[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 10687 Download | Alert*

The host is installed with Novell File Reporter 1.0.4.2 or earlier and is prone to arbitrary files deletion vulnerability. A flaw is present in the application which is caused due to an error in the NFR Agent (NFRAgent.exe) when handling "OPERATION " and "CMD" commands in the "SRS" tag. Successful exploitation allows remote attacker to delete arbitrary files.

The host is installed with Novell File Reporter before 1.0.2.53 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application when parsing tags inside the <RECORD> element, the application lacks a size check before pushing strings to a memory. Successful exploitation allows remote attacker to execute arbitrary code on the target system.

The host is installed with Novell File Reporter 1.0.2 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to handle requests on "/FSF/CMD" for records with NAME "FSFUI" and UICMD "130". Successful exploitation allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.

The host is installed with Novell File Reporter 1.0.2 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to handle requests on "/FSF/CMD" for records with NAME "FSFUI" and UICMD "126". Successful exploitation allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.

The host is installed with Novell File Reporter 1.0.2 and is prone to absolute path traversal vulnerability. A flaw is present in the application, which fails to handle requests on "/FSF/CMD" for records with NAME "SRS", OPERATION "4" and CMD "103". Successful exploitation allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record ...

The host is installed with Novell File Reporter 1.0.2 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to generate a response in a secure way when handling requests of name "SRS". Successful exploitation allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.

The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.

Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.


Pages:      Start    1049    1050    1051    1052    1053    1054    1055    1056    1057    1058    1059    1060    1061    1062    ..   1068

© 2013 SecPod Technologies