The LIVE555 Media Server is prone to a remote denial-of-service vulnerability due to inadequate input sanitization. Attackers can exploit this vulnerability to crash the application, resulting in denial-of-service conditions.
JiRo's Banner System is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Liferay Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The ComponentOne FlexGrid ActiveX Control is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to adequately check boundaries on user-supplied input. An attacker can exploit these issues to cause denial denial-of-service conditions and possibly to execute arbitrary code, but this has not been confirmed.
Aruba MC-800 Mobility Controller is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data.Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
The AIDA Web application is prone to multiple unauthorized access vulnerabilities. An attacker could exploit these issues to obtain potentially sensitive information that could aid in further attacks.
This is an exploit for the MOAB-03-01-2007 vulnerability. It allows an attacker to execute arbitrary code on the target system. The exploit creates a fake FTP server and uses a specially crafted URL to execute the payload.
The software fails to sanitize a certain HTTP header when the data is redirected to an error message. An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.
The vulnerability is a buffer overflow that occurs when a user views a maliciously crafted webpage. By enticing a victim to view the webpage, a remote attacker can execute arbitrary machine code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions.
The GNU tar and cpio utilities are prone to a denial-of-service vulnerability because of insecure use of the 'alloca()' function. Successfully exploiting this issue allows attackers to crash the affected utilities and possibly to execute code, but this has not been confirmed. GNU tar and cpio utilities share the same vulnerable code and are both affected. Other utilities sharing this code may also be affected.
Services By CQR