Searching originally software vulnerabilities

Variant of the "IIS Cross-Site Scripting" vulne

vulnerability | Scripting" | originally | Cross-Site | discussed | Variant | "IIS |

Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site.


Directory traversal vulnerability in Simple Ser

vulnerability | Directory | traversal | Server | Simple | HTTPd |

Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.


tac_plus Tacacs+ daemon F4.0.4.alpha, originall

world-readable | permissions | originally | maintained | accounting | sensitive | directive | F404alpha | writable | tac_plus | Tacacs+ | creates | allows | access | modify | daemon | files | Cisco | which | local | users |

tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.


The design of the Internet Key Exchange (IKE) p

Exchange | Internet | design | Key |

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.


HelpViewer in Mac OS X 10.3.3 and 10.2.8 proces

HelpViewer | Mac |

HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler.


The e1000 driver for Linux kernel 2.4.26 and ea

kernel | driver | e1000 | Linux |

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.


Linux kernel 2.4.x and 2.6.x for x86 allows loc

service | allows | denial | kernel | users | cause | Linux | local | 26x | x86 | 24x |

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.


Buffer overflow in LHA allows remote attackers

CVE-2004-0771 | demonstrated | exploitable | originally | arbitrary | pathnames | different | attackers | overflow | headerc | headers | through | archive | execute | allows | option | remote | Buffer | format | LHarc | fixed | issue | using | than | long | code | also | LHA | LHZ | via | "l" | but | "x" | "v" |

Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.


Heap-based buffer overflow in Internet Explorer

Heap-based | attackers | arbitrary | Explorer | overflow | Internet | execute | buffer | allows | remote | long | code | via |

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."


Firefox before 1.0 and Mozilla before 1.7.5 all

Mozilla | Firefox | before |

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.


rufsi.dll in Symantec Virus Detection allows re

attackers | Detection | rufsidll | Symantec | service | denial | allows | remote | Virus | cause |

rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported as a buffer overflow, but that specific claim is disputed by the vendor, although a crash is acknowledged.


Buffer overflow in the spa_base64_to_bits funct

spa_base64_to_bits | function | overflow | before | Buffer | Exim |

Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.


Symantec AntiVirus 9 Corporate Edition allows l

re-introduction | vulnerability | CVE-2002-1540 | originally | privileges | identified | AntiVirus | Corporate | addressed | viruses" | launches | Symantec | Edition | window | raised | allows | option | local | which | "Scan | users | help | gain | via |

Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540.


Cross-site scripting (XSS) vulnerability in per

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver 1.x allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: this issue was originally disputed by the vendor, but it has since been acknowledged.


Multiple SQL injection vulnerabilities in show.

vulnerabilities | injection | arbitrary | attackers | commands | BirthSys | variable | Multiple | execute | showphp | $month | remote | allow | SQL | via |

Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 allow remote attackers to execute arbitrary SQL commands via the $month variable. NOTE: a vector regarding the $date parameter and data.php (date.php) was originally reported, but this appears to be in error.


Cross-site scripting (XSS) vulnerability in qto

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php.


Unspecified vulnerability in the NCPENGINE in N

vulnerability | Unspecified | eDirectory | NCPENGINE | Novell |

Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan.


Rigter Portal System (RPS) 1.0, 2.0, and 3.0 al

System | Portal | Rigter |

Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to add arbitrary content and conduct XSS attacks via a direct request to add_art.php. NOTE: this issue was originally reported as SQL injection, but this is not likely.


Buffer overflow in kern/uipc_mbuf2.c in OpenBSD

kern/uipc_mbuf2c | fragmented | "incorrect | attackers | arbitrary | packets" | overflow | handling | packets | OpenBSD | execute | Buffer | allows | remote | ICMP6 | mbuf | code | IPv6 | due | via |

Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.


GlowWorm FW before 1.5.3b4 allows remote attack

attackers | GlowWorm | service | denial | remote | before | allows | 153b4 | cause |

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses.


Software vulnerabilities results 1 to 20 of 93     
Page: 12345