Searching updates software vulnerabilities

NBase switches NH208 and NH215 run a TFTP serve

attackers | switches | software | service | updates | remote | denial | switch | modify | server | allows | cause | NH215 | NH208 | NBase | which | send | TFTP | run |

NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names.


The default configuration for the domain name r

configuration | Microsoft | resolver | Windows | default | domain | name |

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.


Microsoft Word and Excel allow remote attackers

demonstrated | information | sensitive | attackers | Microsoft | document | returned | attacker | certain | insert | remote | codes | steal | allow | Excel | field | using | Word | via |

Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."


The client for CVS before 1.11 allows a remote

before | client | CVS |

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.


Opera Browser 7.23, and other versions before 7

Browser | Opera |

Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.


Firefox before 1.0.1 and Mozilla before 1.7.6 a

Firefox | before |

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site.


Symantec AntiVirus Corporate Edition 9.0.1.x an

LogLiveupdate | information | LiveUpdate | obtaining | attackers | cleartext | sensitive | Corporate | AntiVirus | username | password | Symantec | possibly | versions | internal | Edition | updates | obtain | allows | stores | server | other | which | 904x | file | 901x | log |

Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal LiveUpdate server.


The web interface for AWStats 6.4 and 6.5, when

metacharacters | statistics | attackers | parameter | arbitrary | interface | execute | AWStats | migrate | enabled | updates | allows | remote | shell | code | web | via |

The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.


The Update functionality in Bitrix Site Manager

functionality | authenticity | information | ultimately | downloaded | attackers | redirects | malicious | arbitrary | poisoning | sensitive | execute | Manager | updates | Update | Bitrix | allows | remote | verify | obtain | which | cache | Site | code | does | user | 41x | not | PHP | DNS | via |

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site.


Secure Elements Class 5 AVR server (aka C5 EVM)

Elements | server | Secure | Class | AVR |

Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an update, which could allow remote attackers to distribute malicious updates to clients.


Heap-based buffer overflow in the AirPort wirel

Heap-based | overflow | wireless | AirPort | driver | buffer | Apple | Mac |

Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.


Premium Anti-Spam in Ipswitch IMail Secure Serv

Anti-Spam | Ipswitch | Premium | Secure | Server | IMail |

Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from Friday, June 30, 2006 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission.


Pedro Lineu Orso chetcpasswd 2.4.1 and earlier

chetcpasswd | Lineu | Pedro | Orso |

Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote attackers to bypass intended restrictions implemented through PAM.


myprofile.asp in Enthrallweb eCoupons does not

authenticated | myprofileasp | MM_recordId | Enthrallweb | specifying | parameter | account's | username | properly | modified | eCoupons | validate | account | another | certain | updates | profile | remote | during | fields | modify | allows | which | users | does | not |

myprofile.asp in Enthrallweb eCoupons does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.


myprofile.asp in Enthrallweb eNews does not pro

authenticated | myprofileasp | MM_recordId | Enthrallweb | specifying | parameter | account's | modified | username | validate | properly | account | another | certain | updates | profile | during | fields | remote | allows | modify | eNews | which | users | does | not |

myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.


myprofile.asp in Enthrallweb eClassifieds does

authenticated | eClassifieds | myprofileasp | MM_recordId | Enthrallweb | specifying | parameter | account's | properly | username | modified | validate | account | another | certain | updates | profile | remote | during | fields | modify | allows | which | users | does | not |

myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.


Mozilla Firefox 2.0.0.2 allows remote attackers

Firefox | Mozilla |

Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address bar, favicons, and document source, and perform updates in the context of arbitrary websites, by repeatedly setting document.location in the onunload attribute when linking to another website, a variant of CVE-2007-1092.


The Java Secure Socket Extension (JSSE) in Sun

Extension | Socket | Secure | Java |

The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.2.2_14, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service (CPU consumption) via certain SSL/TLS handshake requests.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in IDE Group DVD Rental System (DRS) 5.1 before Wednesday, August 01, 2007 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: it is not clear whether IDE Group updates all DRS installations in its role as an application service provider. If so, then this issue should not be included in CVE.


Multiple cross-site request forgery (CSRF) vuln

cross-site | Multiple | forgery | request |

Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in IDE Group DVD Rental System (DRS) 5.1 before Wednesday, August 01, 2007 allow remote attackers to perform certain actions as arbitrary users, as demonstrated by (1) modifying data or (2) canceling a subscription. NOTE: it is not clear whether IDE Group updates all DRS installations in its role as an application service provider. If so, then this issue should not be included in CVE.


Software vulnerabilities results 1 to 20 of 21     
Page: 12