Смотрите также связанные темы
23.10.2018 CVE-2008-4728
Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.
12.01.2018 CVE-2008-5897
CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFreeWallpaper.mdb. NOTE: some of these details are obtained from third party information.
21.01.2018 CVE-2008-5925
ASP-DEv XM Events Diary stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for diary.mdb.
09.04.2018 Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA AdaptiveSecurity Appliance and Cisco PIX Security AppliancesAdvisory ID: cisco-sa-20090408-asahttp://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtmlRevision 1.0For Public Release 2009 April 08 1600 UTC (GMT)Summary=======Multiple vulnerabilities exist in the Cisco ASA 5500 Series AdaptiveSecurity Appliances and Cisco PIX Security Appliances. This securityadvisory outlines the details of these vulnerabilities: * VPN Authentication Bypass when Account Override F...
28.04.2018 HPSBMA02424 SSRT080125 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1SUPPORT COMMUNICATION - SECURITY BULLETINDocument ID: c01723303Version: 1HPSBMA02424 SSRT080125 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary CodeNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.Release Date: 2009-04-27Last Updated: 2009-04-27Potential Security Impact: Remote execution of arbitrary codeSource: Hewlett-Packard Company, HP Software Security Response TeamVULNERABILITY SUMMARYA potential vulnerability has been identified with HP OpenView Network Node Man...
22.06.2018 CVE-2009-2169
Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.
18.08.2018 CVE-2008-3704
Stack-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0 allows remote attackers to execute arbitrary code via a long Mask parameter, as exploited in the wild in August 2008. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
14.08.2018 CVE-2008-3699
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
14.08.2018 CVE-2008-3683
Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors.
15.08.2018 Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
An ActiveX control (atucfobj.dll) that is used by the Cisco WebEx Meeting Manager contains a buffer overflow vulnerability that may result in a denial of service or remote code execution.
|
