The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Tomcat: Cross Site Scripting of documentation
An attacker can use the example provided in the documentation in order to generate a Cross Site Scripting attack...
Tru64 UNIX: detection of users via SSH
An attacker can use the SSH service to obtain names of valid users...
JDK: buffer overflow via a BMP or JPG image
An attacker can create a malicious BMP or JPG image in order to execute code on computer of victims opening it with a JDK application...
WebLogic, Tuxedo: several vulnerabilities
An attacker can exploit several vulnerabilities of WebLogic Server/Express and Tuxedo...
IDS: bypassing IDS with half of full width characters
An attacker can use half or full width Unicode characters in order to bypass several IDS...
Samba: several vulnerabilities
Several vulnerabilities were announced in Samba, the worst one permits a remote attacker to execute code...
Linux kernel: denials of service of nfnetlink_log
An attacker can generate four denials of service via nfnetlink_log() function...
CA Anti-Virus: several buffer overflows
A local or remote attacker can exploit several buffer overflows in antiviruses products of Computer Associates...
Solaris: information disclosure via srsexec
A local attacker can obtain the first line of a file with srsexec...
Tomcat: Anonymous Cipher allowed
By default, a client can establish a SSL session using an Anonymous Cipher...
Tomcat: Cross Site Scripting of Accept-Language
An attacker can use a malicious Accept-Language header, in order to generate a Cross Site Scripting attack in certain cases...
Tomcat: vulnerability of deprecated connectors
Two vulnerabilities of HTTP and AJP connectors permit an attacker to obtain information...
SquirrelMail: several vulnerabilities
Several Cross Site Scripting or interpretation errors of Internet Explorer have been found in SquirrelMail...
MySQL: denial of service via IF
A local attacker can use a special query in order to stop MySQL...
pcAnywhere: credential disclosure
A local administrator can obtain authentication credentials of users who connected to pcAnywhere...
Symantec Norton: vulnerability of NAVOpts.dll
An attacker can load NAVOpts.dll in a web browser, in order to generate an error then permitting to load other ActiveX controls...
McAfee Security Center: buffer overflow of IsOldAppInstalled
An attacker can generate an overflow in the MCSUBMGR.DLL ActiveX...
AMaViS, Avast, Panda: denial of service via a ZOO archive
An attacker can create a malicious ZOO archive generating an infinite loop in several softwares...
Cisco IOS: vulnerabilities of FTP
Two vulnerabilities of FTP service permit an attacker to access files or to create a denial of service...
Python: reading memory via locale.strxfrm
An attacker can generate an overflow in PyLocale_strxfrm() function in order to force Python to return a memory fragment...
PoPToP: denial of service via GRE
An attacker can send a malicious sequence of GRE packets in order to stop PoPToP...
Dovecot: reading gzipped file
An attacker can read some gzipped files with the zlib plug-in of Dovecot...
Solaris: denial of service via ACE_SETACL
A local attacker can use acl/facl() function with a negative parameter, in order to stop system...
Tru64 UNIX: privilege elevation via dop
A local attacker can use the dop program in order to execute commands with root privileges...
IE: vulnerability of CAPICOM.Certificates
An attacker can exploit a vulnerability of CAPICOM.Certificates in order to execute code on victim's computer...
IE: several vulnerabilities
Several vulnerabilities of Internet Explorer lead to code execution...
Exchange: several vulnerabilities
Several vulnerabilities affect Exchange, the worst one leading to code execution...
Office: code execution via a drawing
A vulnerability of Office permits an attacker to execute code on computers of victims accepting to open a malicious file...
Word: several vulnerabilities
Three vulnerabilities of Word permit an attacker to execute code on computers of victims accepting to open a malicious file...
Excel: several vulnerabilities
Three vulnerabilities of Excel permit an attacker to execute code on computers of victims accepting to open a malicious file...

   

Direct access to page 1 21 41 61 81 101 121 141 161 174 175 176 177 178 179 180 181 182 184 186 187 188 189 190 191 192 193 194 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1078