The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
nss-ldapd: obtaining the password
A local attacker can read the configuration file of nss-ldapd in order to obtain the password used to connect to the LDAP server...
phpMyAdmin: several vulnerabilities
Several phpMyAdmin vulnerabilities can be used by an attacker to read or alter a file, or to create a Cross Site Scripting...
Adobe Acrobat/Reader: code executions via JBIG2
An attacker can create a PDF file containing a malicious JBIG2 image in order to execute code on the computer of victims opening the document...
HP-UX: privilege elevation via VERITAS
A local attacker can elevate his privileges via a vulnerability of VERITAS File System or VERITAS Oracle Disk Manager...
OpenView NNM: code execution
A remote attacker can execute code on the server using several vulnerabilities of HP OpenView Network Node Manager...
Linux kernel: reading memory on eCryptfs
A local attacker can read fragments of kernel memory by reading a file on eCryptfs...
Linux kernel: privilege elevation via nfsd
A NFS client can create special files via mknod()...
Secure Web SmartFilter: information disclosure
Passwords are stored in clear form in some files of Secure Computing Secure Web SmartFilter...
FreeBSD: denial of service via kenv
A local attacker can use kenv() in order to stop the system...
FreeBSD: integer overflow via ktimer
A local attacker can elevate his privileges by generating an integer overflow in ktimer...
BIND: incorrect handling of DNSSEC DLV
The Bind DNS server handles unknown DNSSEC algorithms as signature errors...
Little CMS: several vulnerabilities
An attacker can create a malicious image in order to execute code on the computer of a victim opening it with a Little CMS application...
Ghostscript: integer overflows via ICC
An attacker can invite the victim to open a malicious PDF or PS file with Ghostscript in order to execute code with victim's privileges...
Adobe Acrobat/Reader: code execution via getIcon
An attacker can create a PDF document containing malicious JavaScript code in order to execute code on the computer of victims opening the document...
Adobe Reader 7: several vulnerabilities
Several vulnerabilities were announced in Adobe Acrobat/Reader...
pcAnywhere: format string attack
A local attacker can generate a format string attack in pcAnywhere in order to create a denial of service, and possibly to execute code...
Lotus Notes: buffer overflow via WordPerfect
An attacker can invite the victim to open a malicious WordPerfect file in order to execute code in Lotus Notes...
PostgreSQL: denial of service via the encoding conversion
An attacker authenticated on PostgreSQL can generate an error during the character encoding conversion in order to create a temporary denial of service...
Solaris: denial of service of UFS
A local attacker can generate errors in the ufs_getpage() and ufs_putpage() functions in order to create a denial of service...
Solaris: denial of service of KDC
An unauthenticated attacker allowed to access to the master Key Distribution Center can create a denial of service on slaves...
GNOME Evolution: denial of service via NTLM SASL
A malicious server can stop the GNOME Evolution client...
Solaris: denial of service of keysock
A local attacker can use the keysock kernel module to stop the system...
WebSphere AS: reading WEB-INF and META-INF
An attacker can read the content of WEB-INF and META-INF directories of WebSphere Application Server...
glib: integer overflows via base64
An attacker can use a long base64 string in order to generate a denial of service or code execution in applications linked to glib...
ModSecurity: denials of service
An attacker can create two denials of service in Apache httpd via the ModSecurity module...
SARG: several vulnerabilities
Several Squid Analysis Report Generator vulnerabilities can be used by a remote attacker to execute code on the server...
Solaris: vulnerabilities of Doors
A local attacker can create a denial of service, access to files or execute code via vulnerabilities of the Doors subsystem...
Cisco Unified Communications Manager: obtaining the password
A privileged password is sent in clear by Cisco Unified Communications Manager...
IBM TSM: buffer overflow of adsmdll.dll
An attacker can generate an overflow in Tivoli Storage Manager Server in order to execute code...
Solaris: file access via NFSv3
When NFSv3 is enabled on the server, and when several security modes are configured, a client can access to shared files...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 232 233 234 235 236 237 238 239 240 242 244 245 246 247 248 249 250 251 252 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1023