The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted...
The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL. Date published : 2014-04-11 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL. Date published : 2014-04-11 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter. Date published : 2014-04-11 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode2 argument. Date published : 2014-04-11 http://www.securityfocus.com/bid/66732 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode argument. Date published : 2014-04-11 http://www.securityfocus.com/bid/66728 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument. Date published : 2014-04-11 http://www.securityfocus.com/bid/66725 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long GotoCmd argument. Date published : 2014-04-11 http://www.securityfocus.com/bid/66722 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName parameter. Date published : 2014-04-11 http://www.securityfocus.com/bid/66718 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary SQL commands via SOAP requests to unspecified functions. Date published : 2014-04-11 http://www.securityfocus.com/bid/66740 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain....
Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary code via a crafted JPEG 2000 file. Date published : 2014-04-11 http://www.kb.cert.org/vuls/id/345337
The Settings module in Websense Triton Unified Security Center 7.7.3 before Hotfix 31, Web Filter 7.7.3 before Hotfix 31, Web Security 7.7.3 before Hotfix 31, Web Security Gateway 7.7.3 before Hotfix 31, and Web...
Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly...