| | CVE # | CVE Description | SAINT®® Tutorial | SAINT®® Vuln. ID | SANS Top 20 |
 | CVE | Apache Tomcat through processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception. | MacOSX vulnerabilities
Apache Tomcat vulnerabilities
| misc_macosx_version
web_dev_tomcatver | |
| CVE | mod_proxy_ftp in Apache x before dev, x before dev, and x before dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. | MacOSX vulnerabilities
Apache vulnerabilities
| misc_macosx_version
web_server_apache_version | |
| CVE | Buffer overflow in (1) www.cronistalascolonias.com.ar Xserver before , and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table. | MacOSX vulnerabilities
X11 vulnerabilities
| misc_macosx_version
misc_x11 | |
| CVE | Microsoft DirectX through c, and DirectX on Microsoft XP SP2 and SP3, Server SP1 and SP2, Vista Gold and SP1, and Server , does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability." | Windows updates needed
| win_patch_directxrce | |
| CVE | Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in www.cronistalascolonias.com.ar in DirectShow, in Microsoft Windows SP4, XP SP2 and SP3, Server SP2, Vista Gold, SP1, and SP2, and Server Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July , aka "Microsoft Video ActiveX Control Vulnerability." | Windows updates needed
Microsoft outlook vulnerabilities
| win_patch_atl
win_patch_dhtmlatl
win_patch_msoutlook
win_patch_videoax
win_patch_wmpatl | |
| CVE | Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before and SeaMonkey before allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link. | Mozilla vulnerabilities
| web_client_firefox
web_client_seamonkey | |
| CVE | The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before , Firefox 2.x before , and SeaMonkey 1.x before does not check for an allocation failure, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP index response with a crafted header, which triggers memory corruption and a buffer overflow. | Mozilla vulnerabilities
| web_client_firefox
web_client_seamonkey | |
| CVE | Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in www.cronistalascolonias.com.ar in DirectShow, in Microsoft Windows SP4, XP SP2 and SP3, Server SP2, Vista Gold, SP1, and SP2, and Server Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE | Windows updates needed
Microsoft outlook vulnerabilities
| win_patch_atl
win_patch_dhtmlatl
win_patch_msoutlook
win_patch_wmpatl | |
| CVE | This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. | Visual Studio vulnerabilities
| misc_vstudiovbaxbo | |
| CVE | Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (www.cronistalascolonias.com.ar) in Cisco Unified Communications Manager (CUCM) before (3)SR3 and before (1)SR1, and CallManager and before (3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request. | Cisco voice products
| net_cisco_ctlprovider | |
| CVE | Unspecified vulnerability in Apple QuickTime before allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption. | QuickTime vulnerabilities
| misc_quicktime | |
| CVE | Apple QuickTime before allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption. | QuickTime vulnerabilities
| misc_quicktime | |
| CVE | Unspecified vulnerability in Apple QuickTime before allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption. | QuickTime vulnerabilities
| misc_quicktime | |
| CVE | Unspecified vulnerability in Foundation, as used in Apple iPhone through , iPod touch through , and Mac OS X through , allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted URL that triggers memory corruption in Safari. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Buffer overflow in Apple QuickTime before allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which triggers the overflow during decoding. | QuickTime vulnerabilities
| misc_quicktime | |
