rejected software vulnerabilities
vulnerabilities.aspcode.net
Searching rejected software vulnerabilities
Directory traversal vulnerability in GoAhead We
vulnerability
|
attackers
|
arbitrary
|
traversal
|
Directory
|
GoAhead
|
encoded
|
remote
|
Server
|
allows
|
files
|
read
|
Web
|
URL
|
via
|
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earli
OpenLDAP2
|
slapd
|
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.
Buffer overflow in Microsoft Active Data Object
Microsoft
|
overflow
|
Objects
|
Active
|
Buffer
|
Data
|
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED.
Heap-based buffer overflow in the search_for_co
search_for_command
|
Heap-based
|
function
|
overflow
|
ltrace
|
buffer
|
Heap-based buffer overflow in the search_for_command function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be REJECTed.
Cross-site scripting (XSS) vulnerability in LAN
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be reproduced, so this issue may be REJECTed in the future.
The URL pattern matching feature in BEA WebLogi
restrictions
|
wildcards
|
attackers
|
WebLogic
|
patterns
|
matching
|
rejected
|
properly
|
intended
|
because
|
feature
|
pattern
|
matches
|
illegal
|
ending
|
remote
|
Server
|
access
|
bypass
|
allow
|
which
|
legal
|
cause
|
could
|
they
|
were
|
"/*"
|
URL
|
BEA
|
"*"
|
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if they were the legal "/*" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected.
Buffer overflow in the extract_one function fro
extract_one
|
attackers
|
arbitrary
|
function
|
overflow
|
execute
|
lhextc
|
Buffer
|
allow
|
code
|
long
|
via
|
LHA
|
may
|
Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.
Buffer overflow in Microsoft Msinfo32.exe might
Msinfo32exe
|
msinfo_file
|
arbitrary
|
parameter
|
Microsoft
|
filename
|
overflow
|
command
|
execute
|
Buffer
|
local
|
allow
|
might
|
users
|
line
|
code
|
long
|
via
|
Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Kaspersky
|
PowerZip
|
versions
|
Multiple
|
rejected
|
products
|
central
|
headers
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
allows
|
Winzip
|
local
|
error
|
still
|
which
|
virus
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
BitDefender
|
executable
|
detection
|
BitZipper
|
malicious
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
central
|
headers
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
allows
|
Winzip
|
local
|
error
|
still
|
which
|
virus
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
allows
|
Winzip
|
NOD32
|
error
|
virus
|
still
|
which
|
local
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
F-Prot
|
allows
|
Winzip
|
error
|
virus
|
still
|
which
|
local
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of F-Prot Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
allows
|
Winzip
|
Avast
|
error
|
virus
|
still
|
which
|
local
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of Avast Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
McAfee
|
allows
|
Winzip
|
error
|
virus
|
still
|
which
|
local
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
Sophos
|
allows
|
Winzip
|
error
|
virus
|
still
|
which
|
local
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Symantec
|
versions
|
Multiple
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
allows
|
Winzip
|
local
|
error
|
still
|
which
|
virus
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
allows
|
Winzip
|
DrWeb
|
error
|
virus
|
still
|
which
|
local
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
malicious
|
detection
|
BitZipper
|
malformed
|
corrupted
|
specially
|
attackers
|
Antivirus
|
Multiple
|
versions
|
PowerZip
|
products
|
rejected
|
headers
|
central
|
crafted
|
opened
|
remote
|
Winrar
|
bypass
|
though
|
allows
|
Winzip
|
Avira
|
error
|
virus
|
still
|
which
|
local
|
they
|
file
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Multiple interpretation error in unspecified ve
interpretation
|
unspecified
|
executable
|
detection
|
malformed
|
attackers
|
specially
|
malicious
|
BitZipper
|
Antivirus
|
corrupted
|
versions
|
Multiple
|
rejected
|
PowerZip
|
products
|
headers
|
central
|
crafted
|
Control
|
Norman
|
allows
|
Winrar
|
opened
|
bypass
|
Winzip
|
though
|
remote
|
error
|
Virus
|
which
|
local
|
still
|
file
|
they
|
such
|
even
|
via
|
RAR
|
can
|
Multiple interpretation error in unspecified versions of Norman Virus Control Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Unrestricted file upload vulnerability in webSP
administrators
|
vulnerability
|
authenticated
|
Unrestricted
|
arbitrary
|
webSPELL
|
execute
|
feature
|
allows
|
remote
|
upload
|
squad
|
code
|
file
|
add
|
PHP
|
via
|
Unrestricted file upload vulnerability in webSPELL allows remote authenticated administrators to upload and execute arbitrary PHP code via the add squad feature. NOTE: this issue may be an administrative feature, in which case this CVE may be REJECTED.
Software vulnerabilities results 1 to 20 of 57
Page:
1
2
3
►