Home arrow Search
Search Keyword exploitation
Total 50 results found.

Results 1 - 50 of 50
...Adobe AIR. This vulnerability can be triggered if an Adobe AIR application loads data from an untrusted source. Exploitation of this vulnerability may allow a remote attacker to execute JavaScript cod...

US-CERT is aware of public reports of active exploitation of a recent Adobe Reader vulnerability. This exploit appears to arrive in the form of a maliciously crafted PDF file and leverages the JavaScr

...visory indicating it has updated the ESX packages to address vulnerabilities in libxml2, ucd-snmp, and libtiff. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, s...

...ies. These bulletins address heap-based buffer overflow vulnerabilities in the processing of WMF and EMF files. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.US...

...n the Windows Server Service. This vulnerability is due to improper handling of specially crafted RPC requests. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code...

...n the Windows Server Service. This vulnerability is due to improper handling of specially crafted RPC requests. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code...

...ess a vulnerability that affects a number of their products. This vulnerability is due to improper RPM parsing. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.US-CE...

...era version 9.60 to address two vulnerabilities. The first vulnerability is due to improper validation of URLs. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or ca...

...ss multiple vulnerabilities. These vulnerabilities affect VMware hosted products, VirtualCenter, ESX, and ESXi. Exploitation of these vulnerabilities may allow an attacker to operate with escalated pr...

...vulnerability is due to flaws in the "gdiplus.dll" library included with the affected versions of the software. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.US-CE...

... overflow conditions and unsafe method calls within an ActiveX control that is part of the scheduler component. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code...

...ulnerability is due to several buffer overflow conditions in the handling of HTTP basic authentication headers. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execu...

...when receiving unsolicited or suspicious files. Adobe also states that they are currently unaware of any public exploitation of these vulnerabilities. US-CERT will provide more information as it becom...

... to address a vulnerability. This vulnerability is due to the way TWiki processes the "image" variable in URLs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execu...

... to address a vulnerability. This vulnerability is due to the way TWiki processes the "image" variable in URLs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execu...

... to address a vulnerability. This vulnerability is due to the way TWiki processes the "image" variable in URLs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execu...

...security updates to address multiple vulnerabilities in iTunes, QuickTime, iPod touch, and Bonjour for Windows. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, c...

...security updates to address multiple vulnerabilities in iTunes, QuickTime, iPod touch, and Bonjour for Windows. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, c...

...h :% a default configuration that allows files to be downloaded to the desktop without prompting the user first Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or...

...a default configuration that allows files to be downloaded to the desktop without prompting the user first/li/olExploitation of these vulnerabilities may allow an attacker to execute arbitrary code or...

...erabilities may allow an attacker to reset a user's password and possibly predict the newly generated password. Exploitation of these vulnerabilities could permit an attacker to gain access to a syste...

...erabilities may allow an attacker to reset a user's password and possibly predict the newly generated password. Exploitation of these vulnerabilities could permit an attacker to gain access to a syste...

...on in the handling of ODBC requests from clients. Exploit code for this vulnerability is publicly available and exploitation may allow an attacker to execute arbitrary code.US-CERT encourages users to...

...on in the handling of ODBC requests from clients. Exploit code for this vulnerability is publicly available and exploitation may allow an attacker to execute arbitrary code.brbrUS-CERT encourages user...

... control (ienipp.ocx) multiple buffer overflow conditions within nipplib.dll an insecure "GetFileList()" method Exploitation of this vulnerability may allow an attacker to execute arbitrary code or ob...

..., which may allow non-validating tokens to be forged, is due to a flaw in the reset token validation mechanism. Exploitation of this vulnerability may allow an unauthenticated attacker to reset the pa...

Oracle has released a Security Advisory to address a vulnerability in the WebLogic plug-in for Apache. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to compromise the

... is aware of publicly available exploit code for a cache poisoning vulnerability in common DNS implementations. Exploitation of this vulnerability may allow an attacker to cause a nameserver's clients...

Mozilla has released Firefox 3.0.1 to address three vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.

Mozilla has released Firefox 2.0.0.16 to address two vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition

...h v2.0 to address multiple vulnerabilities. These vulnerabilities affect CFNetwork, Kernel, Safari, and WebKit. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, o...

...nerability is due to improper handling of malformed data in the Computer Telephony Integration Manager service. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service co...

... attacker may be able to access non-domain-specific elements from a web page that exists in a different domain. Exploitation of this vulnerability could allow an attacker to capture keystrokes or perf...

...y code or cause a denial-of-service condition. The Security Bulletin also indicates there are reports of active exploitation.US-CERT encourages users to review Adobe Security Bulletin APSB08-15 and ap...

...or in the handling of Jumbo Ethernet frames received on a Gigabit network interface configured for inline mode. Exploitation of this vulnerability may allow a remote attacker to trigger a kernel panic...

...s due to an error in the way the authenticator field handles shortened hash message authentication code (HMAC). Exploitation of this vulnerability may allow an attacker to read and modify any SNMP obj...

...raphic keys. As a result of the vulnerability, the keys generated using the flawed OpenSSL package may be weak. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to co...

...rlier. This vulnerability is due to a buffer overflow condition in the handling of specially-crafted CDF files. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.US-CE...

...s affecting HP Software Update. These vulnerabilities are due to insecure methods in multiple ActiveX controls. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary c...

40. ICQ Vulnerability
(News/CERT)
...ndition in the "Personal Status Manager" feature that occurs when processing specially crafted status messages. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code...

... JavaScript engine. This vulnerability is due to memory corruption errors during JavaScript garbage collection. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code...

...in libclamav/spin.c. There are two additional vulnerabilities due to improper handling of ARJ and RAR archives. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to ex...

US-CERT has seen public reports of an exploit targeting vulnerabilities in GDI. These vulnerabilities are due to buffer overflow conditions that exist in the processing of EMF and WMF image files. By

...lity is due to improper handling of  multiple properties of the RealPlayer ActiveX control (rmoc3260.dll). Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execu...

...ility in eDirectory. This vulnerability is caused by improper handling of large LDAP Extended Request messages. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code...

...s in Kerberos 5. These vulnerabilities affect krb4-enabled KDC servers and the GSS RPC library used by kadmind. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary c...

...his vulnerability is due to a boundary error within the "AddColumn()" method in the "ListCtrl" ActiveX control. Exploitation of this vulnerability may allow a remote attacker to cause a stack-based bu...

...ies in multiple F-Secure products. These vulnerabilities are caused by improper handling of malformed archives. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or...

...lnerabilities are due to buffer overflow conditions and improper sanitization of input passed to CSuserCGI.exe. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to ex...

...ability is due to improper handling of the "Console" property in the RealPlayer ActiveX control (rmoc3260.dll). Exploitation of this vulnerability may allow a remote, unauthenticated attacker to ...

<< Start < Prev 1 Next > End >>