[CLOSE] OSVDB ID : 50610 - Disclosed: 2008-12-09

Description:

A buffer overflow exists in Internet Explorer. IE fails to validate HTML tags resulting in a stack overflow. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution or denial of service resulting in a loss of integrity, and/or availability.

[CLOSE] OSVDB ID : 50585 - Disclosed: 2008-12-09

Description:

SharePoint and Search Server contain a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a remote attacker is able to bypass authentication for some administrative pages. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 54130 - Disclosed: 2009-04-28

Description:

A memory corruption flaw exists in Adobe and Acrobat Reader. The getAnnots() JavaScript method fails to validate input read from a malformed PDF file resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 42709 - Disclosed: 2008-03-11

Description:

An unspecified memory corruption flaw exists in Office. With a specially crafted Office file, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 52864 - Disclosed: 2009-03-25

Description:

(Description Provided by CVE) : The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.

[CLOSE] OSVDB ID : 55843 - Disclosed: 2009-07-14

Description:

(Description Provided by CVE) : Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table, aka "Embedded OpenType Font Integer Overflow Vulnerability."

[CLOSE] OSVDB ID : 63739 - Disclosed: 2010-04-13

Description:

(Description Provided by CVE) : The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability."

[CLOSE] OSVDB ID : 46786 - Disclosed: 2008-07-09

Description:

Multiple Cisco products contain a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.

[CLOSE] OSVDB ID : 49060 - Disclosed: 2008-10-14

Description:

A buffer overflow exists in Windows. The Message Queuing Service fails to validate RPC calls resulting in a heap buffer overflow. With a specially crafted RPC call, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 67849 - Disclosed: 2010-09-07

Description:

Acrobat and Reader are prone to an overflow condition. The application fails to properly sanitize the "uniqueName" field within the SING table structure of TrueType fonts resulting in a stack buffer overflow. With a specially crafted file, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 42723 - Disclosed: 2008-03-11

Description:

A code execution flaw exists in Excel. The Import function fails to validate SLK files resulting in code execution via an unspecified vector. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 49995 - Disclosed: 2008-11-12

Description:

(Description Provided by CVE) : Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.

[CLOSE] OSVDB ID : 71014 - Disclosed: 2011-03-08

Description:

Microsoft Windows is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a Remote Desktop configuration (.rdp) file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 45032 - Disclosed: 2008-05-13

Description:

(Description Provided by CVE) : Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.

[CLOSE] OSVDB ID : 53665 - Disclosed: 2009-04-14

Description:

(Description Provided by CVE) : Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that contains a malformed object with "an offset and a two-byte value" that trigger a memory calculation error, aka "Memory Corruption Vulnerability."

[CLOSE] OSVDB ID : 44210 - Disclosed: 2008-04-09

Description:

An unspecified code execution flaw exists in Windows. Jscript.dll fails to validate scripts provided by web pages resulting in code execution. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 52988 - Disclosed: 2009-03-19

Description:

(Description Provided by CVE) : icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

[CLOSE] OSVDB ID : 35575 - Disclosed: 2007-05-29

Description:

Quicktime contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by Quicktime for Java, which will allow a maliciously crafted applet to access web browser memory and disclose sensitive information resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 44211 - Disclosed: 2008-04-09

Description:

A code execution flaw exists in Windows. Vbscript.dll fails to validate scripts provided by web pages resulting in unauthorized code execution. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 66993 - Disclosed: 2010-08-10

Description:

Microsoft .NET Framework and Silverlight contain a flaw related to the Common Language Runtime failing to properly handle virtual method delegations and interfaces. This may allow a context-dependent attacker to use a crafted ASP.NET application, XAML browser application or .NET Framework application to execute arbitrary code.

[CLOSE] OSVDB ID : 68024 - Disclosed: 2010-09-13

Description:

Adobe Flash Player contains a flaw that may allow an attacker to run arbitrary code. The issue is triggered when a specially crafted .SWF file is viewed using a standalone player or within a Flash browser plugin.

[CLOSE] OSVDB ID : 41220 - Disclosed: 2008-02-08

Description:

Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."

[CLOSE] OSVDB ID : 42710 - Disclosed: 2008-03-11

Description:

(Description Provided by CVE) : Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI.

[CLOSE] OSVDB ID : 53664 - Disclosed: 2009-04-14

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data sizes for an unspecified length field, aka "WordPad Word 97 Text Converter Stack Overflow Vulnerability."

[CLOSE] OSVDB ID : 63745 - Disclosed: 2010-04-13

Description:

(Description Provided by CVE) : The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability."

[CLOSE] OSVDB ID : 42711 - Disclosed: 2008-03-11

Description:

(Description Provided by CVE) : Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via a crafted URL, aka "Office Web Components URL Parsing Vulnerability."

[CLOSE] OSVDB ID : 49059 - Disclosed: 2008-10-14

Description:

(Description Provided by CVE) : Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."

[CLOSE] OSVDB ID : 56777 - Disclosed: 2009-07-30

Description:

(Description Provided by CVE) : Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.

[CLOSE] OSVDB ID : 41460 - Disclosed: 2008-02-12

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.

[CLOSE] OSVDB ID : 64529 - Disclosed: 2010-05-11

Description:

(Description Provided by CVE) : VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability."

[CLOSE] OSVDB ID : 53383 - Disclosed: 2009-04-07

Description:

(Description Provided by CVE) : The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.

[CLOSE] OSVDB ID : 44206 - Disclosed: 2008-04-08

Description:

Microsoft Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 56916 - Disclosed: 2009-08-11

Description:

Office Web Components is prone to an overflow condition. The ActiveX control fails to properly sanitize user-supplied input via the HTMLURL parameter resulting in a buffer overflow. With a specially crafted website, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 42724 - Disclosed: 2008-03-11

Description:

(Description Provided by CVE) : Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption.

[CLOSE] OSVDB ID : 44212 - Disclosed: 2008-04-08

Description:

An unspecified memory corruption flaw exists in Project. With a specially crafted Project file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 44652 - Disclosed: 2007-12-11

Description:

(Description Provided by CVE) : Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.

[CLOSE] OSVDB ID : 40262 - Disclosed: 2008-01-10

Description:

Apache HTTP Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because with mod_status enabled, the application does not validate the refresh parameter on the server-status page. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 62257 - Disclosed: 2010-02-09

Description:

Windows is prone to an overflow condition. DirectShow fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted AVI file, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 72723 - Disclosed: 2011-06-06

Description:

Adobe Flash Player contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate an unspecified parameter upon submission to an unspecified script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 65222 - Disclosed: 2010-06-08

Description:

Microsoft Windows contains a flaw that may allow a context-dependent attacker to execute arbitrary code with a MJPEG video file containing crafted compression data. No further details have been provided.