operators software vulnerabilities
vulnerabilities.aspcode.net
Searching operators software vulnerabilities
Internet Explorer 4 allows remote attackers (ma
attackers
|
Explorer
|
Internet
|
remote
|
allows
|
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
WircSrv IRC Server 5.07s allows IRC operators t
importmotd
|
operators
|
arbitrary
|
command
|
WircSrv
|
Message
|
allows
|
Server
|
which
|
files
|
507s
|
sets
|
read
|
Day
|
IRC
|
via
|
WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file.
The ixsso.query ActiveX Object is marked as saf
determines
|
ixssoquery
|
operators
|
scripting
|
malicious
|
existence
|
visiting
|
remotely
|
Windows
|
ActiveX
|
script
|
marked
|
Object
|
allows
|
files
|
which
|
embed
|
safe
|
site
|
web
|
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.
The Extended Control List (ECL) feature of the
Extended
|
Control
|
List
|
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.
Internet Explorer 5.5 and earlier does not prop
vulnerability
|
Verification"
|
information
|
operators
|
different
|
Explorer
|
Internet
|
properly
|
browser
|
certain
|
earlier
|
variant
|
sending
|
"Frame
|
client
|
within
|
window
|
verify
|
domain
|
allows
|
remote
|
frame
|
local
|
which
|
files
|
does
|
read
|
site
|
not
|
web
|
aka
|
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability.
Internet Explorer 5.5 and earlier does not prop
MSScriptControlScriptControl
|
vulnerability
|
Verification"
|
information
|
operators
|
different
|
GetObject
|
Explorer
|
Internet
|
properly
|
certain
|
variant
|
earlier
|
sending
|
browser
|
client
|
within
|
window
|
verify
|
domain
|
allows
|
remote
|
"Frame
|
using
|
local
|
files
|
which
|
frame
|
site
|
does
|
read
|
not
|
aka
|
web
|
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability.
Microsoft Internet Explorer 6.0 and earlier all
malicious
|
operators
|
Microsoft
|
Internet
|
Explorer
|
service
|
website
|
earlier
|
denial
|
allows
|
cause
|
Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location.
BEA WebLogic Server and Express, when using Nod
NodeManager
|
privileges
|
Operators
|
overwrite
|
passwords
|
usernames
|
provides
|
Operator
|
WebLogic
|
Express
|
servers
|
Server
|
Admin
|
which
|
allow
|
start
|
using
|
users
|
gain
|
BEA
|
may
|
BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges.
mod_channel in The Ignition Project ignitionSer
ignitionServer
|
mod_channel
|
Ignition
|
Project
|
mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not allow protected operators to access channels that have been locked out by a key, which allows IRC users to cause a denial of service.
ircu 2.10.12.01 allows remote attackers to (1)
ircu
|
ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining two channels with certain long names that differ in the final character, which triggers a protocol violation and (2) cause a denial of service (daemon crash) via a "J 0:#channel" message on a channel without an apass; and (3) allows remote authenticated operators to cause a denial of service (daemon crash) via a remote "names -D" command.
ircu 2.10.12.05 and earlier does not properly s
ircu
|
ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops.
Software vulnerabilities results 1 to 12 of 12
Page:
1