A denial of service vulnerability exists in Remote Desktop Services -formerly known as Terminal Services- when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
Citrix Application Delivery Controller (ADC) and Citrix Gateway are prone to a directory traversal vulnerability that allows attackers to upload an XML file via newbm.pl and execute system commands.
File Sharing Wizard is prone to a buffer-overflow when handling a specially crafted HTTP POST parameter.
A Denial of Service exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
This update corrects wrong category specification.
This update corrects wrong category specification.
Apache Solr is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.
By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a jar file.
By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a jar file.
Unauthenticated remote command injection vulnerability in Indusoft Web Studio 8.1 SP2. The vulnerability is exercised via the custom remote agent protocol that is typically found on port 1234 or 51234. An attacker can issue a specially crafted command 66 which causes IWS to load a DB connection file off of a network share using SMB. The DB file can contain OS commands that will be executed at the privilege level used by IWS.
This update adds support for Windows 7 SP1 x64.
The Solarwinds Dameware Mini Remote Client agent supports smart card authentication by default which allows a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable.
The flaw exists in the GetUserPasswd function in BwPAlarm.dll due to improper validation of user-supplied data before copying the data to a fixed size stack-based buffer when processing an IOCTL 70603 RPC message.
This update improves the processing of Client Side email templates.