[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250053

 
 

909

 
 

195940

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 14298 Download | Alert*

The host is installed with Qbik WinGate 6.x through 6.5.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle the HTTP Host header. Successful exploitation could allow remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites.

The host is installed with Microsoft Windows XP or 2K3 and is prone to a BIOS read only memory corruption vulnerability. A flaw is present in the application, which fails to properly implement port-based I/O operations. Successful exploitation could allow attackers to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.

The host is installed with Symantec LiveUpdate Administrator before 2.3.1 and is prone to privilege-escalation vulnerability. A flaw is present in the application, which uses weak permissions for the installation directory. Successful exploitation allows local users to gain privileges via a Trojan horse file.

The host is installed with PrivaWall Antivirus before 5.6 Build 2354 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted file embedded in a WordML document. Successful exploitation could allow attackers to bypass malware detection.

The host is installed with WellinTech KingSCADA 3.0 and is prone to information disclosure vulnerability. A flaw is present in the application, which uses a cleartext base64 format for storage of passwords in user.db. Successful exploitation allows context-dependent attackers to obtain sensitive information by reading this file.

Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files."

The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box.

The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box.

Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache service ...

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."


Pages:      Start    1311    1312    1313    1314    1315    1316    1317    1318    1319    1320    1321    1322    1323    1324    ..   1429

© SecPod Technologies