98 matches found
CVE-2010-3373
paxtest handles temporary files insecurely...
CVE-2010-3373
paxtest handles temporary files insecurely...
CVE-2010-3373
paxtest handles temporary files insecurely...
CVE-2010-3373
paxtest handles temporary files insecurely...
CVE-2010-3373
Technical details for CVE-2010-3373 are not publicly available in the provided documents; multiple feeds list the issue as paxtest insecure temporary file handling, but no vendor/product/version specifics or fixes are disclosed. Monitor for updates.
CVE-2017-3373
CVE-2017-3373 affects Oracle E-Business Suite Oracle Advanced Outbound Telephony (User Interface) and its supported versions 12.1.1–12.2.6. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise Oracle Advanced Outbound Telephony; successful attacks can g...
CVE-2016-3373
creationtimestamp| type| source ---|---|--- 2016-09-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40430...
CVE-2016-3373
CVE-2016-3373 is a Windows kernel local elevation-of-privilege vulnerability. The Windows Kernel API improperly restricts access to registry information, enabling a locally authenticated attacker to obtain sensitive user account data via a crafted application. Affected products include Windows Vi...
Microsoft Windows Elevation of Privilege (MS16-111: CVE-2016-3373)
An elevation of privilege vulnerability exists in Microsoft Windows. A malicious user can bypass a security check in Windows to read and write registry hive files under a hidden registry hive which could enable an elevation of privilege. Successful exploitation could allow an attacker to run...
KLA11907 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of...
Debian DSA-3373-1 : owncloud - security update
Multiple vulnerabilities were discovered in ownCloud, a cloud storage web service for files, music, contacts, calendars and many more. These flaws may lead to the execution of arbitrary code, authorization bypass, information disclosure, cross-site scripting or denial of service. %NASLMINLEVEL...
Debian: Security Advisory (DSA-3373-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-3373
CVE-2015-3373 affects the Drupal Amazon AWS contributed module prior to version 7.x-1.3. The vulnerability stems from generating an access token using the base URL and AWS access key, enabling remote attackers to guess the token value and trigger creation of backups via a crafted URL. Affected pr...
SA-CONTRIB-2015-030 - Amazon AWS - Access bypass
Amazon AWS module provides integration with Amazon Web Services AWS. A malicious user could potentially guess an access token and trigger the creation of new backups by making a request to a specially-crafted URL. If the number of stored backups was limited, an attacker could exceed the limit by...
Cisco Unified Communications Manager Multiple Reflected XSS
According to its self-reported version, the remote Cisco Unified Communications Manager CUCM device is affected by multiple reflected cross-site scripting vulnerabilities due to insufficient input validation of certain parameters passed via HTTP GET or POST methods. %NASLMINLEVEL 70300 C Tenable...
CVE-2014-3373
Cisco Unified Communications Manager (CUCM) Server’s CCM Dialed Number Analyzer interface is affected by multiple XSS vulnerabilities due to insufficient input validation of HTTP GET/POST parameters. Exploitation could allow remote attackers to inject arbitrary web script or HTML. The issue, trac...
CVE-2013-3373
CRLF injection vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header...
CVE-2013-3373
CVE-2013-3373: CRLF/header injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via a MIME header. Affected RT versions include 3.8.x (pre-3.8.17) and 4.0.x (pre-4.0...
Mozilla Firefox 3.5.4 - Local Color Map Exploit
This is a heap overflow exploit that leverages a local color map parsing bug in Firefox versions 3.5.4 and below, 3.0.15 and below, and SeaMonkey versions 2.0 and below. include include / x90c local color map 1day exploit CVE-2009-3373 Firefox local color map 1day exploit MFSA 2009-56 Firefox loc...
Request Tracker 3.8.x < 3.8.17 / 4.x < 4.0.13 Multiple Vulnerabilities
According to its self-reported version number, the Best Practical Solutions Request Tracker RT running on the remote web server is version 3.8.x prior to 3.8.17 or version 4.x prior to 4.0.13. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists that allows a...