Searching produces software vulnerabilities

counter.exe 2.70 allows a remote attacker to ca

counterexe |

counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via an HTTP request that ends in %0A (newline), which causes a malformed entry in the counter log that produces an access violation.


Forms.exe CGI program in ValiCert Enterprise Va

Enterprise | Validation | Authority | ValiCert | Formsexe | program | CGI |

Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.


PHP, when not configured with the "display_erro

"display_errors | configured | accessible | directive | attackers | physical | modifies | directly | trailing | produces | contains | request | setting | program | message | include | allows | remote | obtain | causes | phpini | error | which | slash | fail | path | Off" | base | file | PHP | not | via |

PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, causes the include directive to fail, and produces an error message that contains the path.


DB4Web server, when configured to use verbose d

connections | configured | attackers | messages | verbose | systems | attempt | remote | DB4Web | server | allows | other | debug | proxy | use | TCP |

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message.


Buffer overflow in (1) mrinfo, (2) mtrace, and

overflow | Buffer |

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().


Electronic Code Book (ECB) mode in VTun 2.0 thr

Electronic | Book | Code |

Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain senstive information.


The tcp_find_option function of the netfilter s

tcp_find_option | subsystem | netfilter | attackers | iptables | function | service | options | allows | remote | kernel | denial | cause | using | Linux | rules | TCP |

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.


PY Software Active Webcam WebServer (webcam.exe

WebServer | Software | Webcam | Active |

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to determine the existence of files via an HTTP request with a full pathname, which produces different messages whether the file exists or not.


Race condition in the do_add_counters function

do_add_counters | condition | netfilter | function | kernel | Linux | Race |

Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE.


index.php in EZDatabase before 2.1.2 does not p

EZDatabase | indexphp | before |

index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.


server.cpp in Monopd 0.9.3 allows remote attack

servercpp | Monopd |

server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output.


The virtual memory implementation in Linux kern

implementation | service | virtual | allows | denial | memory | kernel | cause | users | Linux | local | 26x |

The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service (panic) by running lsof a large number of times in a way that produces a heavy system load.


view.php in KnowledgeTree Open Source 3.0.3 and

KnowledgeTree | viewphp | Source | Open |

view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote attackers to obtain the full installation path via a crafted fDocumentId parameter, which displays the path in the resulting error message. NOTE: this might be resultant from another vulnerability, since this vector also produces XSS.


M4 Macro Library in Symantec Security Informati

Information | Security | Symantec | Manager | Library | before | Macro |

M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation.


Heap-based buffer overflow in Microsoft DirectX

Heap-based | Microsoft | overflow | DirectX | buffer | SDK |

Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.


epan/dissectors/packet-xot.c in the XOT dissect

epan/dissectors/packet-xotc | dissector | XOT |

epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded.


The Core::Receive function in neonet/core.cpp f


The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and earlier, and CVS 3422, allow remote attackers to cause a denial of service (engine crash) via a message with a large uiMessageLength that produces a failed memory allocation and a null pointer dereference.


The code function in install.fct.php in Ixprim

administration | installfctphp | confidential | mainfilephp | guessable | attackers | IXP_CODE | function | produces | attack | remote | access | Ixprim | force | panel | brute | which | value | might | allow | gain | code | via |

The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IXP_CODE in mainfile.php, which might allow remote attackers to gain access to the administration panel via a brute force attack.


Stack-based buffer overflow in EF Commander 5.7

Stack-based | Commander | overflow | buffer |

Stack-based buffer overflow in EF Commander 5.75 allows user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories, which produces a large filename that triggers the overflow.


Cisco Trust Agent (CTA) before 2.1.104.0, when

Agent | Trust | Cisco |

Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation.


Software vulnerabilities results 1 to 20 of 30     
Page: 12