| CVE | X11 in Apple Mac OS X through does not properly handle when the "Allow connections from network client" preference is disabled, which allows remote attackers to bypass intended access restrictions and connect to the X server. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Launch Services in Apple Mac OS X through allows an uninstalled application to be launched if it is in a Time Machine backup, which might allow local users to bypass intended security restrictions or exploit vulnerabilities in the application. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Unspecified vulnerability in Mail in Apple Mac OS X allows remote attackers to execute arbitrary commands via a crafted file:// URL. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Unspecified vulnerability in NFS in Apple Mac OS X through allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to mbuf chains that trigger memory corruption. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Parental Controls in Apple Mac OS X through contacts www.cronistalascolonias.com.ar "when a website is unblocked," which allows remote attackers to determine when a system is running Parental Controls. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Argument injection vulnerability in www.cronistalascolonias.com.ar in Terminal in Apple Mac OS X and through allows remote attackers to execute arbitrary code via unspecified URL schemes. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Format string vulnerability in Apple iPhoto before allows remote attackers to execute arbitrary code via photocast subscriptions. | MacOSX vulnerabilities
| misc_macosx_app_iphoto | |
| CVE | Multiple buffer overflows in AFP Client in Apple Mac OS X and allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Unspecified vulnerability in AFP Server in Apple Mac OS X allows remote attackers to bypass cross-realm authentication via unknown manipulations of Kerberos principal realm names. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | The Application Firewall in Apple Mac OS X has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Heap-based buffer overflow in the cgiCompileSearch function in CUPS , and other versions including the version bundled with Apple Mac OS X , when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | MacOSX vulnerabilities
CUPS vulnerabilities
| misc_macosx_version
printer_cupsversion | |
| CVE | Stack-based buffer overflow in AppKit in Apple Mac OS X allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | AppKit in Apple Mac OS X inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | CFNetwork in Apple Mac OS X allows remote HTTPS proxy servers to spoof secure websites via data in a Bad Gateway error. | MacOSX vulnerabilities
Safari vulnerabilities
| misc_macosx_version
web_client_safari | |
| CVE | Integer overflow in CoreFoundation in Apple Mac OS X might allow local users to execute arbitrary code via crafted time zone data. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | CoreServices in Apple Mac OS X treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | MacOSX vulnerabilities
CUPS vulnerabilities
| misc_macosx_version
printer_cupsversion | |
| CVE | Foundation in Apple Mac OS X might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Foundation in Apple Mac OS X creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Stack-based buffer overflow in Foundation in Apple Mac OS X allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X allows remote attackers to execute arbitrary code via a crafted serialized property list. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Race condition in NSXML in Foundation for Apple Mac OS X allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic." | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Help Viewer in Apple Mac OS X and allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free. | Kerberos detected
MacOSX vulnerabilities
| misc_kerberospkg
misc_macosx_version | |
| CVE | The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." | Kerberos detected
MacOSX vulnerabilities
| misc_kerberospkg
misc_macosx_version | |
| CVE | Multiple stack-based buffer overflows in in_www.cronistalascolonias.com.ar in Winamp , , and allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles. | Winamp vulnerabilities
| misc_winamp | |
| CVE | Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) , , and allow remote attackers to execute arbitrary code via (1) long string parameters to the www.cronistalascolonias.com.ar CGI program; (2) a long string parameter to the www.cronistalascolonias.com.ar CGI program, related to www.cronistalascolonias.com.ar; or a long string parameter to the (3) www.cronistalascolonias.com.ar, (4) www.cronistalascolonias.com.ar, or (5) www.cronistalascolonias.com.ar CGI program. | HP Openview vulnerabilities
| net_ovtoolbar | |
| CVE | Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field. | GNOME Evolution vulnerabilities
| mail_client_evolution | |
| CVE | Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. | VLC vulnerabilities
