prevent software vulnerabilities
vulnerabilities.aspcode.net
Searching prevent software vulnerabilities
Denial of service in Linux 2.0.36 allows local
service
|
Denial
|
Linux
|
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.
Linux 2.0.34 does not properly prevent users fr
Linux
|
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.
Microsoft Windows XP allows local users to prev
explorerexemanifest
|
Microsoft
|
prevent
|
booting
|
corrupt
|
Windows
|
allows
|
system
|
users
|
local
|
file
|
via
|
Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.
saned in sane-backends 1.0.7 and earlier, when
sane-backends
|
saned
|
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
Microsoft Windows 2000, when running in a domai
Microsoft
|
Windows
|
Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.
Safari 1.2.2 does not properly prevent a frame
Safari
|
Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Unknown vulnerability in redhat-config-nfs befo
redhat-config-nfs
|
vulnerability
|
Unknown
|
before
|
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.
Kaspersky 3.x to 4.x allows remote attackers to
compressed
|
protection
|
antivirus
|
attackers
|
Kaspersky
|
prevent
|
headers
|
opened
|
global
|
target
|
remote
|
allows
|
bypass
|
system
|
which
|
being
|
local
|
file
|
both
|
zero
|
does
|
via
|
not
|
set
|
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
RAV antivirus allows remote attackers to bypass
protection
|
compressed
|
attackers
|
antivirus
|
headers
|
prevent
|
global
|
opened
|
remote
|
allows
|
system
|
target
|
bypass
|
which
|
being
|
local
|
zero
|
both
|
file
|
does
|
via
|
RAV
|
not
|
set
|
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
passwd 0.68 does not check the return code for
passwd
|
passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
Unquoted Windows search path vulnerability in B
vulnerability
|
BitDefender
|
malicious
|
starting
|
Unquoted
|
creating
|
prevent
|
Windows
|
allows
|
search
|
users
|
local
|
path
|
Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.
Squid 2.5 STABLE9 and earlier, when the DNS cli
environment
|
unfiltered
|
attackers
|
spoofing
|
STABLE9
|
prevent
|
lookups
|
earlier
|
allows
|
remote
|
client
|
spoof
|
Squid
|
port
|
does
|
DNS
|
not
|
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
The send_pinentry_environment function in asshe
send_pinentry_environment
|
pinentry
|
properly
|
asshelpc
|
function
|
certain
|
options
|
signing
|
prevent
|
S/MIME
|
causes
|
handle
|
being
|
found
|
Linux
|
which
|
gpg2
|
fail
|
does
|
SUSE
|
not
|
can
|
The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail.
xattr.c in the ext2 and ext3 file system code f
name_index
|
properly
|
compare
|
sharing
|
applied
|
default
|
prevent
|
fields
|
system
|
blocks
|
kernel
|
xattrc
|
being
|
could
|
which
|
xattr
|
Linux
|
ext2
|
does
|
ACLs
|
file
|
code
|
ext3
|
not
|
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
OpenOffice.org 2.0 and earlier, when hyperlinks
OpenOfficeorg
|
WWW-browser
|
hyperlinks
|
attackers
|
bypassing
|
Hyperlink
|
clicking
|
security
|
settings
|
disabled
|
intended
|
earlier
|
prevent
|
easier
|
dialog
|
button
|
trick
|
which
|
makes
|
does
|
been
|
user
|
into
|
has
|
not
|
OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings.
Unspecified vulnerability in Sun Solaris 8, 9,
vulnerability
|
Unspecified
|
Solaris
|
before
|
Sun
|
Unspecified vulnerability in Sun Solaris 8, 9, and 10 before Monday, September 25, 2006 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.
Unspecified versions of the Linux kernel allows
Unspecified
|
versions
|
service
|
denial
|
allows
|
kernel
|
Linux
|
cause
|
local
|
users
|
Unspecified versions of the Linux kernel allows local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died.
Microsoft Internet Explorer 7 allows remote att
Javascript
|
attackers
|
Microsoft
|
handlers
|
phishing
|
onUnload
|
Explorer
|
Internet
|
attacks
|
conduct
|
prevent
|
address
|
leaving
|
allows
|
remote
|
other
|
spoof
|
users
|
site
|
bar
|
via
|
Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers.
** DISPUTED ** Guidance Software EnCase does n
Software
|
properly
|
DISPUTED
|
Guidance
|
handle
|
EnCase
|
does
|
not
|
** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own.
Guidance Software EnCase 6.2 and 6.5 does not p
CVE-2007-4035
|
examination
|
partitions
|
attackers
|
properly
|
Software
|
Guidance
|
certain
|
related
|
prevent
|
remote
|
EnCase
|
handle
|
volume
|
issue
|
which
|
might
|
allow
|
more
|
does
|
than
|
data
|
not
|
Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035.
Software vulnerabilities results 1 to 20 of 81
Page:
1
2
3
4
5
►