references software vulnerabilities
vulnerabilities.aspcode.net
Searching references software vulnerabilities
Outlook Express 5.01 and Internet Explorer 5.01
Express
|
Outlook
|
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client.
register.cgi in Ikonboard 2.1.7b and earlier al
registercgi
|
references
|
overwrites
|
attackers
|
Ikonboard
|
arbitrary
|
SEND_MAIL
|
parameter
|
executed
|
variable
|
internal
|
commands
|
execute
|
program
|
earlier
|
allows
|
remote
|
which
|
217b
|
via
|
register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed.
Cross-site scripting vulnerability in Infopop U
vulnerability
|
Cross-site
|
scripting
|
Ultimate
|
Bulletin
|
Infopop
|
Board
|
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field.
AOL AOLserver 3.4.2 Win32 allows remote attacke
AOLserver
|
AOL
|
AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file.
Internet Explorer 5.0 through 6.0 allows remote
references
|
attackers
|
determine
|
existence
|
Internet
|
property
|
elements
|
Explorer
|
certain
|
through
|
target
|
dynsrc
|
object
|
allows
|
remote
|
client
|
which
|
image
|
files
|
sets
|
size
|
such
|
file
|
via
|
IMG
|
tag
|
Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.
Untrusted search path vulnerability in Pedro Li
vulnerability
|
chetcpasswd
|
Untrusted
|
search
|
Lineu
|
Pedro
|
path
|
Orso
|
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.
Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows re
iChat
|
Apple
|
Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program.
The TNS Listener in Oracle 10g allows remote at
attackers
|
Listener
|
service
|
remote
|
denial
|
Oracle
|
allows
|
cause
|
TNS
|
10g
|
The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.
Adobe Acrobat and Acrobat Reader 6.0 allow remo
attackers
|
arbitrary
|
Shockwave
|
embedded
|
contains
|
Acrobat
|
remote
|
Reader
|
Adobe
|
files
|
allow
|
read
|
file
|
via
|
PDF
|
Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.
Microsoft Windows XP Explorer allows attackers
self-executing
|
automatically
|
executable
|
references
|
arbitrary
|
attackers
|
Microsoft
|
Explorer
|
accesses
|
executed
|
execute
|
Windows
|
within
|
allows
|
script
|
folder
|
which
|
user
|
file
|
code
|
HTML
|
via
|
Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder.
Squid Web Proxy Cache 2.5 might allow remote at
information
|
containing
|
operations
|
previously
|
references
|
sensitive
|
hostnames
|
attackers
|
messages
|
results
|
invalid
|
obtain
|
remote
|
error
|
Proxy
|
Squid
|
which
|
Cache
|
might
|
allow
|
cause
|
used
|
fail
|
URLs
|
via
|
DNS
|
Web
|
Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
Untrusted search path vulnerability in the crtt
vulnerability
|
Untrusted
|
Neutrino
|
command
|
crttrap
|
search
|
RTOS
|
path
|
QNX
|
Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library.
SQL injection vulnerability in Oracle Reports t
vulnerability
|
References
|
attackers
|
arbitrary
|
parameter
|
paramform
|
injection
|
commands
|
execute
|
appears
|
Reports
|
Lexical
|
values
|
remote
|
allows
|
Oracle
|
form
|
yes
|
set
|
SQL
|
use
|
via
|
SQL injection vulnerability in Oracle Reports that use Lexical References allows remote attackers to execute arbitrary SQL commands via the values in the parameter form that appears when the paramform parameter is set to yes.
Untrusted search path vulnerability in Truecryp
vulnerability
|
environment
|
privileges
|
references
|
arbitrary
|
Untrusted
|
Truecrypt
|
malicious
|
commands
|
variable
|
modified
|
command
|
execute
|
running
|
allows
|
search
|
Linux
|
mount
|
local
|
users
|
path
|
gain
|
root
|
suid
|
via
|
Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.
Cross-domain vulnerability in Microsoft Interne
Vulnerability"
|
vulnerability
|
Cross-domain
|
information
|
originating
|
restricted
|
attacker's
|
references
|
Disclosure
|
"Redirect
|
Microsoft
|
attribute
|
parameter
|
outerHTML
|
attackers
|
available
|
specifies
|
Internet
|
Location
|
Explorer
|
domains
|
through
|
content
|
target
|
access
|
allows
|
header
|
remote
|
object
|
makes
|
which
|
other
|
link
|
data
|
site
|
then
|
HTTP
|
via
|
tag
|
aka
|
Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability."
Microsoft Internet Explorer 6 allows remote att
attackers
|
Microsoft
|
Explorer
|
Internet
|
service
|
denial
|
allows
|
remote
|
cause
|
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check.
Buffer overflow in the Retro64 / Miniclip CR64L
unspecified
|
CR64Loader
|
references
|
arbitrary
|
attackers
|
involving
|
Miniclip
|
document
|
overflow
|
vectors
|
execute
|
control
|
ActiveX
|
Retro64
|
Buffer
|
remote
|
allows
|
CLSID
|
code
|
HTML
|
via
|
Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of the control.
Cross-domain vulnerability in MYweb4net Browser
vulnerability
|
Cross-domain
|
MYweb4net
|
Browser
|
Cross-domain vulnerability in MYweb4net Browser 3.8.8.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280.
Niels Provos libevent 1.2 and 1.2a allows remot
attackers
|
libevent
|
service
|
remote
|
denial
|
Provos
|
allows
|
Niels
|
cause
|
12a
|
Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset.
Directory traversal vulnerability in admin/file
admin/filebrowserasp
|
vulnerability
|
Directory
|
traversal
|
A-shop
|
Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter.
Software vulnerabilities results 1 to 20 of 58
Page:
1
2
3
►