The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
IE: several vulnerabilities
Several vulnerabilities of Internet Explorer lead to code execution...
Excel: code execution via Workspace
An attacker can create a malicious Excel document leading to code execution when it is opened...
Windows, Office, VB: memory corruption of OLE Automation
An attacker can create a malicious HTML document using OLE Automation in order to execute code on computer of victim...
Windows, Office: memory corruption of XML Core Services
An attacker can create a malicious HTML document using MSXML in order to execute code on computer of victim...
Apache Tomcat: Cross Site Scripting of Host Manager
An attacker can use the Host Manager servlet in order to exploit a Cross Site Scripting attack...
Apache Tomcat: incorrect filtering of cookie
An attacker can obtain value of victim's cookies by using special characters...
Apache Tomcat: Cross Site Scripting of SendMailServlet
The SendMailServlet example can be used to generate Cross Site Scripting attacks...
IE: password saved in FTP documents
When a HTML document is downloaded by FTP, url containing password is added in the document...
AIX: buffer overflow of at
A local attacker can obtain root privileges by exploiting an overflow of at...
AIX: buffer overflow of fileplace
A local attacker can obtain root privileges by exploiting an overflow of fileplace...
AIX: several vulnerabilities of configuration commands
A local attacker can generate buffer overflows in chpath, rmpath and devinstall commands in order to obtain root privileges...
Norton AntiVirus, Internet Security: code execution via two ActiveX
Two ActiveX provided by Norton products can permit an attacker to execute code...
HP OpenView: several buffer overflows of OVTrace
Several buffer overflow permit a network attacker to execute code on Hewlett-Packard OpenView via OVTrace...
Linux kernel: video access via i965
When system has a Intel 965G video chipset, a local attacker can send malicious commands to it...
Cisco IOS: several vulnerabilities of VoIP
Several vulnerabilities affect SIP, MGCP, H.323, H.254, RTP and Facsimile protocols...
Cisco IOS: reading memory and denial of service via IPv6 Routing Header
An attacker can send an IPv6 packet containing a special Routing Header in order to read a fragment of memory or to create a denial of service...
Cisco IOS: buffer overflow of NHRP
An attacker can generate an overflow in Next Hop Resolution Protocol in order to create a denial of service or eventually to execute code...
Cisco IOS: transfer via Secure Copy
An authenticated attacker can transfer any IOS file via scp...
HP-UX: buffer overflow of ldcconn
A network attacker can generate an overflow in ldcconn in order to execute code on computer...
Asterisk: denial of service via Skinny
An authenticated attacker can generate a denial of service on Asterisk...
PHP: buffer overflow of msql_connect
An attacker can create a script using msql_connect() in order to execute code...
AIX: buffer overflow of rmpvc
A local attacker can use rmpvc in order to stop the system and eventually to elevate his privileges...
IE: vulnerabilities of several ActiveX of August 2007
Several ActiveX permit a remote attacker to generate a denial of service or to execute code...
Sun Java System Web Server: injection via redirect
In some redirect configurations, an attacker can inject HTTP data in a session...
Panda Antivirus: privilege elevation
A local attacker can obtain LocalSystem privileges by creating a Trojan horse in the antivirus installation directory...
Apache Tomcat 3: Cross Site Scripting of CookieExample
An attacker can create a link generating an error on the Tomcat server in order to create a Cross Site Scripting on the client...
HP-UX: denial of service of ARPA
A local attacker can generate a denial of service by using the ARPA protocol...
OpenSSL: vulnerability of Montgomery
A local attacker can obtain information when a Montgomery reduction is computed...
Qt: format string attack in QTextEdit
An attacker can create special data in order to generate a format string attack in QTextEdit...
GDM: denial of service via the Unix socket
A local attacker can send an invalid message to the Unix socket of GDM in order to stop it...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 183 184 185 186 187 188 189 190 191 193 195 196 197 198 199 200 201 202 203 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1090