properties software vulnerabilities

Searching properties software vulnerabilities

Internet Explorer 5.01 allows remote attackers

Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL.

ACDSee 4.0 allows remote attackers to cause a d

ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed.

TightVNC before 1.2.4 running on Windows stores

TightVNC | before |

TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control of the WinVNC Properties dialog, which could allow local users to access passwords.

FlashFXP 1.4 prints FTP passwords in plaintext

FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties.

Microsoft Word 2002, 2000, 97, and 98(J) does n

Microsoft | Word |

Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.

McAfee VirusScan 4.5.1 does not drop SYSTEM pri

VirusScan | McAfee |

McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.

Opera before 7.54 allows remote attackers to mo

before | Opera |

Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user.

Multiple vulnerabilities in xli before 1.17 may

vulnerabilities | Multiple | before | xli |

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

Symantec pcAnywhere 10.5x and 11.x before 11.5,

Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature.

Windows Shell for Microsoft Windows 2000 SP4, X

Microsoft | Windows | Shell |

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122.

The System Monitor Source Properties control al

The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.

Unspecified vulnerability in Microsoft Exchange

Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.

Opera 9 allows remote attackers to cause a deni

Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties.

Stack-based buffer overflow in NDFXArtEffects i

Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties.

BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8

BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password.

Telestream Flip4Mac Windows Media Components fo

Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 allows remote attackers to execute arbitrary code via a crafted ASF_File_Properties_Object size field in a WMV file, which triggers memory corruption.

Stack-based buffer overflow in SonicDVDDashVRNa

Stack-based buffer overflow in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via unspecified properties and methods in the SonicDVDDashVRNav.dll ActiveX control.

Stack-based buffer overflow in the createAndJoi

Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before Tuesday, March 13, 2007 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties.

WebCore on Apple Mac OS X 10.3.9 and 10.4.10 re

WebCore | Apple | Mac |

WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks.

Safari in Apple iPhone 1.1.1 allows remote atta

iPhone | Safari | Apple |

Safari in Apple iPhone 1.1.1 allows remote attackers to set Javascript window properties for web pages that are in a different domain, which can be leveraged to conduct cross-site scripting (XSS) attacks.

Software vulnerabilities results 1 to 20 of 42

Page: 12 3 ►

properties software vulnerabilities

vulnerabilities.aspcode.net

Searching properties software vulnerabilities