The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
ASP.NET 2.0: Cross Site Scripting of AutoPostBack
When AutoPostBack is activated, a Cross Site Scripting attack can be used on ASP.NET 2.0...
Office: several vulnerabilities
Four vulnerabilities of Office permit an attacker to execute code when a malicious document is open...
Excel: several vulnerabilities
Four vulnerabilities of Excel permit an attacker to execute code when a malicious document is open...
Word: several vulnerabilities
Four vulnerabilities of Word permit an attacker to execute code when a malicious document is open...
PowerPoint: several vulnerabilities
Four vulnerabilities of PowerPoint permit an attacker to execute code when a malicious document is open...
Python: memory corruption via repr
When the repr() function works on data coming from attacker, he can use an UTF-32/UCS-4 character to generate an overflow of 4 bytes...
PHP: bypassing directives using ini_restore
A local attacker can use ini_restore() to bypass directives of Apache configuration...
OpenBSD, NetBSD: integer overflow of systrace
A local attacker can use the STRIOCREPLACE operation of systrace() in order to generate a denial of service, to read a memory fragment, or to elevate his privileges...
X.Org: xdm session error file reading
A local attacker can read the xdm session error file of another user...
Solaris: packets capture via link aggregation
A local attacker can capture network packets when link aggregation is activated...
Mono: file corruption via System.CodeDom.Compiler
A local attacker can use a symlink in order to create or alter a file during the usage of System.CodeDom.Compiler classes of Mono...
Symantec: vulnerability of the Support Tool ActiveX
The ActiveX provided by Symantec for technical support of some products can be used by an attacker to obtain information or to execute code...
Symantec: privilege elevation via 3 IOCTL of NAVENG.SYS
A local attacker can obtain system privileges with several Symantec products using NAVENG.SYS or NAVEX15.SYS...
Linux kernel: denial of service of ATM clip_mkip
An attacker can create an error in the clip_mkip() function in order to stop systems with ATM activated...
Linux kernel: denial of service of DVB
An attacker can send a malformed ULE packet in order to stop systems where DVB is activated...
Linux Kernel: denial of service of SCTP
The patch for the VIGILANCE-VUL-6114 vulnerability permits a local attacker to generate a denial of service...
Linux kernel: denial of service on Itanium via perfmonctl
On an Itanium processor, a local attacker can call perfmonctl() in order to consume all file descriptors...
PHP: integer overflow of _ecalloc
An attacker who can control memory allocation via _ecalloc() may execute code on the web server...
MaxDB, SAP-DB: buffer overflow of WebDBM
An attacker can use a long database name in order to generate an overflow in WebDBM...
PHP: open_basedir bypass with symlink
An attacker can create a PHP program using symlink() to bypass open_basedir restriction...
Solaris: denial of service of Kernel SSL Proxy
An attacker can use a special SSL client in order to stop kernels with the Kernel SSL Proxy activated...
OpenSSL: vulnerability of patch CVE-2006-2940
A patch for VIGILANCE-VUL-6185 is incorrect and introduces a new vulnerability...
HP-UX: vulnerability of Ignite-UX
A vulnerability of Ignite-UX permits a remote attacker to obtain root privileges on the system...
McAfee ePO, ProtectionPilot: buffer overflow of Source
An attacker can use a HTTP request containing a long Source field on order to generate an overflow in McAfee ePO or ProtectionPilot...
WebSphere AS 5.1.1: several vulnerabilities
Several vulnerabilities of WebSphere AS permit an attacker to obtain information...
phpMyAdmin: vulnerabilities of XSRF protection
An attacker can use a XSRF in order to achieve a database operation action with rights of connected phpMyAdmin user...
Informix DS: file corruption during installation
A local attacker can edit some files during Informix Dynamic Server installation...
Cscope: several overflow
Several overflow of Cscope permit an attacker to execute code on computers of users accepting to use it on an insecure environment...

   

Direct access to page 1 21 41 61 81 101 121 141 154 155 156 157 158 159 160 161 162 164 166 167 168 169 170 171 172 173 174 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1047