objects software vulnerabilities
vulnerabilities.aspcode.net
Searching objects software vulnerabilities
The installation of Novell Netware NDS 5.99 pro
installation
|
Netware
|
Novell
|
NDS
|
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.
Microsoft Internet Explorer 5.01, 5.5 and 6.0 t
Microsoft
|
Explorer
|
Internet
|
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.
Net-SNMP before 5.0.9 allows a user or communit
Net-SNMP
|
before
|
Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.
Business Objects WebIntelligence 2.7.0 through
WebIntelligence
|
Business
|
Objects
|
Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client.
Unknown vulnerability in ColdFusion MX 6.0 and
vulnerability
|
ColdFusion
|
attackers
|
argument
|
expects
|
objects
|
service
|
Unknown
|
allows
|
remote
|
denial
|
array
|
cause
|
JRun
|
SOAP
|
web
|
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
Unknown vulnerability in Sun Java System Applic
vulnerability
|
Application
|
attackers
|
argument
|
service
|
earlier
|
expects
|
objects
|
Unknown
|
System
|
denial
|
allows
|
remote
|
Update
|
Server
|
array
|
cause
|
Java
|
SOAP
|
Sun
|
web
|
Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
Microsoft Windows Internet Explorer 5.5 and 6.0
attackers
|
arbitrary
|
Microsoft
|
Internet
|
shortcut
|
embedded
|
Explorer
|
objects
|
execute
|
Windows
|
script
|
Helper
|
allows
|
remote
|
Shell
|
code
|
uses
|
via
|
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
The publisher handler for mod_python 2.7.8 and
mod_python
|
publisher
|
handler
|
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
The DIRECTORY objects in Oracle 8i through Orac
information
|
privileges
|
sensitive
|
operating
|
DIRECTORY
|
location
|
specific
|
objects
|
through
|
contain
|
object
|
obtain
|
allows
|
system
|
Oracle
|
which
|
users
|
read
|
10g
|
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information.
Unknown vulnerability in Groove Virtual Office
vulnerability
|
Virtual
|
Unknown
|
before
|
Office
|
Groove
|
build
|
Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects.
Firefox before 1.0.5 and Mozilla before 1.7.9 d
Firefox
|
before
|
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.
Polygen before 1.0.6 generates precompiled gram
Polygen
|
before
|
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service (disk consumption) and possibly perform other unauthorized activities.
Firefox before 1.0.7 and Mozilla Suite before 1
Firefox
|
before
|
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
Py2Play allows remote attackers to execute arbi
attackers
|
arbitrary
|
unpickles
|
executes
|
objects
|
pickled
|
execute
|
Py2Play
|
remote
|
allows
|
Python
|
which
|
code
|
via
|
Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes.
Tofu 0.2 allows remote attackers to execute arb
attackers
|
arbitrary
|
unpickles
|
executes
|
pickled
|
crafted
|
execute
|
objects
|
Python
|
allows
|
remote
|
which
|
Tofu
|
code
|
via
|
Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.
Race condition in Microsoft Internet Explorer a
drag-and-drop
|
user-assisted
|
re-focusing
|
predicting
|
performing
|
overwrite
|
malicious
|
arbitrary
|
Microsoft
|
condition
|
attackers
|
Internet
|
tricking
|
possibly
|
Explorer
|
objects
|
certain
|
execute
|
window
|
within
|
folder
|
allows
|
action
|
files
|
drag
|
then
|
view
|
user
|
code
|
Race
|
file
|
such
|
into
|
Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and re-focusing to a malicious window.
QDBM before 1.8.33-r2 allows local users in the
privileges
|
directory
|
temporary
|
increase
|
allowing
|
1833-r2
|
runtime
|
objects
|
portage
|
object
|
loaded
|
search
|
allows
|
before
|
shared
|
users
|
local
|
added
|
group
|
build
|
which
|
QDBM
|
path
|
via
|
QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.
GDAL before 1.3.0-r1 allows local users in the
privileges
|
directory
|
temporary
|
increase
|
allowing
|
runtime
|
portage
|
objects
|
object
|
search
|
loaded
|
shared
|
allows
|
130-r1
|
before
|
added
|
local
|
build
|
group
|
which
|
users
|
GDAL
|
path
|
via
|
GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.
KarjaSoft Sami HTTP Server 2.0.1 allows remote
KarjaSoft
|
Server
|
HTTP
|
Sami
|
KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service (daemon hang) via a large number of requests for nonexistent objects.
Use-after-free vulnerability in Microsoft Inter
Use-after-free
|
vulnerability
|
Microsoft
|
Explorer
|
Internet
|
Windows
|
Server
|
SP2
|
Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946.
Software vulnerabilities results 1 to 20 of 92
Page:
1
2
3
4
5
►