Design/Logic Flaw

Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of...

CVE-2011-5155

Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of...

CVE-2011-5152

Multiple untrusted search path vulnerabilities in ACDSee Photo Editor 2008 5.x build 291 allow local users to gain privileges via a Trojan horse 1 Wintab32.dll or 2 CV11-DialogEditor.dll file in the current working directory, as demonstrated by a directory that contains a .apd file. NOTE: the...

Design/Logic Flaw

Untrusted search path vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 allows local users to gain privileges via a Trojan horse ShellIntMgrPFMU.dll file in the current working directory, as demonstrated by a directory that contains a .jpg file. NOTE: the provenance of this information i...

CVE-2011-5157

Untrusted search path vulnerability in Attachmate Reflection before 14.1 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, a related issue to CVE-2011-0107. NOTE: some of these details are obtained from third party information...

Design/Logic Flaw

Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .plp file. NOTE: the provenance of this information is unknown; the details are...

Design/Logic Flaw

Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dtp file. NOTE: some of these details are obtained from third party...

Design/Logic Flaw

Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 9.0.0.20091029.1.612548 allows local users to gain privileges via a Trojan horse objectassistenUS.dll file in the current working directory, as demonstrated by a directory that contains a .tds file. NOTE: the provenance of this...

CVE-2010-5205

Multiple untrusted search path vulnerabilities in e-press ONE Office Author allow local users to gain privileges via a Trojan horse 1 javamsci.dll or 2 mscijava.dll file in the current working directory, as demonstrated by a directory that contains a .psw file. NOTE: some of these details are...

CVE-2010-5207

Multiple untrusted search path vulnerabilities in CelFrame Office 2008 Standard Edition allow local users to gain privileges via a Trojan horse 1 javamsci.dll or 2 mscijava.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .odg file. NOTE: so...

CVE-2010-5218

Untrusted search path vulnerability in Dupehunter 9.0.0.3911 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dhjb file. NOTE: some of these details are obtained from third party informatio...

Slackware 13.37 / current : mozilla-thunderbird (SSA:2012-244-03)

New mozilla-thunderbird packages are available for Slackware 13.37 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2012-244-03. The text itself is...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 13.37 and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: This release contains security fixes and improvements. For more information, see:...

AZL-37030 CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

[slackware-security] libpng

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/libpng-1.4.12-i486-1slack13.37.txz: Upgraded. Fixed incorrect...

PT-2012-3598

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 Microsoft Visual Basic for Applications VBA Summit Microsoft Visual Basic for Applications SDK Description The issue allows local users to gain privileges via a Trojan...

Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : freetype (SSA:2012-176-01)

New freetype packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2012-176-01...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: This release contains security fixes and improvements. For more information, see:...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: This release contains security fixes and improvements. For more information, see:...

CVE-2012-1849

Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading...