[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 7346 Download | Alert*

Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "\\\%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability."

Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "\\\%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability."

Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "\\\%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability."

Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "\\\%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability."

The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.

Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.

The host is installed with Microsoft Publisher 2003 and is prone to negative value allocation vulnerability. A flaw is present in the application, which fails to properly validate an array size while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Publisher 2003 and is prone to corrupt interface pointer vulnerability. A flaw is present in the application, which incorrectly uses a corrupted pointer while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with Microsoft Publisher 2003 and is prone to return value validation vulnerability. A flaw is present in the application, which fails to properly validate a returned value type while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.


Pages:      Start    635    636    637    638    639    640    641    642    643    644    645    646    647    648    ..   734

© SecPod Technologies