standalone software vulnerabilities
vulnerabilities.aspcode.net
Searching standalone software vulnerabilities
PHP for Windows, when installed on Apache 2.0.2
installed
|
Windows
|
Apache
|
PHP
|
PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
Standalone Macromedia Flash Player 5.0 allows r
undocumented
|
containing
|
Standalone
|
Macromedia
|
arbitrary
|
FSCommand
|
attackers
|
programs
|
"save"
|
allows
|
Player
|
remote
|
files
|
Flash
|
save
|
file
|
via
|
SWF
|
Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand.
Standalone Macromedia Flash Player 5.0 before 5
Macromedia
|
Standalone
|
Player
|
before
|
Flash
|
Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand.
vsftpd FTP daemon in Red Hat Linux 9 is not com
wrappers
|
compiled
|
against
|
vsftpd
|
daemon
|
Linux
|
TCP
|
FTP
|
Red
|
not
|
Hat
|
vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere.
Firefox before 1.0.5 allows remote attackers to
Firefox
|
before
|
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.
Multiple PHP remote file inclusion vulnerabilit
vulnerabilities
|
AllMyGuests
|
inclusion
|
Multiple
|
remote
|
file
|
PHP
|
Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _AMGconfig[cfg_serverpath] parameter in (1) modules/AllMyGuests/signin.php (aka the Nuke module) and (2) AllMyGuests/signin.php (aka the standalone).
The Cisco Video Surveillance IP Gateway Encoder
Encoder/Decoder
|
Surveillance
|
Gateway
|
Cisco
|
Video
|
The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier have default passwords for the sypixx and root user accounts, which allows remote attackers to perform administrative actions, aka CSCsj34681.
The telnet service in Cisco Video Surveillance
Encoder/Decoder
|
Surveillance
|
Gateway
|
service
|
telnet
|
Cisco
|
Video
|
The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729.
Heap-based buffer overflow in mplayerc.exe in M
mplayercexe
|
Heap-based
|
overflow
|
Classic
|
Player
|
buffer
|
Media
|
Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values.
Multiple integer overflows in Media Player Clas
overflows
|
Multiple
|
Classic
|
integer
|
Player
|
Media
|
Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values.
Software vulnerabilities results 1 to 12 of 12
Page:
1