IBM Lotus iNotes ActiveX control dwa85W.dll is vulnerable to a buffer overflow via a long argument to the Attachment_Times method.
The vulnerability is caused due to a boundary error within the handling of HTTP request.
A buffer overflow in the ActiveX control qp2.cab in IBM Lotus Quickr for Domino allows remote attackers to execute arbitrary code via a long argument to the Attachment_Times method.
Test a web page's parameters trying to detect potential SQL Injection vulnerabilities.
The module can be configured to look for vulnerabilities in GET & POST parameters and cookies.
This update adds an additional trigger to the FAST set of SQL injection triggers for the SQL Injection analyzer to use.
The module can be configured to look for vulnerabilities in GET & POST parameters and cookies.
This update adds an additional trigger to the FAST set of SQL injection triggers for the SQL Injection analyzer to use.
The vulnerability exists within the QuickTimeVR.qtx component when processing a QTVRStringAtom having an overly large "stringLength" parameter. This can be exploited to cause a based buffer overflow and execute arbitrary code under the context of the user running the application.
This update adds support for Internet Explorer 6 and 8 and bypass DEP.
Also allows to send the mov file by email to open it directly with QuickTimePlayer.
This update adds support for Internet Explorer 6 and 8 and bypass DEP.
Also allows to send the mov file by email to open it directly with QuickTimePlayer.
The vulnerability is caused due to a boundary error within Simple Web Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command.
A stack buffer overflow exist in FlexNet License Server Manager due to the insecure usage of memcpy in the lmgrd service when handling crafted network packets.
The spywall/blocked_file.php script of Symantec Web Gateway allows remote unauthenticated users to upload files with arbitrary extensions. This can be abused by attackers to execute arbitrary PHP code on vulnerable systems.
This module exploits a remote format string vulnerability in FireFly Media Server by sending a sequence of HTTP requests to the 3689/TCP port.
The vulnerability is caused by scripts using "unserialize()" with user controlled input. This can be exploited to execute arbitrary PHP code via the "__destruct()" method of the "SugarTheme" class or passing an ad-hoc serialized object through the $_REQUEST['current_query_by_page'] input variable.