth
verifyphp
|
FlatNuke
|
verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability.
Buffer overflow in Electric Sheep 2.6.3 client
Electric
|
overflow
|
Buffer
|
Sheep
|
Buffer overflow in Electric Sheep 2.6.3 client allows local users to execute arbitrary code via a long window-id parameter. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
Format string vulnerability in /bin/ftp in UNIC
vulnerability
|
/bin/ftp
|
UNICOS
|
string
|
Format
|
Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allo
SquirrelMail
|
webmailphp
|
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS.
Untrusted search path vulnerability in opcontro
vulnerability
|
opcontrol
|
Untrusted
|
OProfile
|
search
|
path
|
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing opcontrol using sudo. In such a context, this is a vulnerability.
3Com Switch SS3 4400 switches, firmware 5.11, 6
Switch
|
3Com
|
SS3
|
3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned.
Pi3Web Web Server 2.0.3 PL1 allows remote attac
Server
|
Pi3Web
|
Web
|
Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a "clean" exit in which "the server I/O loop finishes and the process exits normally."
Software vulnerabilities results 1 to 20 of 52
Page:
1
2
3
►