Searching one software vulnerabilities

Microsoft NetMeeting 2.1 allows one client to r

NetMeeting | clipboard | Microsoft | contents | client's | another | allows | CTRL-C | client | empty | read | chat | box | one | via |

Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty.


BroadVision One-To-One Enterprise allows remote

BroadVision | requesting | Enterprise | One-To-One | determine | attackers | physical | server | allows | remote | exist | files | name | does | path | file | not | JSP |

BroadVision One-To-One Enterprise allows remote attackers to determine the physical path of server files by requesting a .JSP file name that does not exist.


keyinit in S/Key does not require authenticatio

authentication | initialize | privileges | activities | passwords | password | attacker | sequence | one-time | keyinit | account | require | gained | create | allows | which | S/Key | other | does | user | such | sudo | may | has | not | use | new |

keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.


Netopia Timbuktu Pro 6.0.1 and earlier allows r

Timbuktu | Netopia | Pro |

Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a series of connections to one of the ports (1417 - 1420).


Off-by-one error in the CodeBrws.asp sample scr

CodeBrwsasp | containing | extensions | additional | Off-by-one | attackers | character | Microsoft | source | script | sample | remote | allows | files | error | after | aspx | such | html | view | code | inc | IIS | one | htm | asp |

Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.


Videsh Sanchar Nigam Limited (VSNL) Integrated

Limited | Sanchar | Videsh | Nigam |

Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry key, which allows local users to obtain and decrypt the password.


SQL injection vulnerability in one||zero (aka O

vulnerability | one||zero | injection | SQL |

SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.


one||zero (aka One or Zero) Helpdesk 1.4 rc4 al

one||zero |

one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.


Unknown vulnerability in ns-ldapd for Sun ONE D

vulnerability | Directory | ns-ldapd | Unknown | Server | Sun | ONE |

Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt).


Jetbox One 2.0.8 and possibly other versions st

Jetbox | One |

Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information.


Multiple buffer overflows in Cyrus IMAPd before

overflows | Multiple | before | buffer | IMAPd | Cyrus |

Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.


Off-by-one error in the mod_ssl Certificate Rev

Certificate | Revocation | Off-by-one | mod_ssl | error | List |

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.


Unknown vulnerability in Sun ONE Application Se

vulnerability | Application | Maintenance | attackers | Unknown | earlier | allows | Update | Server | files | read | Sun | ONE | SP1 |

Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files.


Off-by-one error in Pegasus Mail 4.21a through

Off-by-one | arbitrary | attackers | triggers | overflow | one-byte | message | execute | through | Pegasus | header | buffer | remote | allows | 430PB1 | which | email | error | Mail | 421c | code | 421a | long | via |

Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message header, which triggers a one-byte buffer overflow.


Unspecified vulnerability in HP PSC 1210 All-in

vulnerability | Unspecified | PSC |

Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.


Off-by-one error in the OID printing routine in

Off-by-one | printing | Ethereal | routine | error | 010x | OID |

Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.


Multiple off-by-one errors in src/text.c in Vil

Vilistextum | off-by-one | src/textc | Multiple | before | errors |

Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors.


The channel driver in Asterisk before 1.2.17 an

Asterisk | channel | before | driver |

The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.


OpenSSH, when using OPIE (One-Time Passwords in

OpenSSH | using | OPIE |

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.


Off-by-one error in the SSL_get_shared_ciphers

SSL_get_shared_ciphers | Off-by-one | attackers | arbitrary | underflow | function | triggers | one-byte | execute | crafted | OpenSSL | buffer | packet | remote | error | allow | might | 097l | code | 098d | via |

Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7l and 0.9.8d might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738.


Software vulnerabilities results 1 to 20 of 233     
Page: 12345...12