Searching runtime software vulnerabilities

The URLConnection function in MacOS Runtime Jav

URLConnection | function | Runtime | MacOS | Java |

The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.


Mac OS Runtime for Java (MRJ) 2.2.3 allows remo

Runtime | Java | Mac |

Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter.


Buffer overflows in Microsoft SQL Server 7.0 an

Microsoft | overflows | Server | Buffer | SQL |

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.


Java Runtime Environment (JRE) and SDK 1.2 thro

Environment | Runtime | Java |

Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.


Runtime library in GNU Ada compiler (GNAT) 3.12

compiler | library | Runtime | Ada | GNU |

Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files.


Macromedia Sitespring 1.2.0 (277.1) using Sybas

Sitespring | Macromedia |

Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow.


Stack-based buffer overflow in the runtime link

environment | Stack-based | LD_PRELOAD | privileges | variable | overflow | runtime | through | Solaris | buffer | linker | allows | users | local | ldso1 | long | root | gain | via |

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.


Sun Java Runtime Environment (JRE) and SDK 1.4.

Environment | Runtime | Java | Sun |

Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.


The RPC Runtime Library for Microsoft Windows N

Microsoft | attackers | Windows | service | Runtime | Library | active | denial | memory | remote | allows | cause | read | RPC |

The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.


Unknown vulnerability in Sun Java Runtime Envir

vulnerability | Environment | Runtime | Unknown | Java | Sun |

Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang).


readObject in (1) Java Runtime Environment (JRE

readObject |

readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.


The NAT implementation in Zonet ZSR1104WE Wirel

implementation | ZSR1104WE | Wireless | Runtime | Version | Router | Zonet | Code | NAT |

The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 converts IP addresses of inbound connections to the IP address of the router, which allows remote attackers to bypass intended security restrictions.


The LAM runtime environment package (lam-runtim

environment | package | runtime | LAM |

The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.


QDBM before 1.8.33-r2 allows local users in the

privileges | directory | temporary | increase | allowing | 1833-r2 | runtime | objects | portage | object | loaded | search | allows | before | shared | users | local | added | group | build | which | QDBM | path | via |

QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.


GDAL before 1.3.0-r1 allows local users in the

privileges | directory | temporary | increase | allowing | runtime | portage | objects | object | search | loaded | shared | allows | 130-r1 | before | added | local | build | group | which | users | GDAL | path | via |

GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.


ImageMagick before 6.2.4.2-r1 allows local user

ImageMagick | privileges | directory | temporary | increase | allowing | 6242-r1 | runtime | objects | portage | search | loaded | object | allows | before | shared | users | local | group | which | build | added | path | via |

ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.


Buffer overflow in Hawk Monitoring Agent (HMA)

Monitoring | overflow | Buffer | Agent | Hawk |

Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4.6.1 and TIBCO Runtime Agent (TRA) before 5.4 allows authenticated users to execute arbitrary code via the configuration for tibhawkhma.


Multiple unspecified vulnerabilities in Oracle

vulnerabilities | unspecified | Database | Multiple | Oracle |

Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) NLS Runtime and lmsgen (DB12), and (2) Oracle Text and ctxkbtc (DB14).


Bradford CampusManager Network Control Applicat

CampusManager | Application | Bradford | Control | Network | Server |

Bradford CampusManager Network Control Application Server 3.1(6) allows remote attackers to obtain sensitive information (backup, log, and configuration files) via direct request for certain files in (1) /runTime/ or (2) /remediationReports/.


Buffer overflow in the Sun Java Web Start Activ

Environment | overflow | Runtime | ActiveX | control | Buffer | Start | Java | Sun | Web |

Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method.


Software vulnerabilities results 1 to 20 of 55     
Page: 123