OVALdb logo

Профессиональный OVAL репозиторий

Критерии поиска:  Версия: 6

Страница 1 из 258 (Всего элементов: 10311)Prev1234567256257258Next
OVALid 
Версия 
Название 
Класс 
Условие
Условие
Условие
xv
oval:org.mitre.oval:def:99286Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.уязвимость
oval:org.mitre.oval:def:99146Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.уязвимость
oval:org.mitre.oval:def:98986The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves.уязвимость
oval:org.mitre.oval:def:98476The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.уязвимость
oval:org.mitre.oval:def:98286Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.уязвимость
oval:org.mitre.oval:def:98136Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.уязвимость
oval:org.mitre.oval:def:9806NTLM Authentication BO in Squid Web Proxy Cacheуязвимость
oval:org.mitre.oval:def:97556Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.уязвимость
oval:org.mitre.oval:def:97316The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.уязвимость
oval:org.mitre.oval:def:97296Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue."уязвимость
oval:org.mitre.oval:def:96936Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."уязвимость
oval:org.mitre.oval:def:96846Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.уязвимость
oval:org.mitre.oval:def:96726Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue."уязвимость
oval:org.mitre.oval:def:96216Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.уязвимость
oval:org.mitre.oval:def:95856Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."уязвимость
oval:org.mitre.oval:def:95826Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.уязвимость
oval:org.mitre.oval:def:95656Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.уязвимость
oval:org.mitre.oval:def:95466Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.уязвимость
oval:org.mitre.oval:def:94866Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.уязвимость
oval:org.mitre.oval:def:91886Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."уязвимость
oval:org.mitre.oval:def:936Microsoft Office 2000 is installedинвентарь
oval:org.mitre.oval:def:5186Microsoft Project 2000 SR1 is installedинвентарь
oval:org.mitre.oval:def:91006Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.уязвимость
oval:org.mitre.oval:def:85406Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.уязвимость
oval:org.mitre.oval:def:83156DSA-1735 znc -- missing input sanitisationобновление
oval:org.mitre.oval:def:79466DSA-1571 openssl -- predictable random number generatorобновление
oval:org.mitre.oval:def:75906DSA-2033 ejabberd -- heap overflowобновление
oval:org.mitre.oval:def:75436Adobe Shockwave Player Buffer Overflow Vulnerabilityуязвимость
oval:org.mitre.oval:def:74776Adobe Shockwave Player 3D Parsing Remote Code Execution Vulnerabilityуязвимость
oval:org.mitre.oval:def:74166Adobe Shockwave Player PAMI Chunk Remote Code Execution Vulnerabilityуязвимость
oval:org.mitre.oval:def:71626IrfanView is installedинвентарь
oval:org.mitre.oval:def:73886Adobe Shockwave Player Infinite Loop Vulnerabilityуязвимость
oval:org.mitre.oval:def:73606Vulnerability in offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Softwareуязвимость
oval:org.mitre.oval:def:72736Adobe Shockwave Player 'DIRAPI.dll' Remote Code Execution Vulnerabilityуязвимость
oval:org.mitre.oval:def:72696Adobe Shockwave Player Memory Corruption Vulnerabilityуязвимость
oval:org.mitre.oval:def:72686Adobe Shockwave Player Director File Parsing Invalid Offset Remote Code Execution Vulnerabilityуязвимость
oval:org.mitre.oval:def:72626Adobe Shockwave Player 3D Object Parsing Memory Corruption Vulnerabilityуязвимость
oval:org.mitre.oval:def:71846Adobe Shockwave Player DIR File Parsing Remote Code Execution Vulnerabilitiesуязвимость
oval:org.mitre.oval:def:71836Adobe Shockwave Player Memory Corruption Vulnerabilityуязвимость
oval:org.mitre.oval:def:71546Adobe Shockwave Player Memory Corruption Vulnerabilityуязвимость
Страница 1 из 258 (Всего элементов: 10311)Prev1234567256257258Next

компания АЛТЭКС-СОФТ 2008-2020, © АО АЛТЭКС-СОФТ , ovaldb@altx-soft.com

OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.