[CLOSE] OSVDB ID : 49243 - Disclosed: 2008-10-23

Description:

Microsoft Windows Server Service contains a flaw that may allow a malicious user to remotely execute arbitrary code. The issue is triggered when a crafted RPC request is handled. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 50622 - Disclosed: 2008-12-11

Description:

A use-after-free flaw exists in Internet Explorer. The data binding function fails to update the array length after releasing an object resulting in access to the deleted object's memory space. With a specially crafted web page, a context dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 46777 - Disclosed: 2008-07-08

Description:

Windows contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.

[CLOSE] OSVDB ID : 61854 - Disclosed: 2010-01-19

Description:

(Description Provided by CVE) : The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."

[CLOSE] OSVDB ID : 51840 - Disclosed: 2009-02-10

Description:

A memory corruption flaw exists in Internet Explorer. The program fails to validate CSS styles resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 46778 - Disclosed: 2008-07-08

Description:

Microsoft Windows contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.

[CLOSE] OSVDB ID : 46061 - Disclosed: 2008-06-10

Description:

A code execution flaw exists in Windows. The Bluetooth stack fails to validate Service Delivery Protocol (SDP) packets resulting in potential code execution. With a large number of specially crafted SDP packets, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 42732 - Disclosed: 2008-03-12

Description:

Excel contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel fails to validate specially-crafted macros. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 40070 - Disclosed: 2008-01-08

Description:

A buffer overflow exists in Windows. The TCP/IP implementation fails to validate IGMPv3 and MLDv2 packets resulting in a buffer overflow. With a specially crafted packet, a remote attacker can cause arbtrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 52522 - Disclosed: 2009-03-10

Description:

An unspecified remote code execution flaw exists in Window. The GDI kernel interface fails to validate WMF and EMF graphics files resulting in arbitrary code execution. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 46776 - Disclosed: 2008-07-08

Description:

BIND contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.

[CLOSE] OSVDB ID : 49736 - Disclosed: 2000-08-15

Description:

Windows contains a flaw that may allow a malicious remote user to execute arbitrary code. The issue is triggered by a flaw that allows an attacker to replay the NTLM credentials of a client user. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 44213 - Disclosed: 2008-04-08

Description:

A heap overflow overflow exists in Windows. gdi32.dll fails to validate EMF files resulting in a heap overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 45029 - Disclosed: 2008-05-13

Description:

(Description Provided by CVE) : OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.

[CLOSE] OSVDB ID : 61697 - Disclosed: 2010-01-15

Description:

Internet Explorer contains a flaw that may allow a context-dependent attacker to execute arbitrary code. The issue is triggered when a specially crafted website causes mshtml.dll to access memory that has been freed, allowing code execution.

[CLOSE] OSVDB ID : 51839 - Disclosed: 2009-02-10

Description:

A memory corruption flaw exists in Internet Explorer. The program fails to validate web page content resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 40069 - Disclosed: 2008-01-08

Description:

Windows contains a flaw that may allow a remote denial of service. The issue is triggered when handling fragmented router advertisement ICMP queries, and will result in loss of availability for the platform.

[CLOSE] OSVDB ID : 57799 - Disclosed: 2009-09-08

Description:

Microsoft Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a malicious user sends a specially crafted NEGOTIATE PROTOCOL REQUEST SMBv2 packet with an & (ampersand) character in a Process ID High header field, causing an attempted dereference of an out-of-bounds memory location. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 39118 - Disclosed: 2007-12-11

Description:

Internet Explorer contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when theCRecalcProperty function in mshtml.dll references memory that has already been freed. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 53626 - Disclosed: 2009-04-14

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."

[CLOSE] OSVDB ID : 62810 - Disclosed: 2010-03-09

Description:

Microsoft Windows Internet Explorer contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when an attacker utilizes a remote memory-corruption vulnerability in Internet Explorer by inserting malicious code into a site and when Internet Explorer attempts to parse the attack page, the remote attacker to gain privileges of the currently logged-in user viewing the malicious site.

[CLOSE] OSVDB ID : 51837 - Disclosed: 2009-02-10

Description:

A memory corruption flaw exists in Exchange Server. It fails to validate TNEF data resulting in memory corruption. With a specially crafted message, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 46083 - Disclosed: 2008-06-10

Description:

A memory corruption flaw exists in Internet Explorer. IE fails to validate HTML objects resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 45031 - Disclosed: 2008-05-13

Description:

A memory corruption flaw exists in Office. Word and Outlook fail to validate strings contained in RTF files resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 39123 - Disclosed: 2007-12-11

Description:

A stack overflow exists in Windows. The Message Queuing Service fails to validate information received via the RPC interface resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 56910 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."

[CLOSE] OSVDB ID : 57795 - Disclosed: 2009-09-08

Description:

(Description Provided by CVE) : The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

[CLOSE] OSVDB ID : 52073 - Disclosed: 2009-02-20

Description:

A buffer overflow exists in Acrobat and Acrobat Reader. They fail to validate PDF files which use JBIG2 compression routines resulting in a buffer overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 54386 - Disclosed: 2009-05-12

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via crafted formatting data for paragraphs in a file that uses a PowerPoint 4.0 native file format, related to (1) an incorrect calculation from a record header, or (2) an interget that is used to specify the number of bytes to copy, aka "Legacy File Format Vulnerability."

[CLOSE] OSVDB ID : 56693 - Disclosed: 2009-07-28

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Memory Corruption Vulnerability."

[CLOSE] OSVDB ID : 41463 - Disclosed: 2008-02-12

Description:

(Description Provided by CVE) : Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.

[CLOSE] OSVDB ID : 41445 - Disclosed: 2008-02-12

Description:

(Description Provided by CVE) : Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages.

[CLOSE] OSVDB ID : 41468 - Disclosed: 2008-02-12

Description:

(Description Provided by CVE) : Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.

[CLOSE] OSVDB ID : 42730 - Disclosed: 2008-03-11

Description:

A buffer overflow exists in Excel. The program fails to validate BIFF files resulting in a heap overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 54946 - Disclosed: 2009-06-09

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via unspecified DHTML function calls related to a tr element and the "insertion, deletion and attributes of a table cell," which trigger memory corruption when the window is destroyed, aka "DHTML Object Memory Corruption Vulnerability."

[CLOSE] OSVDB ID : 44906 - Disclosed: 2008-05-01

Description:

(Description Provided by CVE) : The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

[CLOSE] OSVDB ID : 40071 - Disclosed: 2008-01-08

Description:

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due to an error in Local Security Authority Subsystem Service (LSASS). This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 39180 - Disclosed: 2007-11-15

Description:

(Description Provided by CVE) : Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

[CLOSE] OSVDB ID : 36451 - Disclosed: 2007-08-01

Description:

(Description Provided by CVE) : WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks.

[CLOSE] OSVDB ID : 67988 - Disclosed: 2010-09-14

Description:

Windows contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is triggered by a flaw in the Print Spooler service, which fails to restrict access to print spoolers via RPC.