virtual software vulnerabilities
vulnerabilities.aspcode.net
Searching virtual software vulnerabilities
Cisco Catalyst 2900 Virtual LAN (VLAN) switches
Catalyst
|
Cisco
|
Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag.
Frontpage Server Extensions allows remote attac
Extensions
|
/_vti_bin/
|
determine
|
anonymous
|
directory
|
attackers
|
Frontpage
|
shtmldll
|
virtual
|
request
|
account
|
allows
|
Server
|
remote
|
name
|
POST
|
via
|
RPC
|
Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
Frontpage Server Extensions allows remote attac
Extensions
|
htimageexe
|
attackers
|
determine
|
directory
|
Frontpage
|
physical
|
virtual
|
request
|
program
|
remote
|
allows
|
Server
|
path
|
CGI
|
GET
|
via
|
Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
Microsoft Java Virtual Machine allows remote at
getSystemResourceAsStream
|
attackers
|
Microsoft
|
function
|
Virtual
|
Machine
|
allows
|
remote
|
files
|
Java
|
read
|
via
|
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
The web GUI for the Linux Virtual Server (LVS)
Virtual
|
Server
|
Linux
|
web
|
GUI
|
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
AmTote International homebet program stores the
International
|
homebetlog
|
directory
|
attackers
|
homebet/
|
virtual
|
account
|
numbers
|
program
|
homebet
|
remote
|
AmTote
|
stores
|
allows
|
steal
|
which
|
file
|
PIN
|
AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers.
Directory traversal vulnerability in thttpd, wh
vulnerability
|
arbitrary
|
attackers
|
traversal
|
Directory
|
hosting
|
virtual
|
thttpd
|
remote
|
allows
|
files
|
using
|
read
|
via
|
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header.
Unknown vulnerability in Sun Java Runtime Envir
vulnerability
|
Environment
|
Runtime
|
Unknown
|
Java
|
Sun
|
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang).
Easy File Sharing (EFS) Webserver 1.25 allows r
Sharing
|
File
|
Easy
|
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder.
Linux-VServer 1.24 allows local users with root
Linux-VServer
|
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.
Linux VServer 1.27 and earlier, 1.3.9 and earli
VServer
|
Linux
|
Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions across all virtual and host servers, which allows local users with the ability to set permissions in /proc to obtain system information or cause a denial of service on other virtual servers or the host server.
SQL injection vulnerability in admin_login.asp
admin_loginasp
|
vulnerability
|
arbitrary
|
attackers
|
injection
|
parameter
|
commands
|
password
|
execute
|
Virtual
|
Manager
|
allows
|
remote
|
News
|
SQL
|
ASP
|
via
|
SQL injection vulnerability in admin_login.asp for ASP Virtual News Manager allows remote attackers to execute arbitrary SQL commands via the password parameter.
nquser.php in Virtual Edge Netquery 3.11 allows
nquserphp
|
Netquery
|
Virtual
|
Edge
|
nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter to a dig query.
Unspecified vulnerability in PHP before 4.4.1,
vulnerability
|
Unspecified
|
before
|
PHP
|
Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
Hosting Controller 6.1 before Hotfix 3.3 allows
Controller
|
attackers
|
Hosting
|
remote
|
allows
|
before
|
Hotfix
|
Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to (1) delete the virtual directory of an arbitrary site via a modified ForumID parameter in a disableforum action in DisableForum.asp and (2) create an arbitrary forum virtual directory via an empty ForumID parameter in an enableforum action in EnableForum.asp.
Heap-based buffer overflow in Microsoft Virtual
Heap-based
|
Microsoft
|
overflow
|
Virtual
|
buffer
|
Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components."
QEMU 0.8.2 allows local users to halt a virtual
QEMU
|
QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.
The virtual machine process (VMX) in VMware Wor
process
|
machine
|
virtual
|
The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.
Session fixation vulnerability in Virtual Hosti
vulnerability
|
fixation
|
Hosting
|
Control
|
Session
|
Virtual
|
System
|
Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Opera before 9.23 allows remote attackers to ex
before
|
Opera
|
Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
Software vulnerabilities results 1 to 20 of 129
Page:
1
2
3
4
5
...
7
►