The specific flaw exists because Avaya IP Office Customer Call Reporter allows to upload files to the webserver through ImageUpload.ashx. The uploaded files will not be stripped of their file extensions and the directory where they are saved has no scripting restrictions.
The vulnerability is caused due to a boundary error in VisiWave Site Survey Report when handling report files. This can be exploited to cause a stack based buffer overflow via a specially crafted .VWR file.
This module bypass DEP using ROP techniques.
This update adds CVE information.
This module bypass DEP using ROP techniques.
This update adds CVE information.
A security vulnerability was found in the VMware vSphere Hypervisor (ESXi)
subsystem, allowing an unauthenticated remote DoS. The vulnerability could
allow denial of service if a specially crafted request is sent to the
vSphere API by an unauthenticated user.
subsystem, allowing an unauthenticated remote DoS. The vulnerability could
allow denial of service if a specially crafted request is sent to the
vSphere API by an unauthenticated user.
This module allows remote attackers to place arbitrary files on a temporary folder in Novel ZENWorks AdminStudio, through a vulnerability in LaunchHelp.dll ActiveX Control (LaunchHelp.dll version 9.5.0.0). Code execution is achieved by uploading and executing a vbs script which then requests and executes Impact's binary agent.
A Format string vulnerability in the nsrd RPC service within EMC NetWorker? allows remote attackers to execute arbitrary code via format string specifiers in a crafted message.
This update adds Linux Support.
This update adds Linux Support.
Buffer Overflow when handling an attribute of style elements can be exploited when Quick Player handles a specially crafted TeXML file.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
Buffer Overflow when handling an attribute of "text3GTrack" elements can be exploited when Quick Player handles a specially crafted TeXML file.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This module exploits a buffer overflow vulnerability in the Aladdin Knowledge System Ltd PrivAgent.ocx ActiveX Control. The exploit is triggered when the ChooseFilePath() method processes a long string argument resulting in a stack-based buffer overflow.
This module exploits a vulnerability in the ntractivex118.dll module included in the NTRglobal NTR Activex Control application. The exploit is triggered when the StopModule() method processes a crafted argument resulting in a buffer overflow.
A buffer Overflow exists within the dpwinsdr.exe process which listens on TCP port 3817 by default. The process has insufficient bounds checking on user-supplied data copied to a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed opcode 0x330 message packets to the target.