[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15028 Download | Alert*

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scrip ...

The host is installed with Quest Toad for Data Analysts 3.0.1 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to set proper permissions on the %COMMONPROGRAMFILES%\Quest Shared directory. Successful exploitation could allow local users to gain privileges.

The host is installed with Qbik WinGate 6.x through 6.5.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle the HTTP Host header. Successful exploitation could allow remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites.

The host is installed with Microsoft Windows XP or 2K3 and is prone to a BIOS read only memory corruption vulnerability. A flaw is present in the application, which fails to properly implement port-based I/O operations. Successful exploitation could allow attackers to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.

The host is installed with Symantec LiveUpdate Administrator before 2.3.1 and is prone to privilege-escalation vulnerability. A flaw is present in the application, which uses weak permissions for the installation directory. Successful exploitation allows local users to gain privileges via a Trojan horse file.

The host is installed with PrivaWall Antivirus before 5.6 Build 2354 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted file embedded in a WordML document. Successful exploitation could allow attackers to bypass malware detection.

The host is installed with WellinTech KingSCADA 3.0 and is prone to information disclosure vulnerability. A flaw is present in the application, which uses a cleartext base64 format for storage of passwords in user.db. Successful exploitation allows context-dependent attackers to obtain sensitive information by reading this file.

The host is installed with Microsoft SharePoint Foundation 2010 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly validate user input. Successful exploitation allows attackers to read unauthorized content.

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files."


Pages:      Start    1388    1389    1390    1391    1392    1393    1394    1395    1396    1397    1398    1399    1400    1401    ..   1502

© SecPod Technologies