The host is installed with Serv-U FTP Server before 11.1.0.5 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to properly validate the given input. Successful exploitation allows remote attackers to disclose potentially sensitive information and manipulate certain data.
The host is installed with zFTPServer Suite 6.0.0.52 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle a a crafted RMD (aka rmdir) command. Successful exploitation could allow attackers to to delete arbitrary directories.
The host is installed with the VMware Workstation 11.x before 11.1.2 or VMware Player 7.x before 7.1.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption).
The host is installed with VMware Workstation 5.5.4, 6.0.2, VMware Player 1.0.4 or 2.0.2 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle a crafted VMCI calls that trigger memory. Successful exploitation allows attackers to allows guest OS users to read and write arbitrary files on the host OS string that produces a wide character str ...
The host is installed with VMware Workstation 10.x before 10.0.7, 11.x before 11.1.1, VMware Player 6.x before 6.0.7 or 7.x before 7.1.1 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails handle a thread injection, Successful exploitation allows host OS users to gain host OS privileges.
The host is installed with Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 and is prone to absolute path traversal vulnerability. A flaw is present in the application, which fails to properly handle ActiveX control in almaxcx.dll in the graphical user interface. Successful exploitation allows remote attackers to overwrite arbitrary files via the Save method.
The host is installed with WellinTech KingView 6.53 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to properly handle a crafted HTTP request. Successful exploitation allows remote attackers to read arbitrary files.
The host is installed with Winlog Lite SCADA or WinLog Pro SCADA before 2.07.17 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a packet specifying a file-open operation with a crafted opcode. Successful exploitation could allow attackers to read arbitrary files.
Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.
The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability."