Microsoft MSN Messenger is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions.
Weaknesses in the random-number generator of BIND 8 allows an attacker to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks.
The Calendar Events application is vulnerable to an SQL injection attack. By supplying malicious input in the 'id' parameter of the 'viewevent.php' page, an attacker can manipulate the SQL query to execute arbitrary SQL code. This can lead to unauthorized access, data manipulation, or exploitation of other vulnerabilities in the database.
Motorola Timbuktu Pro is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to delete or create arbitrary files with SYSTEM-level privileges. This could completely compromise affected computers.
The AutoIndex PHP Script is vulnerable to a cross-site scripting (XSS) attack due to insufficient sanitization of user-supplied input data. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, within the context of the affected site. This can lead to the theft of cookie-based authentication credentials and the launch of further attacks.
The Thomson SpeedTouch 2030 device is prone to a denial-of-service vulnerability. This vulnerability is caused by the device's failure to handle specially crafted SIP INVITE messages. By exploiting this issue, remote attackers can cause the device to stop responding, denying service to legitimate users.
Media Player Classic is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data. Attackers may attempt to exploit this issue by coercing users to access malicious FLI files. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the user running the affected application. This facilitates the remote compromise of affected computers.
An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users.For the buffer-overflow vulnerability, the attacker opens the 'vavoombasevdoom2config.cfg' file, and adds the following lines:'alias bof "say aaa...(992_'a's)...aaa" name ''aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'' '
Vavoom is prone to multiple remote vulnerabilities, including a buffer-overflow issue, a format-string issue, and a denial-of-service issue. An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users.
An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users.
Services By CQR