[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15028 Download | Alert*

Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.

The host is installed with Apple QuickTime 6.x or 7.x before 7.6.8 and is prone to remote code execution vulnerability. The flaw is present in IPersistPropertyBag2::Read function in QTPlugin.ocx, which fails to properly handle the _Marshaled_pUnk attribute. Successful exploitation allows attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshaling of an untrus ...

The host is installed with .NET Framework 2.0, 3.5, 3.5.1, 4.0 or 4.5 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to check signatures in XML file. Successful exploitation allows attackers to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity.

The host is installed with IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 and is prone to an information disclosure vulnerability. A flaw is present in the web administration tool, which fails to restrict access to certain log files. Successful exploitation could allow an attacker to disclose sensitive information.

The host is installed with Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10 or Symantec System Center (SSC) 10.x or Symantec Quarantine Server 3.5 or 3.6 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to sanitize user supplied input to 38292 port. Successful exploitation could allow an attacker to execute arbitrary code.

The host is installed with Apple Safari before 3.1 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to properly handle crafted certificates. Successful exploitation allows remote attackers to spoof trusted SSL certificates.

The host is installed with Apple Safari before 3.2.2 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to properly handle a 3xx HTTP CONNECT response before a successful SSL handshake. Successful exploitation could allow attackers to execute arbitrary web script.

The host is installed with Progea Movicon 11.2 before Build 1084 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to enforce authentication for critical functions. Successful exploitation could allow attackers to obtain sensitive information, delete files, execute arbitrary programs, or crash the service.

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.


Pages:      Start    1488    1489    1490    1491    1492    1493    1494    1495    1496    1497    1498    1499    1500    1501    ..   1502

© SecPod Technologies