Searching potentially software vulnerabilities

Denial of service in AOL Instant Messenger when

potentially | malicious | Messenger | receiving | hyperlink | attacker | causing | service | Instant | client | Denial | system | remote | crash | sends | AOL |

Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash.


SGI MachineInfo CGI program, installed by defau

potentially | information | MachineInfo | activities | sensitive | gathering | attackers | installed | program | default | servers | status | remote | prints | system | could | which | some | used | CGI | web | SGI |

SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.


BMC Patrol component, when installed with Compa

Management | installed | component | Insight | Patrol | Compaq | Agent | BMC |

BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges.


Sendmail before 8.12.1, without the RestrictQue

Sendmail | before |

Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode.


Ipswitch IMail 7.04 and earlier records the phy

Ipswitch | IMail |

Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information.


Outlook Express 6.0, with "Do not allow attachm

attachments | potentially | forwarded | arbitrary | attackers | messages | execute | enabled | Express | Outlook | remote | opened | virus" | allow | which | could | saved | block | email | code | does | not | "Do |

Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.


CGIScript.net csNews.cgi allows remote attacker

configuration | CGIScriptnet | potentially | information | sensitive | csNewscgi | attackers | settings | pathname | messages | database | viewnews | command | invalid | server | remote | allows | obtain | which | leaks | error | other | full | such | via |

CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages.


Information leaks in Cisco VPN 3000 Concentrato

Information | Cisco | leaks | VPN |

Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.


/proc/tty/driver/serial in Linux 2.4.x reveals

/proc/tty/driver/serial | information | potentially | characters | passwords | sensitive | reveals | obtain | serial | number | length | local | users | links | Linux | exact | allow | could | which | such | used | 24x |

/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.


Off-by-one error in certain versions of xfstt a

potentially | connection | Off-by-one | attackers | sensitive | handshake | malformed | versions | server's | response | request | certain | client | allows | memory | remote | which | leaks | xfstt | error | read | via |

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response.


The ext2_make_empty function call in the Linux

ext2_make_empty | function | kernel | before | Linux | call |

The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.


Unknown vulnerability in Information Resource M

vulnerability | Information | Resource | Manager | Unknown |

Unknown vulnerability in Information Resource Manager (IRM) before 1.5.2.1 allows remote attackers has "potentially serious" impact, related to LDAP logins.


The Form Fill feature in Firefox before 1.0.1 a

feature | Firefox | before | Form | Fill |

The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability.


Maxthon 1.2.0 allows remote malicious web sites

Maxthon |

Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.


The web management interface in 3Com TippingPoi

TippingPoint | management | interface | before | Server | 3Com | web | SMS |

The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.


PHP-Stats 0.1.9.1 and earlier allows remote att

PHP-Stats |

PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potentially sensitive information via a direct request to checktables.php, which lists the database table_prefix.


The privoxy configuration file in Tor before 0.

configuration | privoxy | before | file | Tor |

The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information.


Unspecified vulnerability in HP Version Control

vulnerability | Unspecified | Control | Version | before | Agent |

Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain "unauthorized access" to a remote Repository Manager account and potentially gain privileges via unspecified vectors.


index.php in Nwom topsites 3.0 allows remote at

potentially | information | attackers | sensitive | topsites | indexphp | remote | allows | obtain | Nwom | via |

index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information via a ' (quote) character in the o parameter, which forces a SQL error.


wp-login.php in WordPress allows remote attacke

authenticated | redirect_to | wp-loginphp | potentially | information | parameter | sensitive | attackers | WordPress | websites | redirect | allows | remote | obtain | users | other | via |

wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.


Software vulnerabilities results 1 to 20 of 57     
Page: 123