The 'libgtop2' library is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying into an insufficiently sized memory buffer. An attacker may exploit this issue by enticing victims into viewing a maliciously crafted system process with an application that uses the affected library. Successful exploits may cause arbitrary code to run with the privileges of the victim. Failed exploit attempts will likely cause denial-of-service conditions.
The InstantForum.NET application is prone to multiple cross-site scripting vulnerabilities due to inadequate input sanitization. Attackers can exploit these vulnerabilities to steal cookie-based authentication credentials and launch further attacks.
RealPlayer is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted files. Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users. Arbitrary code execution might be possible, but this is not confirmed.
The vulnerability exists in Apple Mac OS X when handling a DMG image containing a specially crafted HFS+ filesystem. By exploiting this vulnerability, an attacker can cause a kernel panic, leading to a denial-of-service condition.
The vulnerability occurs when the UFS filesystem handler fails to handle specially crafted DMG images. A successful exploit can cause kernel panic, resulting in a denial-of-service condition.
All In One Control Panel is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Ezboxx is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. The vulnerabilities include an SQL-injection issue, multiple cross-site scripting issues, and a path-disclosure issue. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, retrieve sensitive information, access or modify data, or exploit latent vulnerability in the underlying database implementation.
The Oracle ORADC ActiveX control is prone to a remote code-execution vulnerability. Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.
The vulnerability exists in the UFS filesystem handler of Apple Mac OS X. It can be exploited by sending specially crafted DMG images. A successful exploit can result in a denial-of-service condition by causing kernel panic.
WinZip is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it into an insufficiently sized buffer. An attacker may exploit this issue to cause denial-of-service conditions and possibly to execute arbitrary code within the context of the affected application, but this has not been confirmed.