previously software vulnerabilities
vulnerabilities.aspcode.net
Searching previously software vulnerabilities
Cisco IOS 12.0(5)XU through 12.1(2) allows remo
Cisco
|
IOS
|
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
LCC-Win32 3.2 compiler, when running on Windows
information
|
previously
|
LCC-Win32
|
sensitive
|
attackers
|
compiler
|
portions
|
Windows
|
running
|
import
|
writes
|
memory
|
allow
|
could
|
after
|
table
|
which
|
used
|
gain
|
LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application.
RealOne player allows remote attackers to execu
demonstrated
|
presentation
|
references
|
previously
|
arbitrary
|
scripting
|
attackers
|
Computer"
|
executed
|
security
|
protocol
|
RealOne
|
execute
|
context
|
script
|
remote
|
allows
|
player
|
loaded
|
using
|
which
|
zone
|
SMIL
|
"My
|
URL
|
via
|
RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and
Cable/DSL
|
firmware
|
BEFSRU31
|
version
|
Routers
|
BEFSR11
|
Linksys
|
BEFSR81
|
BEFSR41
|
DHCP
|
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
The HTTP dissector in Ethereal 0.10.1 through 0
dissector
|
Ethereal
|
HTTP
|
The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory.
RealOne player 6.0.11.868 allows remote attacke
RealOne
|
player
|
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.
Squid Web Proxy Cache 2.5 might allow remote at
information
|
containing
|
operations
|
previously
|
references
|
sensitive
|
hostnames
|
attackers
|
messages
|
results
|
invalid
|
obtain
|
remote
|
error
|
Proxy
|
Squid
|
which
|
Cache
|
might
|
allow
|
cause
|
used
|
fail
|
URLs
|
via
|
DNS
|
Web
|
Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
mod_python (libapache2-mod-python) 3.1.4 and ea
mod_python
|
mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
Squid 2.5.STABLE7 and earlier allows remote att
25STABLE7
|
attackers
|
earlier
|
service
|
denial
|
allows
|
remote
|
Squid
|
cause
|
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.
FreeBSD
|
kernel
|
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory.
FUSE 2.x before 2.3.0 does not properly clear p
before
|
FUSE
|
FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.
Heap-based buffer overflow in the BERDecBitStri
BERDecBitString
|
Heap-based
|
Microsoft
|
function
|
overflow
|
library
|
buffer
|
ASN1
|
Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue.
The Orinoco driver (orinoco.c) in Linux kernel
Orinoco
|
driver
|
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
Unspecified vulnerability in Hosting Controller
vulnerability
|
Unspecified
|
Controller
|
Hosting
|
before
|
Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords via unspecified vectors. NOTE: due to the lack of precise details, it is not clear whether this is related to a previously disclosed issue such as CVE-2005-1788.
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 a
before
|
MySQL
|
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
WebKit in Apple Mac OS X 10.3.x through 10.3.9
through
|
WebKit
|
Apple
|
103x
|
Mac
|
WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects.
Microsoft Internet Explorer 6 allows remote att
Vulnerability"
|
simultaneously
|
Corruption
|
JavaScript
|
previously
|
arbitrary
|
Microsoft
|
attackers
|
Handling
|
Explorer
|
Internet
|
results
|
certain
|
"Script
|
execute
|
memory
|
access
|
allows
|
remote
|
errors
|
Error
|
which
|
using
|
freed
|
cause
|
code
|
aka
|
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability."
index.php in PEGames uses the extract function
uncontrolled
|
previously
|
overwrite
|
parameter
|
variables
|
inclusion
|
extracted
|
attackers
|
function
|
indexphp
|
critical
|
abs_url
|
attacks
|
conduct
|
extract
|
PEGames
|
allows
|
remote
|
later
|
value
|
which
|
uses
|
file
|
via
|
PHP
|
index.php in PEGames uses the extract function to overwrite critical variables, which allows remote attackers to conduct PHP remote file inclusion attacks via the abs_url parameter, which is later extracted to overwrite a previously uncontrolled value.
The recall_headers function in mod_mem_cache in
recall_headers
|
mod_mem_cache
|
function
|
Apache
|
The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
xmlrpc (xmlrpc.php) in WordPress 2.1.2, and pro
xmlrpc
|
xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to "publish a previously saved post."
Software vulnerabilities results 1 to 20 of 30
Page:
1
2
►