| misc_vlc | |
| CVE | Unspecified vulnerability in Microsoft Internet Information Services (IIS) through allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders. | IIS vulnerabilities
| win_patch_iisservices | |
| CVE | Unspecified vulnerability in Microsoft Internet Information Services (IIS) through allows remote attackers to execute arbitrary code via crafted inputs to ASP pages. | http IIS access
| web_server_iis_asp | |
| CVE | Unspecified vulnerability in Microsoft Internet Explorer , 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." | Internet Explorer vulnerabilities
| win_patch_ie_v5
win_patch_ie_v6
win_patch_ie_v7 | |
| CVE | Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability." | Internet Explorer vulnerabilities
| win_patch_ie_v6
win_patch_ie_v7 | |
| CVE | Unspecified vulnerability in an ActiveX control (www.cronistalascolonias.com.ar) in Microsoft Internet Explorer , 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability." | Internet Explorer vulnerabilities
| win_patch_ie_v5
win_patch_ie_v6
win_patch_ie_v7 | |
| CVE | Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. | Windows updates needed
| win_patch_webdavmr | |
| CVE | Unspecified vulnerability in Microsoft Excel SP3 through SP2, Viewer , and Office for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE | Microsoft Office vulnerabilities
| win_patch_excel
win_patch_excel
win_patch_excelview
win_patch_excelxp
win_patch_officemacver | |
| CVE | An ActiveX control (www.cronistalascolonias.com.armation.1) in Windows Messenger and is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors. | Windows updates needed
| win_patch_msguiauto | |
| CVE | The (1) VBScript (www.cronistalascolonias.com.ar) and (2) JScript (www.cronistalascolonias.com.ar) scripting engines and , as used in Microsoft Windows SP4, XP SP2, and Server SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors. | Internet Explorer vulnerabilities
| win_patch_scriptdecode | |
| CVE | Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet. | Windows updates needed
| win_patch_vistadhcp | |
| CVE | SQL Server SP4, SP4, SP1 and SP2, Desktop Engine (MSDE ) SP4, Express Edition SP1 and SP2, and Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse. | Microsoft SQL Server
| database_mssql_mssql | |
| CVE | Buffer overflow in the convert function in Microsoft SQL Server SP4, Desktop Engine (MSDE ) SP4, and Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. | Microsoft SQL Server
| database_mssql_mssql | |
| CVE | The DNS client in Microsoft Windows SP4, XP SP2, Server SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses. | Windows updates needed
| win_patch_dnsspoof | |
| CVE | Unspecified vulnerability in Active Directory on Microsoft Windows and Windows Server , and Active Directory Application Mode (ADAM) on XP and Server , allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request. | Active Directory vulnerability
| win_patch_activedirdos2
win_patch_adamdos | |
| CVE | The SIP channel driver in Asterisk Open Source x before , Business Edition before Cbeta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk revision , and Appliance si x before allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference. | Asterisk vulnerabilities
| net_asterisk | |
| CVE | Unspecified vulnerability in Microsoft Office Publisher , , and SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability." | Microsoft Office vulnerabilities
| win_patch_officepubver | |
| CVE | Unspecified vulnerability in Microsoft Office SP3, Office XP SP3, Office SP2, and Office for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling error," aka "Microsoft Office Execution Jump Vulnerability." | Microsoft VBA vulnerabilities
| win_patch_vbaofficeace | |
| CVE | Unspecified vulnerability in Microsoft Office Publisher , , and SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability." | Microsoft Office vulnerabilities
| win_patch_officepubver | |
| CVE | Microsoft Works 6 File Converter, as used in Office SP2 and SP3, Works , and Works Suite , allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." | Microsoft Works vulnerabilities
| win_patch_worksconverterace | |
| CVE | Buffer overflow in Microsoft SQL Server SP1 and SP2, and Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. | Microsoft SQL Server
| database_mssql_mssql | |
