Searching processing software vulnerabilities

Winamp 2.78 and 2.77, when opening a wma file t

Winamp |

Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.


Buffer overflow in ZMailer before 2.99.51_1 all

processing | arbitrary | attackers | hostname | overflow | possibly | resolves | address | execute | 29951_1 | ZMailer | before | remote | Buffer | during | allows | using | long | code | HELO | IPv6 |

Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname.


Buffer overflow in freesweep in Debian GNU/Linu

environment | privileges | processing | variables | GNU/Linux | freesweep | overflow | "games" | Buffer | Debian | allows | users | local | group | gain |

Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables.


The SMB dissector in Ethereal before 0.10.0 all

dissector | Ethereal | before | SMB |

The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.


Windows Media Player 9 allows remote attackers

containing | attackers | arbitrary | execute | Windows | Player | remote | allows | large | Media | file | code | via | PNG |

Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."


Unspecified vulnerability in ASN.1 Compiler (as

vulnerability | Unspecified | Compiler | ASN1 |

Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags.


Unspecified vulnerability in ASN.1 Compiler (as

vulnerability | Unspecified | Compiler | ASN1 |

Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures."


Buffer overflow in the font processing componen

processing | Microsoft | component | overflow | Windows | Buffer | font |

Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.


Synaesthesia 2.1 and earlier, and possibly othe

configuration | Synaesthesia | privileges | processing | installed | arbitrary | possibly | versions | earlier | before | setuid | allows | which | files | local | users | other | mixer | read | root | does | drop | not |

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.


Off-by-one buffer overflow in the processing of

processing | Off-by-one | Metadata | overflow | Package | buffer | tags | Real |

Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag.


lspath in AIX 5.2, 5.3, and possibly earlier ve

privileges | processing | arbitrary | possibly | versions | earlier | lspath | option | allows | before | local | users | files | which | line | does | read | drop | AIX | not | one |

lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.


remstats 1.0.13 and earlier, when processing up

remstats |

remstats 1.0.13 and earlier, when processing uptime data, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.


qpopper 4.0.5 and earlier does not properly dro

qpopper |

qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root.


templates.admin.users.user_form_processing in B

templatesadminusersuser_form_processing | Reporter | before | Blue | Coat |

templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.


The StateToOptions function in msfweb in Metasp

StateToOptions | Metasploit | Framework | function | running | earlier | option | msfweb |

The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the "_Defanged" environment option is checked when processing the Exploit command.


Unspecified vulnerability in the command line p

vulnerability | Unspecified | processing | command | line |

Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors.


Multiple unspecified vulnerabilities in Solaris

vulnerabilities | unspecified | Processing | Multiple | service | Solaris | allows | denial | Socket | Option | cause | local | users | SCTP |

Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.


Unspecified vulnerability in CA eTrust Antiviru

vulnerability | Unspecified | Antivirus | WebScan | before | eTrust |

Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components."


Unspecified vulnerability in 04WebServer 1.83 a

vulnerability | 04WebServer | Unspecified |

Unspecified vulnerability in 04WebServer 1.83 and earlier allows remote attackers to bypass user authentication via unspecified vectors related to request processing.


Buffer overflow in Hitachi Cosminexus V4 throug

Cosminexus | Processing | overflow | through | Hitachi | before | Buffer | XML | Kit |

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before Friday, May 11, 2007, Developer's Kit for Java before Monday, March 12, 2007, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.


Software vulnerabilities results 1 to 20 of 81     
Page: 12345