Searching os 2 software vulnerabilities

Vulnerability in crp in Hewlett Packard Apollo

Vulnerability | privileges | attackers | insecure | through | Hewlett | Packard | remote | system | allows | Domain | Apollo | calls | SR103 | SR10 | gain | root | crp | via |

Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().


NetInfo Manager for Mac OS X 10.0 through 10.1

Manager | NetInfo | Mac |

NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.


Argument injection vulnerability in the SSH URI

vulnerability | injection | Argument | handler | Safari | Mac | SSH | URI |

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.


Integer overflow in pnen3260.dll in RealPlayer

pnen3260dll | RealPlayer | overflow | through | Integer |

Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow.


The Macromedia installers and e-licensing clien

AuthenticationService | e-licensing | Dreamweaver | privileges | Contribute | installers | Macromedia | Fireworks | modifying | Director | writable | program | install | client | allows | Studio | setuid | local | which | Flash | other | users | used | gain | Mac |

The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program.


The (1) stopserver.sh and (2) startserver.sh sc


The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.


Unknown vulnerability in Mac OS X 10.3.9 allows

vulnerability | Unknown | Mac |

Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."


Apple Mac OS X 10.4.x up to 10.4.1 sets insecur

Apple | 104x | Mac |

Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions."


Race condition in Java 1.4.2 before 1.4.2 Relea

condition | Java | Race |

Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due a symlink attack.


Unspecified vulnerability in Java 1.4.2 before

vulnerability | Unspecified | Java |

Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives."


Java 1.4.2 before 1.4.2 Release 2 on Apple Mac

Java |

Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket, which allows local users to operate a Java program that intercepts network data intended for the ServerSocket of a different Java program.


Unspecified vulnerability in the Mailbox Server

vulnerability | Unspecified | WebStar | Mailbox | before | Server |

Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2.


Integer underflow in CoreFoundation in Apple Ma

CoreFoundation | underflow | Integer | Apple | Mac |

Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions.


Multiple unspecified vulnerabilities in BOMArch

BOMArchiveHelper | vulnerabilities | user-assisted | unspecified | attackers | Multiple | service | remote | denial | cause | allow | Mac |

Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer".


Buffer overflow in the glob implementation (glo

implementation | overflow | Buffer | glob |

Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before Wednesday, September 14, 2005, NetBSD 2.* and 3.* before Sunday, December 03, 2006, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.


Format string vulnerability in Apple Software U

vulnerability | Software | Update | string | Format | Apple |

Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in (1) SWUTMP or (2) SUCATALOG filenames, or using the (3) application/x-apple.sucatalog+xml MIME type.


Format string vulnerability in Apple Installer

vulnerability | Installer | Format | string | Apple |

Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.


The Find feature in Palm OS Treo smart phones o

information | attackers | sensitive | operates | password | physical | despite | feature | allows | access | obtain | phones | system | smart | which | Find | lock | Treo | Palm |

The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.


The command line administration interface in Da

administration | interface | command | Domain | before | line | Data |

The command line administration interface in Data Domain OS before 4.0.3.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in certain arguments to various commands, as demonstrated by the interface argument to the (1) ifconfig and (2) ping commands.


Heap-based buffer overflow in kde.dll in IBM Ti

Monitoring | Heap-based | overflow | Express | Tivoli | buffer | kdedll | IBM |

Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.


Software vulnerabilities results 1 to 20 of 5908     
Page: 12345...296