Searching persistent software vulnerabilities

TCP, when using a large Window Size, makes it e

attackers | sequence | numbers | service | remote | denial | easier | Window | large | cause | using | guess | makes | Size | TCP |

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.


Zero G Software InstallAnywhere 5.0.6, 5.0.7, a

InstallAnywhere | Software | Zero |

Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files.


Opera before 8.51, when running on Windows with

before | Opera |

Opera before 8.51, when running on Windows with Input Method Editor (IME) installed, allows remote attackers to cause a denial of service (persistent application crash) by bookmarking a site with a long title.


The cairo library (libcairo), as used in GNOME

library | cairo |

The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.


Buffer overflow in certain versions of South Ri

overflow | versions | certain | Buffer | River | South |

Buffer overflow in certain versions of South River (aka SRT) WebDrive, possibly version 6.08 build 1131 and version 8, allows remote attackers to cause a denial of service (application crash and persistent erratic behavior) via a long string in the name entry field.


Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8,

addressbook" | Evolution | attackers | enabled | service | allows | remote | denial | sender | images | cause | "load | GNOME | 23x | 22x |

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used.


Ultimate PHP Board (UPB) 1.9.6 and earlier allo

Ultimate | Board | PHP |

Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions.


MySQL before 4.1.13 allows local users to cause

before | MySQL |

MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.


Stack-based buffer overflow in the animated cur

Stack-based | Microsoft | animated | overflow | Windows | buffer | cursor | code |

Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.


The Bonjour functionality in mDNSResponder, iCh

mDNSResponder | functionality | Bonjour | iChat |

The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key.


The Bonjour functionality in iChat in Apple Mac

functionality | Bonjour | Apple | iChat | Mac |

The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.


Unspecified kernel GDI functions in Microsoft W

Unspecified | functions | Microsoft | Windows | kernel | GDI |

Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560.


Unspecified vulnerability in Microsoft Windows

vulnerability | Unspecified | Microsoft | Windows |

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.


The form autocomplete feature in Mozilla Firefo

autocomplete | Mozilla | Firefox | feature | before | form | 15x |

The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form.


The GDM daemon in GNOME Display Manager (GDM) b

Display | Manager | daemon | GNOME | GDM |

The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of service (persistent daemon crash) via a crafted command to the daemon's socket, related to (1) gdm.c and (2) gdmconfig.c in daemon/, and (3) gdmconfig.c and (4) gdmflexiserver.c in gui/.


Heap-based buffer overflow in the Visionsoft Au

Visionsoft | Heap-based | overflow | Service | Demand | buffer | Audit |

Heap-based buffer overflow in the Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service (persistent daemon crashes) or execute arbitrary code via a long filename in a "LOG." command.


Windows Calendar on Microsoft Windows Vista all

Microsoft | attackers | Calendar | Windows | service | denial | allows | remote | Vista | cause |

Windows Calendar on Microsoft Windows Vista allows remote attackers to cause a denial of service (NULL dereference and persistent application crash) via a malformed ICS file.


Software vulnerabilities results 1 to 18 of 18     
Page: 1