The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Firefox: bypassing phishing protection
An attacker can use an IFRAME to bypass Firefox protection against phishing...
Windows: buffer overflow via an animated cursor
An attacker can create a malicious cursor leading to code execution when it is displayed...
NetBSD: buffer overflow of iso
A local attacker can generate an overflow in clnp_route() in order to elevate his privileges or to generate a denial of service...
TrueCrypt: unchecked mount point
Under Linux, a local attacker can mount a volume on a sensitive directory in order to generate a denial of service or to create a Trojan...
Lotus Domino: several vulnerabilities
Several vulnerabilities were announced in Lotus Domino...
FreeBSD: buffer overflow de mcweject
A local attacker can use mcweject in order to obtain root privileges...
Linux kernel: reading memory via do_dccp_getsockopt
A local attacker can read a DCCP socket in order to read fragments of kernel memory...
Windows Vista: network vulnerabilities
Several network vulnerabilities were described in Windows Vista...
Linux kernel: denial of service of setsockopt on Ipv6
A local attacker can use setsockopt() on an IPv6 socket to stop kernel...
PHP: header injection in mail
An attacker can inject mail headers using To and Subject parameters of mail()...
PHP: mail truncation
An attacker can inject a null character in the body of a message sent with mail() function...
Windows: traffic redirection via WPAD
An attacker can register the WPAD name in the DNS or WINS server in order to redirect web traffic of victims...
Microsoft MDAC, IE: memory corruption via ADODB.Recordset.NextRecordset
An attacker can use the NextRecordset() method of ADODB.Recordset in order to execute code on victim's computer...
OpenView NNM: code execution
A remote attacker can execute code on server using a vulnerability of HP OpenView Network Node Manager...
PHP: double free in session_decode
An attacker can generate a double memory free in session_decode() in order to execute code...
Sun Java System Directory Server: denial of service of ns-ldap
An attacker can send a malicious LDAP query in order to stop service...
Linux kernel: denial of service via IPV6_FLOWLABEL_MGR
A local attacker can create an IPv6 socket with IPV6_FLOWLABEL_MGR option in order to stop system...
Windows Mail: command execution
When user clicks on a command which has the same name as a directory, it is executed without warning...
PHP: reading memory with unserialize
A local attacker can use the unserialize() function to read fragments of process memory...
Inkscape: format string attacks
An attacker can generate several format string attacks in Inkscape...
Evolution: format string attack via a Memo
An attacker can create a malicious shared Memo, and invite victim to open it in order to create a denial of service or to execute code...
Tomcat: data injection via Content-Length
An attacker can use two Content-Length headers in order to alter behaviour of HTTP data analysis...
Asterisk: denial of service via Response
An attacker can stop Asterisk by replying with a special response...
WebSphere AS: linefeed injection
An attacker can inject data in the HTTP stream using linefeeds...
Squid: denial of service via TRACE
An attacker can use a TRACE query in order to stop Squid...
PHP: code execution via a stream handler
An attacker can alter a resource in the stream handler in order to execute code...
Network Audio System: several vulnerabilities
Several vulnerabilities permit a network attacker to stop nasd...

   

Direct access to page 1 21 41 61 81 101 121 141 161 170 171 172 173 174 175 176 177 178 180 182 183 184 185 186 187 188 189 190 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1092