OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
ASLR Security Feature Bypass Vulnerability - MS13-063 oval:org.mitre.oval:def:18132 Vulnerability windows
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to exec... oval:org.mitre.oval:def:17474 Vulnerability windows
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a de... oval:org.mitre.oval:def:18201 Vulnerability windows
Buffer overflow in Mozilla Maintenance Service and Mozilla Updater oval:org.mitre.oval:def:18871 Vulnerability windows
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to ... oval:org.mitre.oval:def:17678 Vulnerability windows
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated ... oval:org.mitre.oval:def:17722 Vulnerability windows
Buffer overflow in Mozilla Maintenance Service and Mozilla Updater oval:org.mitre.oval:def:18930 Vulnerability windows
Buffer underflow when generating CRMF requests oval:org.mitre.oval:def:18935 Vulnerability windows
Bypass of XrayWrappers using XBL Scopes oval:org.mitre.oval:def:18830 Vulnerability windows
cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which mig... oval:org.mitre.oval:def:18223 Vulnerability windows
Crash during WAV audio file decoding oval:org.mitre.oval:def:18803 Vulnerability windows
CRMF requests allow for code execution and XSS attacks oval:org.mitre.oval:def:18773 Vulnerability windows
Cross-site-scripting (XSS) vulnerability in Internet Explorer - CVE-2013-3192 MS13-059 oval:org.mitre.oval:def:17980 Vulnerability windows
directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authentica... oval:org.mitre.oval:def:18461 Vulnerability windows
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allow... oval:org.mitre.oval:def:17620 Vulnerability windows
Document URI misrepresentation and masquerading oval:org.mitre.oval:def:18531 Vulnerability windows
Elevation of privilege vulnerability in Internet Explorer - CVE-2013-3186 MS13-059 oval:org.mitre.oval:def:18031 Vulnerability windows
family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 v... oval:org.mitre.oval:def:18408 Vulnerability windows
Firefox full and stub installer DLL hijacking oval:org.mitre.oval:def:18210 Vulnerability windows
Further Privilege escalation through Mozilla Updater oval:org.mitre.oval:def:18014 Vulnerability windows
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application... oval:org.mitre.oval:def:17554 Vulnerability windows
gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a ... oval:org.mitre.oval:def:18324 Vulnerability windows
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nick... oval:org.mitre.oval:def:18230 Vulnerability windows
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which... oval:org.mitre.oval:def:18506 Vulnerability windows
libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (... oval:org.mitre.oval:def:18357 Vulnerability windows
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's bu... oval:org.mitre.oval:def:18261 Vulnerability windows
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated user... oval:org.mitre.oval:def:18402 Vulnerability windows
Local Java applets may read contents of local file system oval:org.mitre.oval:def:18367 Vulnerability windows
Memory corruption vulnerability in Internet Explorer - CVE-2013-3194 MS13-059 oval:org.mitre.oval:def:18267 Vulnerability windows
Memory corruption vulnerability in Internet Explorer - CVE-2013-3193 MS13-059 oval:org.mitre.oval:def:17996 Vulnerability windows
Total number of results : 90
Page : 1 (This Page) 2 3

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html