OVALdb logo

Professional OVAL Repository

Skip Navigation LinksOVAL > OVAL Definitions

Search Conditions:  Version: 6

Page 1 of 232 (9242 items)Предыдущая1234567230231232Следующая
OVALid 
Version 
Title 
Class 
Open filter row popup menu
Open filter row popup menu
Open filter row popup menu
xv
oval:org.mitre.oval:def:99286Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.vulnerability
oval:org.mitre.oval:def:99146Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.vulnerability
oval:org.mitre.oval:def:98986The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.vulnerability
oval:org.mitre.oval:def:98476The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.vulnerability
oval:org.mitre.oval:def:98286Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.vulnerability
oval:org.mitre.oval:def:98136Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.vulnerability
oval:org.mitre.oval:def:9806NTLM Authentication BO in Squid Web Proxy Cachevulnerability
oval:org.mitre.oval:def:97556Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.vulnerability
oval:org.mitre.oval:def:97316The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.vulnerability
oval:org.mitre.oval:def:97296Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue."vulnerability
oval:org.mitre.oval:def:96936Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."vulnerability
oval:org.mitre.oval:def:96846Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.vulnerability
oval:org.mitre.oval:def:96726Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue."vulnerability
oval:org.mitre.oval:def:96216Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.vulnerability
oval:org.mitre.oval:def:95856Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."vulnerability
oval:org.mitre.oval:def:95826Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.vulnerability
oval:org.mitre.oval:def:95656Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.vulnerability
oval:org.mitre.oval:def:95466Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.vulnerability
oval:org.mitre.oval:def:94866Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.vulnerability
oval:org.mitre.oval:def:91886Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."vulnerability
oval:org.mitre.oval:def:936Microsoft Office 2000 is installedinventory
oval:org.mitre.oval:def:5186Microsoft Project 2000 SR1 is installedinventory
oval:org.mitre.oval:def:91006Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.vulnerability
oval:org.mitre.oval:def:85406Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.vulnerability
oval:org.mitre.oval:def:83156DSA-1735 znc -- missing input sanitisationpatch
oval:org.mitre.oval:def:79466DSA-1571 openssl -- predictable random number generatorpatch
oval:org.mitre.oval:def:75906DSA-2033 ejabberd -- heap overflowpatch
oval:org.mitre.oval:def:75436Adobe Shockwave Player Buffer Overflow Vulnerabilityvulnerability
oval:org.mitre.oval:def:74776Adobe Shockwave Player 3D Parsing Remote Code Execution Vulnerabilityvulnerability
oval:org.mitre.oval:def:74166Adobe Shockwave Player PAMI Chunk Remote Code Execution Vulnerabilityvulnerability
oval:org.mitre.oval:def:71626IrfanView is installedinventory
oval:org.mitre.oval:def:73886Adobe Shockwave Player Infinite Loop Vulnerabilityvulnerability
oval:org.mitre.oval:def:73606Vulnerability in offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Softwarevulnerability
oval:org.mitre.oval:def:72736Adobe Shockwave Player 'DIRAPI.dll' Remote Code Execution Vulnerabilityvulnerability
oval:org.mitre.oval:def:72696Adobe Shockwave Player Memory Corruption Vulnerabilityvulnerability
oval:org.mitre.oval:def:72686Adobe Shockwave Player Director File Parsing Invalid Offset Remote Code Execution Vulnerabilityvulnerability
oval:org.mitre.oval:def:72626Adobe Shockwave Player 3D Object Parsing Memory Corruption Vulnerabilityvulnerability
oval:org.mitre.oval:def:65586Avast! AntiVirus for Windows is installedinventory
oval:org.mitre.oval:def:71846Adobe Shockwave Player DIR File Parsing Remote Code Execution Vulnerabilitiesvulnerability
oval:org.mitre.oval:def:71836Adobe Shockwave Player Memory Corruption Vulnerabilityvulnerability
Page 1 of 232 (9242 items)Предыдущая1234567230231232Следующая

company ALTEX-SOFT 2008-2019, © AO ALTEX-SOFT , ovaldb@altx-soft.com

OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.