thus software vulnerabilities
vulnerabilities.aspcode.net
Searching thus software vulnerabilities
MS Site Server 2.0 with IIS 4 can allow users t
including
|
commands
|
remotely
|
allowing
|
content
|
execute
|
target
|
Server
|
upload
|
allow
|
users
|
thus
|
Site
|
them
|
can
|
IIS
|
web
|
ASP
|
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.
A design error in the IEEE1394 specification al
specification
|
FireWire/IEEE
|
sensitive
|
attackers
|
physical
|
IEEE1394
|
modified
|
memory
|
device
|
allows
|
design
|
access
|
error
|
using
|
write
|
read
|
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allowed to add HTML by other means, e.g. through Smarty templates, then this issue would not give any additional privileges, and thus would not be considered a vulnerability.
** DISPUTED ** Format string vulnerability in v
vulnerability
|
vsybasec
|
DISPUTED
|
vpopmail
|
Format
|
string
|
** DISPUTED ** Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format strings. Thus this is not a vulnerability.
** DISPUTED ** Microsoft Windows 2000, XP, and
Microsoft
|
DISPUTED
|
Windows
|
** DISPUTED ** Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossed.
Cross-site scripting (XSS) vulnerability in Goo
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability.
** DISPUTED ** NOTE: this issue has been dispu
DISPUTED
|
** DISPUTED ** NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code. NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005.
** DISPUTED ** NOTE: this issue has been dispu
DISPUTED
|
** DISPUTED ** NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum (SMF) 1.1 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. NOTE: the vendor says that since only one character can be modified, there is no SQL injection. Thus this might be an "invalid SQL syntax error." Multiple followups support the vendor.
** DISPUTED ** SQL injection vulnerability in
server_privilegesphp
|
vulnerability
|
phpMyAdmin
|
injection
|
DISPUTED
|
SQL
|
** DISPUTED ** SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the vendor and a third party have disputed this issue, saying that the main task of the program is to support query execution by authenticated users, and no external attack scenario exists without an auto-login configuration. Thus it is likely that this issue will be REJECTED. However, a closely related CSRF issue has been assigned CVE-2005-4450.
** DISPUTED ** Buffer overflow in mIRC 5.91, 6.
overflow
|
DISPUTED
|
Buffer
|
mIRC
|
** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk.
wan/sdla.c in Linux kernel 2.6.x before 2.6.11
wan/sdlac
|
before
|
kernel
|
Linux
|
26x
|
wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is protected by CAP_NET_ADMIN; thus it might not be a vulnerability, although capabilities provide finer distinctions between privilege levels.
The "Remember my Password" feature in MSN Messe
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Creds
|
CryptUnprotectData
|
Recoveryexe"
|
demonstrated
|
passwords
|
encrypted
|
"Remember
|
Messenger
|
Password"
|
registry
|
original
|
Password
|
program
|
feature
|
obtain
|
stores
|
format
|
calls
|
might
|
which
|
under
|
allow
|
users
|
local
|
"MSN
|
MSN
|
via
|
key
|
The "Remember my Password" feature in MSN Messenger 7.5 stores passwords in an encrypted format under the HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Creds registry key, which might allow local users to obtain the original passwords via a program that calls CryptUnprotectData, as demonstrated by the "MSN Password Recovery.exe" program. NOTE: it could be argued that local-only password recovery is inherently insecure because the decryption methods and keys must be stored somewhere on the local system, and are thus inherently accessible with varying degrees of effort. Perhaps this issue should not be included in CVE.
** DISPUTED ** Buffer overflow in the font comm
overflow
|
probably
|
DISPUTED
|
command
|
Buffer
|
mIRC
|
font
|
** DISPUTED ** Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary code via a long string. NOTE: the original researcher claims that issue has been disputed by the vendor, and that the vendor stated "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk.
server.cpp in MyServer 0.8.5 calls Process::set
servercpp
|
MyServer
|
server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges.
Software vulnerabilities results 1 to 15 of 15
Page:
1