Computer Security
[EN] securityvulns.ru no-pyccku


HP Performance Manager security vulnerabilities
updated since 02.04.2012
Published:24.06.2012
Source:
SecurityVulns ID:12297
Type:remote
Threat Level:
5/10
Description:DoS, code execution.
Affected:HP : HP Performance Manager 9.00
CVE:CVE-2012-0127 (Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.)
Original documentdocumentZDI, ZDI-12-100 : HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability (24.06.2012)
 documentHP, [security bulletin] HPSBMU02756 SSRT100596 rev.1 - HP Performance Manager Running on HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) (02.04.2012)

HP DataDirect OpenAccess security vulnerabilities
updated since 17.06.2012
Published:24.06.2012
Source:
SecurityVulns ID:12429
Type:remote
Threat Level:
5/10
Description:Few buffer overflows on traffic parsing.
Affected:HP : HP Database Archiving Software 6.31
CVE:CVE-2011-4165 (Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1263.)
 CVE-2011-4164 (Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214.)
 CVE-2011-4163 (Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213.)
Original documentdocumentZDI, ZDI-12-099 : DataDirect OpenAccess oaagent.exe GIOP Remote Code Execution Vulnerability (24.06.2012)
 documentZDI, ZDI-12-089 : HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability (17.06.2012)
 documentZDI, ZDI-12-088 : HP DataDirect OpenAccess GIOP Opcode 0x0E Remote Code Execution Vulnerability (17.06.2012)

RealNetworks Helix Server code execution
Published:24.06.2012
Source:
SecurityVulns ID:12434
Type:remote
Threat Level:
6/10
Description:Code execution during rn5auth authentication process.
Affected:REAL : Helix Server 14.2
CVE:CVE-2012-0942 (Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials.)
Original documentdocumentZDI, ZDI-12-094 : RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability (24.06.2012)

libxml off-by-one
Published:24.06.2012
Source:
SecurityVulns ID:12436
Type:library
Threat Level:
5/10
Affected:LIBXML : libxml 2.7
CVE:CVE-2011-3102 (Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2012:098 ] libxml2 (24.06.2012)

HP Data Protector Express multiple security vulnerabilities
updated since 19.03.2012
Published:24.06.2012
Source:
SecurityVulns ID:12261
Type:remote
Threat Level:
6/10
Description:DoS, code execution.
Affected:HP : Data Protector Express 5.0
 HP : Data Protector Express 6.0
CVE:CVE-2012-0124 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.)
 CVE-2012-0123 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498.)
 CVE-2012-0122 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393.)
 CVE-2012-0121 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392.)
Original documentdocumentZDI, ZDI-12-097 : HP Data Protector Express Opcode 0x320 Parsing Remote Code Execution Vulnerability (24.06.2012)
 documentZDI, ZDI-12-096 : HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Vulnerability (24.06.2012)
 documentHP, [security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service (DoS), Execution of Arbitrary Code (19.03.2012)

AOL Deskbar ActiveX code exeuction
updated since 24.06.2012
Published:13.08.2012
Source:
SecurityVulns ID:12435
Type:client
Threat Level:
5/10
Description:AOL dnUpdater ActiveX uninitialized potiner.
Original documentdocumentrgod, AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution (13.08.2012)
 documentZDI, ZDI-12-098 : AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability (24.06.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod