OVALdb logo

Professional OVAL Repository

Skip Navigation LinksOVAL > OVAL Definitions

Search Conditions:  Class: vulnerability

Page 1 of 6990 (279600 items)Предыдущая1234567698869896990Следующая
OVALid 
Version 
Title 
Class 
Open filter row popup menu
Open filter row popup menu
Open filter row popup menu
xv
oval:org.mitre.oval:def:99835Solaris Xorg Privilege Escalation via Pixmaps Vulnerabilityvulnerability
oval:org.mitre.oval:def:99286Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.vulnerability
oval:org.mitre.oval:def:99242HP-UX Running on Itanium Platforms Local Denial of Service (DoS)vulnerability
oval:org.mitre.oval:def:99146Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.vulnerability
oval:org.mitre.oval:def:98986The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.vulnerability
oval:org.mitre.oval:def:98476The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.vulnerability
oval:org.mitre.oval:def:98286Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.vulnerability
oval:org.mitre.oval:def:98136Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.vulnerability
oval:org.mitre.oval:def:9806NTLM Authentication BO in Squid Web Proxy Cachevulnerability
oval:org.mitre.oval:def:97556Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.vulnerability
oval:org.mitre.oval:def:97316The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.vulnerability
oval:org.mitre.oval:def:97296Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue."vulnerability
oval:org.mitre.oval:def:97137libpng Malformed PNG Image Vulnerabilityvulnerability
oval:org.mitre.oval:def:970156Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.vulnerability
oval:org.mitre.oval:def:9724tcpdump Delete Payload in ISAKMP Packets Vulnerabilityvulnerability
oval:org.mitre.oval:def:97469IE Frame Domain Verification Vulnerabilityvulnerability
oval:org.mitre.oval:def:96936Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."vulnerability
oval:org.mitre.oval:def:97539Red Hat OpenSSL do_change_cipher_spec Function Denial of Servicevulnerability
oval:org.mitre.oval:def:96846Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.vulnerability
oval:org.mitre.oval:def:9764tcpdump Identification Payload in ISAKMP Packets Vulnerabilityvulnerability
oval:org.mitre.oval:def:96726Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue."vulnerability
oval:org.mitre.oval:def:9774Multiple BO Vulnerabilities in LHA get_header Functionvulnerability
oval:org.mitre.oval:def:9784Multiple Directory Traversal Vulnerabilities in LHAvulnerability
oval:org.mitre.oval:def:9793Utempter Directory Traversal Vulnerabilityvulnerability
oval:org.mitre.oval:def:9866Gopher Client Buffer Overflowvulnerability
oval:org.mitre.oval:def:96367IE File Upload Vulnerabilityvulnerability
oval:org.mitre.oval:def:96216Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.vulnerability
oval:org.mitre.oval:def:9824Ethereal Denial of Service via SIP Messagesvulnerability
oval:org.mitre.oval:def:98328Windows XP IIS Out of Process Privilege Elevation Vulnerabilityvulnerability
oval:org.mitre.oval:def:98440Racoon Denial of Service via Large Length Fieldvulnerability
oval:org.mitre.oval:def:98569IE6 DHTML Method Call Memory Corruption (WinXP)vulnerability
oval:org.mitre.oval:def:9864Ethereal AIM Dissector Vulnerabilityvulnerability
oval:org.mitre.oval:def:95856Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."vulnerability
oval:org.mitre.oval:def:95826Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.vulnerability
oval:org.mitre.oval:def:9874Ethereal SPNEGO Dissector Vulnerabilityvulnerability
oval:org.mitre.oval:def:9884Ethereal MMSE Dissector Vulnerabilityvulnerability
oval:org.mitre.oval:def:95656Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.vulnerability
oval:org.mitre.oval:def:98966Microsoft Outlook Express 6,SP1 News Reading Vulnerabilityvulnerability
oval:org.mitre.oval:def:9973IE v6.0 Content Disposition/Type Arbitrary Code Executionvulnerability
oval:org.mitre.oval:def:95466Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.vulnerability
Page 1 of 6990 (279600 items)Предыдущая1234567698869896990Следующая

company ALTEX-SOFT 2008-2020, © AO ALTEX-SOFT , ovaldb@altx-soft.com

OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.