| CVE | Integer underflow in SQL Server SP4, SP4, SP1 and SP2, Desktop Engine (MSDE ) SP4, Express Edition SP1 and SP2, and Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability." | Microsoft SQL Server
| database_mssql_mssql | |
| CVE | Stack-based buffer overflow in wkcvqddll in Microsoft Works 6 File Converter, as used in Office SP2 and SP3, Works , and Works Suite , allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | Microsoft Works vulnerabilities
| win_patch_worksconverterace | |
| CVE | Word in Microsoft Office SP3, XP SP3, Office SP2, and Office Word Viewer allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption. | Microsoft Office vulnerabilities
| win_patch_word
win_patch_word
win_patch_wordview | |
| CVE | Unspecified vulnerability in Microsoft Outlook in Office SP3, XP SP3, SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI. | Outlook and Outlook Express
| mail_client_outlook
mail_client_outlook
mail_client_outlook
mail_client_outlook | |
| CVE | Unspecified vulnerability in Microsoft Excel SP3 through , Viewer , Compatibility Pack, and Office for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability." | Microsoft Office vulnerabilities
| win_patch_excel
win_patch_excel
win_patch_excel
win_patch_excelcpack
win_patch_excelview
win_patch_excelxp
win_patch_officemacver | |
| CVE | Unspecified vulnerability in Microsoft Excel SP3, and Office for Mac and allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability." | Microsoft Office vulnerabilities
| win_patch_excel
win_patch_officemacver
win_patch_officemacver | |
| CVE | Unspecified vulnerability in Microsoft Office Excel Viewer up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability." | Microsoft Office vulnerabilities
| win_patch_office
win_patch_office
win_patch_office
win_patch_officemacver | |
| CVE | Unspecified vulnerability in Microsoft Excel SP3 through SP2, Viewer , and Office for Mac allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption. | Microsoft Office vulnerabilities
| win_patch_excel
win_patch_excel
win_patch_excelview
win_patch_excelxp
win_patch_officemacver | |
| CVE | Unspecified vulnerability in Microsoft Excel SP3 through , Viewer , Compatibility Pack, and Office for Mac allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability." | Microsoft Office vulnerabilities
| win_patch_excel
win_patch_excel
win_patch_excel
win_patch_excelcpack
win_patch_excelview
win_patch_excelxp
win_patch_officemacver | |
| CVE | Microsoft Excel SP3 through SP2, Viewer , Compatibility Pack, and Office and for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability." | Microsoft Office vulnerabilities
| win_patch_excel
win_patch_excel
win_patch_excelcpack
win_patch_excelview
win_patch_excelxp
win_patch_officemacver
win_patch_officemacver | |
| CVE | Unspecified vulnerability in Microsoft Excel SP3 and SP2, and Office and for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability." | Microsoft Office vulnerabilities
| win_patch_excel
win_patch_excelxp
win_patch_officemacver
win_patch_officemacver | |
| CVE | Unspecified vulnerability in Microsoft Office SP3, XP SP3, SP2, Excel Viewer up to SP3, and Office for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Office Memory Corruption Vulnerability." | Microsoft Office vulnerabilities
| win_patch_office
win_patch_office
win_patch_office
win_patch_officemacver | |
| CVE | Unspecified vulnerability in Microsoft Publisher in Office and XP SP3, SP2 and SP3, and SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability." | Microsoft Office vulnerabilities
| win_patch_officepubver | |
| CVE | Integer overflow in Microsoft PowerPoint Viewer allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocation Vulnerability." | Microsoft Office vulnerabilities
| win_patch_pptview | |
| CVE | A "memory calculation error" in Microsoft PowerPoint Viewer allows remote attackers to execute arbitrary code via a PowerPoint file with an invalid picture index that triggers memory corruption, aka "Memory Calculation Vulnerability." | Microsoft Office vulnerabilities
| win_patch_pptview | |
| CVE | Off-by-one error in the inet_network function in libbind in ISC BIND and earlier, as used in libc in FreeBSD through PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption. | DNS vulnerabilities
| dns_bindver | |
| CVE | Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the "Real name" field in Personal Settings, which is presented to readers of articles; or (2) a file upload, as demonstrated by a .htm, .html, or .js file. | Serendipity vulnerabilities
