vulnerable software vulnerabilities
vulnerabilities.aspcode.net
Searching vulnerable software vulnerabilities
Several startup scripts in SCO OpenServer Enter
Enterprise
|
OpenServer
|
vulnerable
|
S84rpcinit
|
including
|
allowing
|
Several
|
startup
|
scripts
|
symlink
|
access
|
attack
|
S89nfs
|
System
|
S95nis
|
S85tcp
|
local
|
gain
|
root
|
504p
|
user
|
SCO
|
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
XFree86 xfs command is vulnerable to a symlink
directories
|
vulnerable
|
restricted
|
privileges
|
possibly
|
allowing
|
service
|
XFree86
|
symlink
|
command
|
denial
|
attack
|
create
|
local
|
cause
|
files
|
users
|
them
|
gain
|
xfs
|
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP se
Computalynx
|
vulnerable
|
arbitrary
|
attacker
|
overflow
|
execute
|
command
|
servers
|
remote
|
server
|
buffer
|
attack
|
CMail
|
allow
|
code
|
SMTP
|
MAIL
|
SP2
|
may
|
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server.
The -ftrapv compiler option in gcc and g++ 3.3.
compiler
|
-ftrapv
|
option
|
g++
|
gcc
|
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
eEye SecureIIS versions 1.0.3 and earlier allow
SecureIIS
|
versions
|
eEye
|
eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.
Internet Explorer 5.5 and 6 with the Q312461 (M
Explorer
|
Internet
|
Q312461
|
Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients.
Windows File Protection (WFP) in Windows 2000 a
Protection
|
Windows
|
File
|
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
Apple Safari allows remote attackers to bypass
restrictions
|
application
|
attackers
|
intended
|
"%2e%2e"
|
access
|
allows
|
Safari
|
bypass
|
remote
|
cookie
|
Apple
|
via
|
web
|
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Opera allows remote attackers to bypass intende
restrictions
|
application
|
attackers
|
intended
|
"%2e%2e"
|
access
|
cookie
|
allows
|
remote
|
bypass
|
Opera
|
via
|
web
|
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Mozilla allows remote attackers to bypass inten
restrictions
|
application
|
attackers
|
intended
|
"%2e%2e"
|
Mozilla
|
access
|
allows
|
remote
|
cookie
|
bypass
|
via
|
web
|
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Microsoft Baseline Security Analyzer (MBSA) 1.2
Microsoft
|
Analyzer
|
Security
|
Baseline
|
Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.
The default configuration of BEA WebLogic Serve
configuration
|
information
|
cross-site
|
attackers
|
responds
|
WebLogic
|
request
|
tracing
|
default
|
through
|
earlier
|
Express
|
remote
|
Server
|
using
|
allow
|
which
|
TRACE
|
steal
|
SP13
|
HTTP
|
SP2
|
BEA
|
SP6
|
SP4
|
can
|
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
Adventia Chat 3.1 and Server Pro 3.0 allows rem
cross-site
|
vulnerable
|
arbitrary
|
attackers
|
scripting
|
Adventia
|
leaves
|
script
|
remote
|
allows
|
inject
|
Server
|
other
|
users
|
which
|
space
|
Chat
|
HTML
|
into
|
web
|
Pro
|
Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting (XSS) attacks.
Mac OS X 10.3.9 and earlier allows users to ins
Mac
|
Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.
The sql_escape_string function in auth/sql.c fo
sql_escape_string
|
authentication
|
mailutils
|
auth/sqlc
|
function
|
properly
|
module
|
quote
|
does
|
"\"
|
not
|
SQL
|
The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks.
SafeHTML before 1.3.5 does not properly filter
SafeHTML
|
before
|
SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML.
The CodeSupport.ocx ActiveX control, as used by
IsAdministrator
|
CodeSupportocx
|
First4Internet
|
RebootMachine
|
ExecuteCode
|
vulnerable
|
scripting"
|
arbitrary
|
attackers
|
uninstall
|
functions
|
ActiveX
|
execute
|
control
|
enabled
|
calling
|
allows
|
remote
|
"safe
|
which
|
Sony
|
such
|
code
|
used
|
XCP
|
has
|
DRM
|
The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the First4Internet XCP DRM, has "safe for scripting" enabled, which allows remote attackers to execute arbitrary code by calling vulnerable functions such as RebootMachine, IsAdministrator, and ExecuteCode.
SQL injection vulnerability in pages.asp in Min
vulnerability
|
injection
|
Mini-Nuke
|
pagesasp
|
System
|
CMS
|
SQL
|
SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: version 2.3 was later reported to be vulnerable as well.
PHP remote file inclusion vulnerability in arch
vulnerability
|
archivephp
|
Fantastic
|
inclusion
|
remote
|
News
|
file
|
PHP
|
PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable.
SQL injection vulnerability in search.php in Pu
vulnerability
|
searchphp
|
injection
|
before
|
PunBB
|
SQL
|
SQL injection vulnerability in search.php in PunBB before 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote attackers to execute arbitrary SQL commands via the result_list array parameter, which is not initialized.
Software vulnerabilities results 1 to 20 of 49
Page:
1
2
3
►