|Paid content will be excluded from the download.
| Matches : 6919
|The host is installed with Winamp before 5.55 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a large Common Chunk (COMM) header value in an AIFF file and a large invalid value in an MP3 file. Successful exploitation allows attackers to execute arbitrary code.
The host is installed with Opera before 9.62.10467.0 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long file:// URI. NOTE. Successful exploitation allows remote attackers to execute arbitrary code.
Kodak Image Viewer in Microsoft Windows 2000 SP4, and in some cases XP SP2 and Server 2003 SP1 and SP2, allows remote attackers to execute arbitrary code via crafted image files that trigger memory corruption, as demonstrated by a certain .tif (TIFF) file.
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP response.
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.
The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
The host is installed with Adobe Flash Player before 220.127.116.11, 14.x or 15.x before 18.104.22.168 or Adobe AIR before 22.214.171.1243 and is prone to a arbitrary code execution vulnerability. A flaw is present in the applications, which fail to properly handle unspecified vectors. Successful exploitation allows attackers to execute arbitrary code.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   691
© 2013 SecPod Technologies