| web_prog_php_serendipity | |
| CVE | The administration interface in McAfee E-Business Server and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet. | McAfee eBusiness Server
| misc_mcebus | |
| CVE | The SingleSignOn Valve (www.cronistalascolonias.com.arSignOn) in Apache Tomcat before does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | Apache Tomcat vulnerabilities
| web_dev_tomcatver | |
| CVE | OpenSSL c-1 up to versions before g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys. | OpenSSL vulnerabilities
| misc_openssl | |
| CVE | The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header. | MacOSX vulnerabilities
| misc_macosx_version | |
| CVE | Cross-site scripting (XSS) vulnerability in www.cronistalascolonias.com.ar in WordPress and earlier, and possibly x through x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a www.cronistalascolonias.com.ar action to wp-admin/www.cronistalascolonias.com.ar | WordPress vulnerabilities
| web_prog_php_wordpress | |
| CVE | Directory traversal vulnerability in www.cronistalascolonias.com.ar in WordPress and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a www.cronistalascolonias.com.ar action to wp-admin/www.cronistalascolonias.com.ar NOTE: this might be the same as CVE | WordPress vulnerabilities
| web_prog_php_wordpress | |
| CVE | Cross-site scripting (XSS) vulnerability in admin/www.cronistalascolonias.com.ar in Merak IceWarp Mail Server allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | IceWarp vulnerabilities
| mail_web_icewarp | |
| CVE | Directory traversal vulnerability in the www.cronistalascolonias.com.arnchCtl.1 (aka CWebLaunchCtl) ActiveX control in www.cronistalascolonias.com.ar in Gateway Weblaunch allows remote attackers to execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. | Gateway Web Launch vulnerabilities
| misc_weblaunchax | |
| CVE | Buffer overflow in JustSystems www.cronistalascolonias.com.ar, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file. | Ichitaro vulnerabilities
| misc_ichitaro_ver | |
| CVE | Multiple buffer overflows in yaSSL and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in www.cronistalascolonias.com.ar or (2) "input_buffer& operator>>" in yassl_www.cronistalascolonias.com.ar | MySQL vulnerabilities
MacOSX vulnerabilities
| database_mysql_ssl
misc_macosx_version | |
| CVE | yaSSL and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in www.cronistalascolonias.com.ar | MySQL vulnerabilities
MacOSX vulnerabilities
| database_mysql_ssl
misc_macosx_version | |
| CVE | Buffer overflow in Apple Quicktime Player and other versions before , when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a error message. | QuickTime vulnerabilities
| misc_quicktime | |
| CVE | An ActiveX control for Microsoft Visual FoxPro (www.cronistalascolonias.com.ar ) allows remote attackers to execute arbitrary commands by invoking the DoCmd method. | Visual Studio vulnerabilities
| misc_vfoxproax | |
| CVE | The Microsoft Rich Textbox ActiveX Control (RICHTXOCX) allows remote attackers to execute arbitrary commands by invoking the insecure SaveFile method. | Visual Studio vulnerabilities
| misc_rtcax | |
| CVE | SAP MaxDB build and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes www.cronistalascolonias.com.ar | SAP Database vulnerabilities
| database_sap_maxdbcons | |
| CVE | Heap-based buffer overflow in the Express Backup Server service (www.cronistalascolonias.com.ar) in IBM Tivoli Storage Manager (TSM) Express before allows remote attackers to execute arbitrary code via a packet with a large length value. | Tivoli Storage Manager
| misc_tivoliexp | |
| CVE | Unrestricted file upload vulnerability in PhotoPost vBGallery before allows remote attackers to upload and execute arbitrary files via unknown vectors. | PhotoPost vBGallery vulnerabilities
| web_prog_php_photopostvbgallery | |
| CVE | Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal x before and 5.x before allows remote attackers to delete items from a feed as privileged users. | Drupal vulnerabilities
| web_cms_drupal | |
| CVE | Interpretation conflict in Drupal x before and 5.x before , when Internet Explorer 6 is used, allows remote attackers to conduct cross-site scripting (XSS) attacks via invalid UTF-8 byte sequences, which are not processed as UTF-8 by Drupal's HTML filtering, but are processed as UTF-8 by Internet Explorer, effectively removing characters from the document and defeating the HTML protection mechanism. | Drupal vulnerabilities
