Searching platforms software vulnerabilities

SystemSoft SystemWizard package in HP Pavilion

SystemWizard | references | SystemSoft | operating | scripting | arbitrary | malicious | platforms | attackers | controls | commands | Pavilion | possibly | installs | execute | Windows | package | ActiveX | systems | remote | marked | allows | other | which | page | safe | web | via | two |

SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control.


OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and

representations | 097-beta2 | arbitrary | attackers | platforms | possibly | integers | properly | service | earlier | OpenSSL | execute | denial | handle | cause | allow | which | ASCII | could | 096d | code | does | not | bit |

OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.


Directory traversal vulnerability in search eng

vulnerability | Enterprise | attackers | platforms | Directory | traversal | arbitrary | Netscape | running | Windows | iPlanet | remote | allows | search | engine | server | files | read | SP2 | via | SP9 | web |

Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.


Unknown vulnerability in the AUTH_DES authentic

authentication | vulnerability | AUTH_DES | Solaris | Unknown | RPC |

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.


Unknown vulnerability in the HSQLDB component i

vulnerability | component | Unknown | HSQLDB | JBoss |

Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.


Unknown vulnerability in SunOne/iPlanet Web Ser

SunOne/iPlanet | vulnerability | platforms | attackers | through | Windows | service | Unknown | remote | denial | allows | Server | cause | Web | SP3 | SP5 |

Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service.


Apache 1.4.x before 1.3.30, and 2.0.x before 2.

before | Apache | 14x |

Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."


PHP before 4.3.7 on Win32 platforms does not pr

before | PHP |

PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function.


distcc before 2.16, when running on 64-bit plat

before | distcc |

distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions.


OpenBSD 3.3 and 3.4 does not properly parse Acc

restrictions | big-endian | attackers | platforms | netmasks | properly | without | OpenBSD | SPARC64 | bypass | access | remote | Accept | 64-bit | allow | parse | rules | which | such | does | Deny | not | may |

OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions.


The firmware for Intelligent Platform Managemen

Intelligent | Management | Interface | firmware | Platform |

The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.


rdesktop 1.3.1 with xscreensaver 4.14, and poss

rdesktop |

rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.


Integer overflow in the stralloc_readyplus func

stralloc_readyplus | arbitrary | attackers | platforms | overflow | possibly | function | Integer | virtual | service | request | running | execute | denial | memory | amount | allows | remote | qmail | large | cause | SMTP | code | bit | via |

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.


Linux 2.6.11 on 64-bit x86 (x86_64) platforms d

Linux |

Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.


Unspecified vulnerability in HP-UX B.11.23 on I

vulnerability | Unspecified | "specific | platforms | service | Itanium | denial | allows | size" | stack | local | B1123 | HP-UX | cause | users | due |

Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."


BMC Software Control-M 6.1.03 for Solaris, and

Control-M | Software | BMC |

BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files.


Linux kernel 2.6.17 and earlier, when running o

kernel | Linux |

Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries.


Unspecified vulnerability in portable OpenSSH b

"authentication | vulnerability | Unspecified | determine | attackers | involving | usernames | platforms | validity | portable | vectors | unknown | OpenSSH | running | GSSAPI | allows | remote | abort" | before | some | via |

Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."


The CUPS service on multiple platforms allows r

platforms | attackers | multiple | service | denial | remote | allows | cause | CUPS |

The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.


Red Hat Enterprise Linux 4 does not properly co

tcp_wrappers | restrictions | Enterprise | attackers | platforms | properly | intended | compile | access | remote | bypass | x86_64 | allow | Linux | might | which | link | does | Red | Hat | gdm | not |

Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions.


Software vulnerabilities results 1 to 20 of 44     
Page: 123