Google's public data explorer suffered from an XML external entity injection vulnerability.
f1f93b1a77eeff328b95a62faf8d24425b8847dd2d7576805d6e28322cdc50d6
A privilege escalation vulnerability was discovered in gostorego.com that allowed a remote, unauthenticated attacker the ability to create an administrative user.
fd4a8bf76717b3109d12eccb9649183d623437e3a934794546f17e7fd08872d2
This whitepaper discusses how to perform a take over of the Ektron CMS. It demonstrates how to hijack the builtin and admin accounts.
4051126d4a1554f5aa1a371e3823fe1746489da90272c4a0bd3f21fffb9a0ce0
Sitecore's special way of display XML controls allows for a cross site scripting attack.
332c44062becbe780354571679bbca0e59d1468bef6e56ac13e0ebfa8d53931a
The SAP DB suffers from a web server stack overflow.
0749c32ef0d9c060f3d5e24c3f8a13e4ffa2c55ae533dcc7bbbf4b19e62ae074
The SAP Internet Communication Manager suffers from a denial of service vulnerability.
3854d1251268dac04e302b6d8b502a6a84ac55220bf172bc4ddff70550560b3b
The SAP Message Server suffers from a heap overflow vulnerability.
f0067ae9b255a470a410cce57416f08c6a0878c3437509ae1415b1141910ec3c
The SAP Internet Graphics Server suffers from a cross site scripting vulnerability and a heap overflow vulnerability.
765df3e3026044a65328944f7a4494ae170aee42c1789d8a3707eb8de4989b7f
EnjoySAP, the SAP GUI for Windows, suffers from a stack overflow vulnerability.
64f5aa6fc4f12c13f5c5d24b6cdf2e92f8451f609f253bb3d31c002dfc2f0b5a
EnjoySAP, the SAP GUI for Windows, suffers from a heap overflow vulnerability.
142ff655dae0e4a77bdd173861a8fb4488b208319a8efec9fcfa5526c6ac2e33
Symantec Security Advisory SYM07-002 - Vulnerabilities were identified in third-party trouble-shooting ActiveX controls, developed by SupportSoft, www.supportsoft.com. Two of these controls were signed, shipped and installed with the identified versions of Symantec's consumer products and as part of the Symantec Automated Support Assistant support tool. The vulnerability identified in the Symantec shipped controls could potentially result in a stack overflow requiring user interaction to exploit. If successfully exploited this vulnerability could potentially compromise a user's system possibly allowing execution of arbitrary code or unauthorized access to system assets with the permissions of the user's browser.
6d8c791e06133fa8ef47db22bc1c4eced26f2df9a68bb88f0f840ec2843249d6
Oracle 10g R2 Enterprise Manager suffers from a classic directory traversal flaw. Details provided.
7b239d813c0b71f35706e82ceb10a5685fed697cf244b62a9ea0ed16b798e32f
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote resource exhaustion vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause LGSERVER.EXE to write very large files to the system disk. In addition, the LGSERVER.EXE process becomes unresponsive until the file has been written.
5e363b53e6622717f68088020395485bc3abf558e7989dfb9923e72982cf384e
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote denial of service vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause the process to terminate.
b2beae78b9dc5bc4bf16421bd8c3f8c7bbb339c861377bc711310256b5da4cd2
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote c ode execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 1900, it is possible to cause a stack overflow that allows arbitrary code execution as Local System.
93b42c48737208bb1775e556207027438baca25f161de47442e043e659a7b1e6
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote code execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to execute arbitrary code as SYSTEM on a Windows Platform.
474a498ff00370f5a46dd87ae7f9feeac3510fc1c6ca6e8ff022be0dc35ff0c6
NGSSoftware Insight Security Research Advisory - Sybase ASE versions prior to 12.5.3 ESD#1 suffer from multiple buffer overflows and denial of service vulnerabilities.
8057a9b0c4794a5ecce8eb94c3a4e21b6ee749420f1666aa849c032a94346f39
Various versions of Realplayer are susceptible to a heap overflow vulnerability in the .WAV file format when being opened. Under Windows, the following versions are affected: RealPlayer 10.5 (6.0.12.1056 and below), RealPlayer 10, RealOne Player V2, RealOne Player V1, RealPlayer 8, RealPlayer Enterprise. Under Linux, the following versions are affected: RealPlayer 10 (10.0.0.2 and below), Helix Player.
359c580e54c96a6991290df4135edc4fda022168df80da8721508a4c75bfe410
NGSSoftware Insight Security Research Advisory - Multiple vulnerabilities have been discovered in the AtHoc toolbar which can allow remote code execution through Internet Explorer when browsing to a specially crafted webpage.
47bfb3702c540e74e290ac45de0ac6236c9dac1d8ea51d84b10c5a95b4edf519
NGSSoftware Insight Security Research Advisory #NISR2122004J - IBM's DB2 database server contains a function, rec2xml, used to format a string in XML. This function suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.
b8613611d22ef6e27ef52155f6315c5d527c17d33199e9824cdca2fd21abca6f
NGSSoftware Insight Security Research Advisory #NISR17042004 - By crafting malformed .R3T file it is possible to cause a stack based overruns in RealPlayer / RealOne Player. By forcing a browser to a website containing such a file, code could be executed on the target machine running in the context of the logged on user, alternatively the end user would be required to open the .R3T file as a mail attachment. Systems Affected: RealPlayer 8, RealOne Player, RealOne Player v2 for Windows only (all languages), RealPlayer 10 Beta (English only) and RealPlayer Enterprise (all versions, stand-alone and as configured by the RealPlayer Enterprise Manager).
6d743136e2278e3913a2b15ed69ed2788f1f4b991aaed8aef0dce1951f4208cf
NGSSoftware Insight Security Research Advisory #NISR19042004b - Symantec's Norton Internet Security 2004 Professional makes use of an ActiveX component that is marked safe for scripting, particularly WrapUM.dll. Using the LaunchURL method an attacker has the ability to force the browser to run arbitrary executables on the target.
11d31d97538a7637add15397dc05b7907d588a0e9216c80ae9fa4a9502a8ba11
NGSSoftware Insight Security Research Advisory #NISR19042004a - Installed with Symantec's Norton AntiSpam 2004 product is an ActiveX component that is marked safe for scripting, particularly symspam.dll. However, when the method LaunchCustomRuleWizard is called with an overly long parameter, an attacker can cause a stack based overflow allowing for arbitrary code execution.
b73892705e2a76c1e0de0b2b6bf520d003b24ba8a85ea693d80dca4775212c39
NGSSoftware Insight Security Research Advisory #NISR04022004a - By crafting malformed .RP, .RT, .RAM, .RPM or .SMIL file, it is possible to cause heap and stack based overruns in RealPlayer / RealOne Player.
08c196447e2192d2c612710832b2422a990dbc5bd70ac8d47941a572f399a72a
Sybase Adaptive Server Anywhere v9.0.0, the relational database at the core of SQL Anywhere Studio 8 contains over 50 vulnerabilities including format string overflows, buffer overflows, and denial of service conditions. Fix available here.
85b020d178f9754cbb630b420899e0a35ec15ff5fd3c3ba755e03d19390d2f14