|
45029
|
Blogs: 20
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Comments: 0, Blogs: 20, References: 16
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
| | | | | | |
|
OpenSSL on Debian/Ubuntu Linux Predictable Random Number Generator (RNG) Cryptographic Key Generation Weakness
|
|
43980
|
Blogs: 14
Description:
A buffer overflow exists in Safari. The WebKit component fails to validate JavaScript regular expressions resulting in a heap overflow. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
Comments: 0, Blogs: 14, References: 15
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
- Remote/Network Access Required
- Local Access Required
| | | | - Exploit Rumored / Private
| | - Context Dependent
- Web Related
|
|
Apple Safari WebKit (JavaScriptCore/pcre/pcre_compile.cpp) PCRE Nested Repetition Count Overflow
|
|
44623
|
Blogs: 13
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Comments: 0, Blogs: 13, References: 6
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
- Remote/Network Access Required
| | | | | | |
|
WordPress Unspecified XSS
|
|
45031
|
Blogs: 13
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Comments: 0, Blogs: 13, References: 7
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
| | | | | | |
|
Microsoft Office RTF File Handling Object Parsing Arbitrary Code Execution
|
|
44880
|
Blogs: 13
Description:
(Description Provided by CVE) : Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file. NOTE: this might be the same issue as CVE-2005-0944.
Comments: 0, Blogs: 13, References: 12
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
| | | | | | |
|
Microsoft Windows msjet40.dll MDB File Handling Overflow
|
|
43870
|
Blogs: 11
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.
Comments: 0, Blogs: 13, References: 50
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
| | | | | | |
|
Mozilla Multiple Products JSOP_NEG js_NewNumberValue SAVE_SP_AND_PC Unspecified DoS
|
|
44205
|
Blogs: 11
Description:
A memory corruption flaw exists in Internet Explorer. The program fails to validate data streams resulting in a use-after-free condition. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
Comments: 0, Blogs: 15, References: 8
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
- Remote/Network Access Required
- Local Access Required
| | | | | - Vendor Verified
- Coordinated Disclosure
| |
|
Microsoft IE Data Stream Handling Memory Corruption
|
|
44213
|
Blogs: 11
Description:
A heap overflow overflow exists in Windows. gdi32.dll fails to validate EMF files resulting in a heap overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
Comments: 0, Blogs: 36, References: 15
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
- Remote/Network Access Required
- Local Access Required
| | | | | | |
|
Microsoft Windows GDI (gdi32.dll) EMF File Handling Multiple Overflows
|
|
44652
|
Blogs: 9
Description:
(Description Provided by CVE) : Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.
Comments: 0, Blogs: 9, References: 5
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
- Remote/Network Access Required
| | | | | | |
|
Microsoft HeartbeatCtl HRTBEAT.OCX ActiveX Unspecified Method Host Argument Overflow
|
|
44364
|
Blogs: 8
Description:
(Description Provided by CVE) : libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
Comments: 0, Blogs: 8, References: 24
Vulnerability Classification
| Location | Attack Type | Impact | Solution | Exploit | Disclosure | OSVDB |
|---|
| | | | | | |
|
libpng Zero-length Unknown Chunk Processing Uninitialized Memory Access
|