| web_cms_drupal | |
| CVE | Cross-site scripting (XSS) vulnerability in Drupal x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML via crafted links involving theme www.cronistalascolonias.com.ar files. | Drupal vulnerabilities
| web_cms_drupal | |
| CVE | PHP remote file inclusion vulnerability in view_www.cronistalascolonias.com.ar in Member Area System (MAS) and possibly others allows remote attackers to execute arbitrary PHP code via a URL in the i parameter. NOTE: a second vector might exist via the l parameter. NOTE: as of , the vendor has disputed the set of affected versions, stating that the issue "is already fixed, for almost a year." | PHP injection
| web_prog_php_masviewfunc | |
| CVE | Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data. | VLC vulnerabilities
| misc_vlc | |
| CVE | Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string. | VLC vulnerabilities
| misc_vlc | |
| CVE | Heap-based buffer overflow in Mozilla Thunderbird before and SeaMonkey before might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview. | Mozilla Thunderbird vulnerabilities
Mozilla vulnerabilities
| mail_client_thunderbird
web_client_seamonkey | |
| CVE | sdbstarter in SAP MaxDB , and possibly other versions, allows local users to execute arbitrary commands by using unspecified environment variables to modify configuration settings. | SAP Database vulnerabilities
| database_sap_maxdbver | |
| CVE | Integer signedness error in vserver in SAP MaxDB , and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption. | SAP Database vulnerabilities
| database_sap_maxdbver | |
| CVE | Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine and other versions before , allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (/tcp). | Symantec vulnerabilities
| misc_av_symantec_antivirusscanenginever
misc_av_symantec_scanenginever
misc_av_symantec_symscanver | |
| CVE | Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine and other versions before , allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (/tcp). | Symantec vulnerabilities
| misc_av_symantec_antivirusscanenginever
misc_av_symantec_scanenginever | |
| CVE | Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) in Borland CaliberRM allows remote attackers to execute arbitrary code via a large HTTP request. | Borland StarTeam vulnerabilities
| web_tool_starteam_multihttpbo | |
| CVE | Stack-based buffer overflow in the AutoFix Support Tool ActiveX control in www.cronistalascolonias.com.ar in multiple Symantec Norton products, including Norton , AntiVirus through , Internet Security through , and System Works through , allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information. | Symantec vulnerabilities
| misc_av_symantec_autofixax | |
| CVE | The www.cronistalascolonias.com.arProcess method in the www.cronistalascolonias.com.arDataInfo.1 ActiveX control in www.cronistalascolonias.com.ar in multiple Symantec Norton products including Norton , AntiVirus through , Internet Security through , and System Works through , does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share. | Symantec vulnerabilities
| misc_av_symantec_autofixax | |
| CVE | Heap-based buffer overflow in spin.c in libclamav in ClamAV allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value. | ClamAV vulnerabilities
| misc_av_clam | |
| CVE | Integer overflow in the cli_scanpe function in libclamav in ClamAV before , as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow. | ClamAV vulnerabilities
MacOSX vulnerabilities
| misc_av_clam
misc_av_clamwinupx
misc_macosx_version | |
| CVE | Heap-based buffer overflow in the OLE importer in www.cronistalascolonias.com.ar before allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream. | OpenOffice vulnerabilities
| misc_openoffice | |
| CVE | Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI. | http server read access
| web_server_read | |
| CVE | Unspecified vulnerability in the XML DB component in Oracle Database , DV, , and has unknown impact and remote attack vectors, aka DB | Oracle Database vulnerabilities
| database_oracle_version | |
| CVE | Multiple unspecified vulnerabilities in Oracle Database FIPS+, , DV, , and have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04). | Oracle Database vulnerabilities
| database_oracle_version | |
| CVE |
-
-