The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Sophos AV: denial of service via Packer
An attacker can create a malicious Packed binary in order to create a denial of service and possibly to execute code in Sophos AV...
F-Prot AV: denial of service via ELF
An attacker can create a malicious ELF binary in order to create a denial of service and possibly to execute code in F-Prot AV...
Avast AV: memory corruption via ISO and RPM
An attacker can create malicious ISO or RPM files in order to execute code in Avast antivirus...
HP-UX: denial of service of DCE
A network attacker can create a denial of service in DCE...
Linux kernel: buffer underflow of IB700
A local attacker can use the IB700 card in order to create a denial of service or to elevate his privileges...
Internet Explorer: code execution via XML / DHTML Data Bindings
An attacker can invite the victim to display with Internet Explorer a web document using malformed data, in order to execute code on his computer...
Linux kernel: buffer overflow of Applicom
A local attacker can create a buffer overflow in the Applicom driver in order to elevate his privileges...
WordPad: code execution via Text Converter
An attacker can invite the victim to open a malicious Word 97 document with WordPad in order to execute code on his computer...
phpMyAdmin: SQL injection
An attacker can create a HTML page and invite the victim connected to phpMyAdmin to display it, in order to inject SQL data...
Microsoft Office SharePoint: access to the administration interface
An attacker can access to a part of the administration interface of Microsoft Office SharePoint...
Windows Media: code execution
Two vulnerabilities of Windows Media components can be used by an attacker to execute code...
Windows Search: code execution
An attacker can use two vulnerabilities of the Windows Search feature in order to execute code on victim's computer...
Excel: several vulnerabilities
Three vulnerabilities of Excel can be used by an attacker to execute code on computers of victims accepting to open a malicious file...
Internet Explorer: four vulnerabilities
Four vulnerabilities of Internet Explorer lead to code execution...
Word, Outlook: several vulnerabilities
Eight vulnerabilities of Word can be used by an attacker to execute code on computers of victims accepting to open a malicious file...
Windows: two vulnerabilities of GDI
An attacker can create a malicious WMF image in order to generate a denial of service or code execution on victim's computer...
Microsoft Visual, FrontPage, Project: vulnerabilities of ActiveX
Six vulnerabilities impact the ActiveX provided with Visual Basic 6.0 Runtime Extended...
PHP: code execution via proc_open
A local attacker can use proc_open() to execute a command with the privileges of the web server...
BMC Patrol Agent: format string attack
An attacker can use a format string attack of BMC Patrol Agent in order to execute code on the service...
Microsoft SQL Server: privilege elevation via sp_replwritetovarbin
An attacker can use sp_replwritetovarbin to corrupt the memory in order to execute code with privileges of SQL Server...
ArubaOS: denial of service via EAP
An attacker can send a malicious EAP frame in order to create a denial of service in Aruba Mobility Controller...
IE: vulnerabilities of several ActiveX of December 2008
Several ActiveX can be used by a remote attacker to generate a denial of service or to execute code...
MIME: denial of service by encapsulation
An attacker can create an email containing deep MIME encapsulations in order to create a denial of service in several applications...
PHP: vulnerability of magic_quotes_gpc
The magic_quotes_gpc directive is not honoured in PHP version 5.2.7...
Linux kernel: denial of service via listen
A local attacker can use listen() in order to generate an infinite loop in the kernel...
Acrobat 9: quickest brute force attack
An attacker can use a quickest brute force attack in order to decrypt documents encrypted by Acrobat...
AWStats: Cross Site Scripting
An attacker can use a Cross Site Scripting of AWStats in order to execute JavaScript code in the context of victim's web browser...
D-Bus: sending a message
The default D-Bus policy allows an application to send a message...
WebSphere AS 6.1: several vulnerabilities
Several vulnerabilities of WebSphere AS can be used to attack the service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 224 225 226 227 228 229 230 231 232 234 236 237 238 239 240 241 242 243 244 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1011