The host is installed with Apache Tomcat 5.5.0 through 5.5.28 or 6.0.0 through 6.0.20 and is prone to security bypass vulnerability. A flaw is present in the application, which fails handle HTTP requests. Successful exploitation allows remote attackers to bypass intended authentication requirements.
The host is installed with Apache Tomcat 5.5.0 through 5.5.28 or 6.0.0 through 6.0.20 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails handle a directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. Successful exploitation allows remote attackers to delete work-directory files.
The host is installed with OpenOffice.org before 3.2 and is prone to integer overflow vulnerability. A flaw is present in XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx, which fails to properly handle a crafted XPM file. Successful exploitation allows remote attackers to execute arbitrary code.
The host is installed with OpenOffice.org before 3.2 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx, which fails to properly handle a crafted GIF file. Successful exploitation allows remote attackers to execute arbitrary code.
The host is installed with OpenOffice.org before 3.2 and is prone to integer underflow vulnerability. A flaw is present in filter/ww8/ww8par2.cxx, which fails to properly handle a crafted sprmTDefTable table property modifier in a Word document. Successful exploitation allows remote attackers to execute arbitrary code.
The host is installed with OpenOffice.org before 3.2 and is prone to boundary error vulnerability. A flaw is present in filter/ww8/ww8par2.cxx, which fails to properly handle a crafted sprmTDefTable table property modifier in a Word document. Successful exploitation allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in Cryptographic Message Syntax (CMS) implementation, which does not properly handle structures that contain OriginatorInfo. Successful exploitation allow remote attackers to bypass security restrictions.
The host is installed with OpenSSL and is prone to denial of service vulnerability. A flaw is present in ssl3_get_record function, which fails to handle malformed records in a TLS connections causing a NULL pointer dereference. Successful exploitation allow remote attackers to cause denial of service.
The host is installed with Subversion 1.2.0 before 1.6.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a request that contains a lock token. Successful exploitation could allow attackers to crash the service.
The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in EVP_PKEY_verify_recover function, which returns uninitialized buffer instead of an error code when the verification recovery process fails. Successful exploitation allow remote attackers to bypass intended RSA key validation and obtain sensitive information.