The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Solaris: denial of service via DTrace
A local attacker allowed to execute DTrace programs can stop system...
HP-UX: denial of service of ARPA
A remote attacker can generate a denial of service by using the ARPA protocol...
Xpdf, gpdf: integer overflow of StreamPredictor
An attacker can create a malicious PDF document generating an integer overflow in the StreamPredictor class of Xpdf and of its derivatives...
Firefox, SeaMonkey, Thunderbird: code execution
An attacker can exploit two vulnerabilities in Firefox browser family in order to execute code...
Asterisk: denial of service via IAX2
An attacker can use several calls in order to generate a denial of service on Asterisk...
Solaris: information disclosure via finger
An attacker can obtain, via finger, information on users without knowing their names...
PHP, t1lib: buffer overflow of imagepsloadfont, intT1_Env_GetCompletePath
An attacker can create a PHP script using imagepsloadfont(), or use a program linked to T1Lib, in order to execute code...
Nessus: vulnerabilities of ActiveX
An attacker can create a HTML page using Nessus ActiveX in order to delete or to create a file on victim's computer...
Novell Client: buffer overflow of NWSPOOL.DLL
Several vulnerabilities of NWSPOOL.DLL permit a RPC attacker to execute code on computer...
vim: format string attack via helptags
An attacker can invite victim to use helptags on malicious data in order to generate a format string attack in vim...
libvorbis: memory corruptions
An attacker can create a malicious Ogg Vorbis file generating several memory corruptions in libvorbis...
lighttpd: several denials of service
An attacker can generate several denials of service in lighttpd...
Drupal: several vulnerabilities
Several vulnerabilities of Drupal lead to Cross Site Request Forgery or Cross Site Scripting attacks...
AIX: buffer overflow of capture
A local attacker can elevate his privileges via an overflow of capture command...
AIX: privilege elevation via pioout
A local attacker can use the pioout command to load a malicious library, and run code with root privileges...
AIX: privilege elevation via pioinit
A local attacker member of bin group can change pioinit in order to obtain root privileges...
AIX: buffer overflow of lpd
A local attacker can elevate his privileges via an overflow of lpd command...
AIX: buffer overflow of ftp
A local attacker can elevate his privileges via an overflow of ftp command...
AIX: buffer overflow of arp
A local attacker can elevate his privileges via an overflow of arp command...
Solaris: reading files via lbxproxy
A local attacker can use lbxproxy in order to read some system files...
Thunderbird: command execution via mailto, nntp, news and snews
An attacker can use mailto, nntp, news and snews uris to install a malicious module under Windows...
Sun Java System AS: JSP source code disclosure
An attacker can use a special url in order to obtain source code of JSP applications...
Firefox, Netscape: command execution via mailto, nntp, news and snews
An attacker can use mailto, nntp, news and snews uris to inject commands under Windows...
Computer Associates AV: denial of service via CHM
An attacker can create a malicious CHM file generating an infinite loop in the antivirus...
Kaspersky AV: deactivating via date
A local attacker can change system date in order to deactivate antivirus...
Cisco WLC: several denials of service via ARP
Several denials of service can be generated on Cisco Wireless LAN Controller via ARP packets...
Panda AV: memory corruption of AdminSecure
An attacker can connect to the AdminSecure port in order to generate an overflow leading to code execution...
BIND 9: predictability of query ids
An attacker can predict query ids in order for example to poison the DNS server cache...
BIND: incorrect default ACL
Default ACLs for allow-query-cache and allow-recursion are too permissive...
WebSphere AS 6.0.2: several vulnerabilities
Several vulnerabilities of WebSphere AS permit an attacker to obtain information, to create denial of service or to attack the service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 182 183 184 185 186 187 188 189 190 192 194 195 196 197 198 199 200 201 202 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1090