The Oracle Database Server provides the DBMS_REPCAT_UNTRUSTED package that can be used to administer a replicated environment. This package contains the procedure UNREGISTER_SNAPSHOT which is vulnerable to buffer overflow attacks.
a392fdb02aae2a3ce368ffd2dc987213ab8b22238449f0692db6ce0aa9ca1ba8The Oracle Database Server provides the MDSYS.MD package that is used in the Oracle Spatial component. These packages contain many public procedures that are vulnerable to buffer overflow and denial of service attacks.
61e73af128a5adcf9fa0b5295b8716fca90befba1286b6fa42341d2a70ec58b8The Oracle Database Server provides the DBMS_LOGMNR package that contains procedures used to initialize the LogMiner tool. This package contains the procedure ADD_LOGFILE which is vulnerable to buffer overflow attacks.
94c3b5b7a2b9a89fd3b80c6f253c713c91bb7c62b8c29d45d798dae9fb409f0bThe Oracle Database Server provides the DBMS_DRS package that includes procedures used in Oracle Data Guard. This package contains the function GET_PROPERTY which is vulnerable to buffer overflow attacks.
338ef26acb4cd543f77b5f823a224c7aa43741f80ad756df9f64c043b8b61066The Telligent Community Server versions 2.1 and below suffer from a remote denial of service condition.
30756b0ff294be7893973f5180bd331f38fea4cfb494c0b915bd65b133f4e937WordPress suffers from a resource consumption issue.
8d8ca3188d446157a931ac44281f6d0146fe368d015478fb80cc7d01e81a4397The pingback specification suffers from a weakness.
71050c341fe917226455b3eae8c60ce77efbae50ade987a188bcf110e53e0c17HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.
fb34fe32681e54ea1b2ae027c31fa571dc9e387af2e91bbce978f3e237b581d4A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of Citrix Presentation Server, Metaframe Presentation Server or MetaFrame XP. Authentication is not required to exploit this vulnerability.
afd56ece701613819d3036a1647a06eefabdb65ef4e246ca3dd11d993a844138Gentoo Linux Security Advisory GLSA 200701-21 - The Kerberos administration daemon, and possibly other applications using the GSS-API or RPC libraries, could potentially call a function pointer in a freed heap buffer, or attempt to free an uninitialized pointer. Versions less than 1.5.2 are affected.
42956f68c8513aed3de4b757be6e8b27b40c9a7e9b8c4d57360cb4d883a4bf53Cisco Security Advisory - Cisco routers and switches running Cisco IOS\256 or Cisco IOS XR software may be vulnerable to a remotely exploitable crafted IP option Denial of Service (DoS) attack. Exploitation of the vulnerability may potentially allow for arbitrary code execution. The vulnerability may be exploited after processing an Internet Control Message Protocol (ICMP) packet, Protocol Independent Multicast version 2 (PIMv2) packet, Pragmatic General Multicast (PGM) packet, or URL Rendezvous Directory (URD) packet containing a specific crafted IP option in the packet's IP header. No other IP protocols are affected by this issue.
ce57524847e83d7482bc8e420b9dbb9e787fa20de112c186a3841b558a674089Cisco Security Advisory - Processing a specially crafted IPv6 Type 0 Routing header can crash a device running Cisco IOS software. This vulnerability does not affect IPv6 Type 2 Routing header which is used in mobile IPv6. IPv6 is not enabled by default in Cisco IOS.
696980d0085a820ddb8b1c1413f1abf3258d882ba19edba8b76a1042e118b3bbCisco Security Advisory - The Cisco IOS Transmission Control Protocol (TCP) listener in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable memory leak that may lead to a denial of service condition. This vulnerability only applies to traffic destined to the Cisco IOS device. Traffic transiting the Cisco IOS device will not trigger this vulnerability.
ab4319057c969bd970a1b91975c755186666cbba2631863f0d27222d5be9eff7CA BrightStor ARCserve Backup for Laptops and Desktops contains multiple overflow conditions that can allow a remote attacker to cause a denial of service, or execute arbitrary code with local SYSTEM privileges on Windows.
6e6e8672248a7e1c4d803e9bf66b4054b05795508a899203c5e4ade01aafd269Secunia Research has discovered a vulnerability in Sienzo Digital Music Mentor, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
4a145b830ea50bf86d15f10c5b8c02dcd4cd063d843372d236584a2c2c9882ccSecunia Research has discovered a vulnerability in NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll) when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
361d252a18d1dfb801d29ee39ce252a8f63bbafaf403df2a5e0c96f7d912e12fSUSE Security Announcement - This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. Since SUSE Linux version 10.1 format string bugs are not exploitable anymore.
6b2bdc550586e6a5f63c1230ceb748d9bd167167f804ebd60469a4d9b58e1adcWebsite Baker version 2.6.5 suffers from a SQL injection flaw.
bccba3281ef63a3c7c7d939ddecd7070e841c63eae45a7416420722bcdf47fa2Secunia Security Advisory - Secunia Research has discovered a vulnerability in NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice, which can be exploited by malicious people to compromise a user's system.
a5b9d50edc28b580acef93165a66744916fe7a6f31a5f6c406b3e64f1bbc8f66Secunia Security Advisory - Secunia Research has discovered a vulnerability in Aurora Media Workshop, which can be exploited by malicious people to compromise a user's system.
efd98193c67c7156670f5f854731c07ca7e09096900de77d9723d746dd7e0457Secunia Security Advisory - Secunia Research has discovered a vulnerability in various J. Hepple products, which can be exploited by malicious people to compromise a user's system.
9608ed455b8fa650216146792772624dcaa9db25d1dffba59cf60fea601bb128Secunia Security Advisory - Secunia Research has discovered a vulnerability in iMesh, which can be exploited by malicious people to compromise a user's system.
547af6e111ea97d136ca0c0e7f8e22a9f6dd2c0a459d6cc83284e6efb8478cd4Secunia Security Advisory - Secunia Research has discovered a vulnerability in two Quikscribe products, which can be exploited by malicious people to compromise a user's system.
177c00842c4e8b791e78c5687bbbc76ea2fe5ba9da619f51f6eb4bccb6b28799Secunia Security Advisory - Secunia Research has discovered a vulnerability in various R.M. de Boer Software products, which can be exploited by malicious people to compromise a user's system.
7f104246042fabe9b701c5a83f1068c2f4d022db7e0a292b9c15c39607bc3b6dSecunia Security Advisory - Secunia Research has discovered a vulnerability in CDBurnerXP Pro, which can be exploited by malicious people to compromise a user's system.
4e297601def34d17be01e77bf231b65440b5d328be64de82455f6e7637e54885
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed