Searching select software vulnerabilities

The Protected Store in Windows 2000 does not pr

Protected | Windows | Store |

The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.


IMAP server in Alt-N Technologies MDaemon 3.5.6

Technologies | MDaemon | server | Alt-N | IMAP |

IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands.


Buffer overflow in the IMAP server (IMAPMax) fo

overflow | server | Buffer | IMAP |

Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command.


Vignette StoryServer 4 and 5, Vignette V/5, and

unauthorized | StoryServer | arbitrary | attackers | vgn_creds | accessing | template | Vignette | possibly | versions | directly | setting | queries | perform | cookie | allows | remote | SELECT | other | value | save | V/5 |

Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template.


Netscape 7.0 and Mozilla 5.0 do not immediately

immediately | Netscape | messages | Mozilla | deleted | Trash' | 'Empty | access | option | select | folder | delete | allow | local | could | users | trash | which | not |

Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.


HP OpenView Select Access 5.0 through 6.0 does

restrictions | characters | correctly | attackers | OpenView | encoded | unicode | through | Access | remote | decode | Select | bypass | allow | could | UTF-8 | which | does | URL | not |

HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters.


Buffer overflow in the IMAP service of Mercury

overflow | service | Mercury | Buffer | IMAP |

Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.


Multiple buffer overflows in gram.y for Postgre

PostgreSQL | overflows | Multiple | buffer | gramy |

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.


phpMyAdmin 2.6.2-dev, and possibly earlier vers

select_langlibphp | phpMyAdmin | attackers | determine | possibly | versions | reveals | request | 262-dev | message | earlier | remote | direct | allows | error | which | path | root | full | PHP | via | web |

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.


Oracle Database 9i and 10g disables Fine Graine

disables | Database | Grained | Oracle | Audit | Fine | 10g |

Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.


Unknown vulnerability in IBM DB2 8.1.4 through

vulnerability | Unknown | DB2 | IBM |

Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents.


Directory traversal vulnerability in Qualcomm W

vulnerability | arbitrary | sequences | attackers | WorldMail | Directory | traversal | messages | Qualcomm | command | SELECT | allows | Server | remote | email | read | IMAP | via |

Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read arbitrary email messages via ".." sequences in the SELECT command.


The key selection dialogue in Enigmail before 0

selection | Enigmail | dialogue | before | key |

The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message.


CRLF injection vulnerability in SquirrelMail 1.

vulnerability | SquirrelMail | injection | CRLF |

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."


Oracle Database 9.2.0.0 to 10.2.0.3 allows loca

Database | Oracle |

Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.


The IPv4 implementation in Sun Solaris 10 befor

implementation | Solaris | before | IPv4 | Sun |

The IPv4 implementation in Sun Solaris 10 before Friday, July 21, 2006 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication.


Multiple SQL injection vulnerabilities in SoftB

vulnerabilities | arbitrary | attackers | injection | commands | possibly | Multiple | execute | earlier | SoftBB | remote | allow | via | SQL |

Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.


MySQL before 5.1.18 allows remote authenticated

before | MySQL |

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.


Unspecified vulnerability in HP Select Identity

vulnerability | Unspecified | Identity | Select |

Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.


Software vulnerabilities results 1 to 20 of 65     
Page: 1234