[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252588

 
 

909

 
 

196930

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31447 Download | Alert*

Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."

Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.

The host is installed with IBM Tivoli Endpoint Manager (TEM) 8.0 before 8.2.1372 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to properly sanitize user-supplied input. Successful exploitation allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

The host is installed with Microsoft Infopath 2010, SharePoint Server 2010, SharePoint Foundation 2010, Office Web Apps 2010 or Groove Server 2010 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which is caused by the way that HTML strings are sanitized. Successful exploitation allows attackers to perform cross-site scripting attacks on affected systems ...

The host is installed with AWStats and is prone to remote command execution vulnerability. A flaw is present in the application, which fails to properly handle "\\" when specifying a configuration file directory. Successful exploitation could allow an attacker to specify an arbitrary configuration file located on an SMB share.

The host is installed with AWStats and is prone to remote command execution vulnerability. A flaw is present in the application, which fails to avoid accepting a configdir parameter in the URL. Successful exploitation could allow remote attackers to execute arbitrary commands.

The host is installed with Symantec IM Manager and is prone to code injection vulnerability. A flaw is present in administrative interface which fails to properly validate user input. Successful exploitation could allow remote attacker to potentially run arbitrary code leading to possible compromise of the Symantec IM Manager application.

The host is installed with Microsoft Publisher 2003 and is prone to incorrect NULL value handling vulnerability. A flaw is present in the application, which fails to properly handle NULL values while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.

The host is installed with IBM Rational ClearQuest 7.1.x before 7.1.2.10 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted URL. Successful exploitation allows remote attackers to inject arbitrary web script or HTML.

The host is installed with Splunk 4.3.0 through 4.3.5 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle maliciously crafted link. Successful exploitation allows attackers to inject arbitrary web script or HTML via unspecified vectors.


Pages:      Start    3080    3081    3082    3083    3084    3085    3086    3087    3088    3089    3090    3091    3092    3093    ..   3144

© SecPod Technologies