The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Windows: information disclosure via ReadDirectoryChangesW
An authenticated attacker can use the ReadDirectoryChangesW() function to obtain the name of modified files located in an unreadable directory...
Nortel SSL VPN Net Direct Client: privilege elevation
A local attacker can obtain root privileges via several vulnerabilities of Unix VPN client...
GnuCash: file corruption
A local attacker can alter files with rights of GnuCash users via a symbolic link...
Ekiga: format string attack of gm_main_window_flash_message
An attacker can execute code by generating a format string attack in Ekiga...
Firefox: window spoofing via about blank
An attacker can use Javascript code to spoof a window via about:blank...
GnomeMeeting: format string attack of gnomemeeting_log_insert
An attacker can execute code by generating a format string attack in GnomeMeeting...
Linux kernel: denial of service of nfsacl
An attacker can connect to a NFS share and generate a denial of service...
Snort: buffer overflow of DCE/RPC pre-processor
An attacker can send a malicious packet in order to execute code on Snort...
Oracle DB: brute force attack on a v9 authentication
An attacker can force a version 9 authentication type in order to obtain an encrypted block for a brute force attack against the password...
ClamAV: denial of service and file altering
An attacker can create a document whose analyze generates a denial of service or creates/overwrites a file...
SpamAssassin: denial of service via an uri
An attacker can create a HTML email containing a very long uri in order to generate a denial of service of SpamAssassin...
Firefox: changing location.hostname
A HTML page can change location.hostname in order to bypass some restrictions...
AIX: buffer overflow of swcons
A local attacker can elevate his privileges using swcons...
ImageMagick: memory corruption of PALM
An attacker can create a malicious PALM image leading to code execution on computers of ImageMagick users...
FreeBSD: denial of service of NFS
An attacker can connect to a NFS share and generate two denials of service...
Linux kernel: denial of service of key_alloc_serial
A local attacker can stop system by generating numerous cryptographic keys...
PHP 4: several vulnerabilities
An attacker can use several vulnerabilities of PHP in order to conduct a denial of service, to execute code or to obtain information...
Cisco IOS, CatOS: multiple vulnerabilities of FWSM
Several vulnerabilities permit an attacker to generate a denial of service or to execute code...
Cisco PIX, ASA: multiple vulnerabilities
Several vulnerabilities permit an attacker to generate a denial of service of to elevate his privileges...
Word: code execution
An attacker can create a malicious Word document leading to code execution when it is opened...
Solaris: denial of service of tcp_clean_death
An attacker can generate a high rate TCP throughput in order to cause an error in tcp_clean_death()...
Solaris: denial of service of tcp_close
An attacker can generate a high rate TCP throughput in order to cause an error in tcp_close()...
HP-UX: file creation via SLSd
A network attacker can connect to SLSd to create a file on system with rights of root...
HP-UX: denial of service of ARPA
A local attacker can generate a denial of service by using the ARPA protocol...
Word: code execution 6
An attacker can create a malicious Word document leading to code execution when it is opened...
Word: code execution 5
An attacker can create a malicious Word document leading to code execution when it is opened...
Windows, Office: memory corruption via RTF and RichEdit
An attacker can create a RTF document containing malicious OLE data in order to execute code on victim's computer, via a vulnerability of RichEdit...
Windows, Visual Studio: memory corruption via RTF and MFC
An attacker can create a RTF document containing malicious OLE data in order to execute code on victim's computer, via a vulnerability of MFC...
Windows: memory corruption via RTF and OLE Dialog
An attacker can create a RTF document containing malicious OLE data in order to execute code on victim's computer, via a vulnerability of OLE Dialog...
Microsoft Antigen, Forefront, Windows Defender, Live OneCare: integer overflow of mpengine.dll
An attacker can create a malicious PDF document in order to execute code in products using the Microsoft Malware Protection engine...

   

Direct access to page 1 21 41 61 81 101 121 141 161 166 167 168 169 170 171 172 173 174 176 178 179 180 181 182 183 184 185 186 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1092