History of vulnerabilities analyzed by Vigil@nce: QEMU: two vulnerabilities of VNC An attacker can use VNC in order to generate a denial of service or to execute code via QEMU... LibGd, PHP: memory corruption via gdGetColors An attacker can use an application linked to the GD library, in order to corrupt the memory, which generates a denial of service, and can possibly leads to code execution... Solaris: gain of file ownership on ZFS On a ZFS filesystem, a local attacker can gain ownership of a file that does not belong to him... Linux kernel: reading 2 bytes via tc_fill_node A local attacker can create a PF_NETLINK/NETLINK_ROUTE socket, in order to read two bytes coming from the kernel memory... Xpdf: multiple vulnerabilities An attacker can create a malicious PDF document leading to code execution on computer of users opening it with Xpdf, or its derivatives... Windows, Office, IE, SQL Server: several vulnerabilities of GDI A local or remote attacker can create malicious programs or images in order to generate a denial of service or code execution on victim's computer... Microsoft .NET: code execution An attacker can invite the victim to display a malicious web page with an XBAP web browser (such as Internet Explorer), in order to execute code on his computer... Microsoft Office: code execution via ATL Several vulnerabilities of Microsoft ATL (Active Template Library) impact Microsoft Office products... Windows: denial of service of LSASS via NTLM When authenticating to a server, a network attacker can send a malformed NTLM packet, in order to reboot it... Windows: privilege elevation A local attacker can use three vulnerabilities of the Windows kernel, in order to generate a denial of service or to execute code with system privileges... Microsoft Indexing Service: code execution An attacker can invite the victim using Indexing Service to connect to a malicious IIS web server, in order to execute code on his computer... Windows, IE: vulnerabilities of several Microsoft ActiveX Several Microsoft ActiveX can be used by a remote attacker to generate a denial of service or to execute code... Internet Explorer: multiple vulnerabilities Several vulnerabilities of Internet Explorer lead to code execution... Windows Media Player 6.4: code execution An attacker can invite the victim to open a malicious ASF document, in order to execute code on his computer... Windows Media Runtime: code execution An attacker can invite the victim to open a malicious audio document, in order to execute code on his computer... Windows: several vulnerabilities of SMBv2 An attacker can send a malicious SMB 2.0 packet, in order to execute code on the system, or to generate a denial of service... Unbound: non verification of NSEC3 When an attacker can spoof DNS packets, he can poison the Unbound cache with fake data... AWStats: Cross Site Scripting An attacker can use a Cross Site Scripting of AWStats in order to execute JavaScript code in the context of victim's web browser... CA Anti-Virus: code execution via arclib An attacker can create a malformed RAR archive, which corrupts the memory, in order to stop the Anti-Virus, or to execute code... VMware ACE, Player, Workstation: denial of service of vmware-authd An attacker can send a malicious authentication query to the vmware-authd service of VMware ACE, Player or Workstation in order to stop it... Adobe Reader, Acrobat: code execution An attacker can create a malicious PDF document in order to execute code on the computer of victims opening the document... AIX: buffer overflow of libcsa.a An attacker can use rpc.cmsd in order to generate an overflow in libcsa.a to execute code on the system... Linux kernel: denial of service via AX.25 A local attacker can use an AX.25 socket, in order to stop the system... Linux kernel: privilege elevation via eCryptfs A local attacker can create a hard link on an eCryptfs file system, in order to generate a denial of service, or to execute code... Apache httpd: denial of service under Solaris An attacker can open several sessions when Apache httpd is installed under Solaris, in order to stop it... OpenBSD: denial of service via XMM On an i386 processor, a local attacker can generate an XMM exception, in order to stop OpenBSD... FreeBSD: privilege elevation via devfs and VFS A local attacker can use devfs and VFS, in order to obtain kernel privileges... FreeBSD: privilege elevation via kqueue A local attacker can use close() and kqueue(), in order to obtain kernel privileges... Previous page Next pageDirect access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103