CVE-2008-4192

The pservershutdown function in fenceegenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...

Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit

No description provided by source. ----------------------------------------------------------------------------- Chilkat XML ActiveX Remote Arbitrary File Creation/Execution url: www.chilkatsoft.com File: ChilkatUtil.dll = 3.0.3.0 CLSID: 5022FAE8-B780-4B78-B8DC-1AF1145A4F42 ProgID:...

Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (2)

source: https://www.securityfocus.com/bid/31069/info Microsoft Windows Image Acquisition Logger ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control fails to sanitize user-supplied input. ...

Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (1)

source: https://www.securityfocus.com/bid/31069/info Microsoft Windows Image Acquisition Logger ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control fails to sanitize user-supplied input. ...

Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (1)

Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite 1 source: https://www.securityfocus.com/bid/31069/info Microsoft Windows Image Acquisition Logger ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controll...

Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (2)

Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite 2 source: https://www.securityfocus.com/bid/31069/info Microsoft Windows Image Acquisition Logger ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controll...

Kyocera Mita Scanner File Utility 3.3.0.1 - File Transfer Directory Traversal

source: https://www.securityfocus.com/bid/30855/info Kyocera Mita Scanner File Utility is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to create and overwrite arbitrary files on the affected computer...

Flux CMS 'loadsave.php'任意文件覆盖漏洞

BUGTRAQ ID: 29618 CNCAN ID:CNCAN-2008061003 Flux CMS是一款内容管理程序。 Flux CMS 'loadsave.php'不正确验证用户输入，远程攻击者可以利用漏洞以WEB进程权限覆盖任意文件。 提交特殊构建的POST数据给'loadsave.php'脚本，可导致EB进程权限覆盖任意文件。 Flux CMS 1.5 目前没有解决方案提供： http://wiki.flux-cms.org/display/FLX/Home;jsessionid=D59E863574281A9BB6C951E073B3805C...

Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit

No description provided by source. ?php / ------------------------------------------------------------------------ Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ------------------------------------------------------------------------ author...: EgiX mail.....:...

fluxcms-overwrite.txt

?php / ------------------------------------------------------------------------ Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit

Exploit for unknown platform in category web applications ======================================================================== Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ======================================================================== ?php /...

Flux CMS 1.5.0 - &#039;loadsave.php&#039; Arbitrary File Overwrite

?php / ------------------------------------------------------------------------ Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

CA Internet Security Suite - UmxEventCli.dll ActiveX Control Arbitrary File Overwrite

CA Internet Security Suite - UmxEventCli.dll ActiveX Control Arbitrary File Overwrite source: https://www.securityfocus.com/bid/29406/info A Computer Associates Internet Security Suite ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary,...

CA Internet Security Suite - &#039;UmxEventCli.dll&#039; ActiveX Control Arbitrary File Overwrite

source: https://www.securityfocus.com/bid/29406/info A Computer Associates Internet Security Suite ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control fails to sanitize user-supplied inpu...

skk Arbitrary Code Execution Vulnerability

Overview skk Simple Kana to Kanji conversion software would create an insecure temporary file without taking proper security precautions. Impact An local attacker could overwrite arbitrary files. Solution Please refer to the 'Vendor Information' section for official remediation and take appropria...

Symantec Backup Exec for Windows Server ActiveX Control Multiple Vulnerabilities

Overview The PVATLCalendar.PVCalendar.1 pvcalendar.ocx ActiveX control, a scheduler component of the Media Server in Symantec Backup Exec for Windows Server BEWS, includes the insecure Save method that mishandles strings assigned to certain properties listed below, which can be exploited to cause...

IDAutomation多个条码ActiveX控件任意文件覆盖漏洞

BUGTRAQ ID: 29204 IDAutomation是美国一家专注于自动识别、条形码技术的公司，IDAutomation的产品包括条形码编辑、识别、打印、扫描功能的字体包、软件、控件产品等。 IDAutomation带的ActiveX控件实现上存在漏洞，远程攻击者可能利用此漏洞在用户系统上写入任意文件。 IDAutomation所提供的以下条码ActiveX控件： IDAuto.BarCode.1（IDAutomationLinear6.dll） IDAuto.Datamatrix.1（IDAutomationDMATRIX6.DLL）...

CVE-2008-2266

uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression...

WatchFire Appscan 7.0 ActiveX Multiple Insecure Methods Exploit

No description provided by source. Multiple Insecure Methods in AppScan Watchfire Web Application Security v 7.0 Remote: Yes An arbitrary file overwrite has been discovered in an ActiveX control installed with the WatchFire Appscan v 7.0. by callAX - Fr33d0m Kn0wl3dg3 1s th3 r341 P0w3r HTML objec...

WatchFire Appscan 7.0 ActiveX Multiple Insecure Methods Exploit

Exploit for unknown platform in category remote exploits =============================================================== WatchFire Appscan 7.0 ActiveX Multiple Insecure Methods Exploit =============================================================== Multiple Insecure Methods in AppScan Watchfire W...