7970 matches found
Secunia Research: Quicksilver Forums "mysqldump" Password Disclosure
====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums "mysqldump" Password Disclosure - ====================================================================== Table of Contents Affected...
Skype URI Handler Input Validation
, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Skype URI Handler Input Validation Versions affected: All versions prior to 4.2.0.1.55 v4.2 hotfix 1 +-----------+ |Description| +-----------+ The Windows Skype client implements tw...
CVE-2010-0124
Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
Skype - URI Handler Input Validation
No description provided by source. Description The Windows Skype client implements two URI handlers, Skype: and Skype-Plugin. Both handlers allow for easy browser integration and are supported by all modern browsers. When a Skype link is clicked, the Skype.exe process is spawned with the /URI:...
[SECURITY] Fedora 13 Update: cups-1.4.2-34.fc13
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces...
Skype URI Handler Input Validation
, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Skype URI Handler Input Validation Versions affected: All versions prior to 4.2.0.1.55 v4.2 hotfix 1 +-----------+ |Description| +-----------+ The Windows...
Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with how the OS web-browser passes command line arguments ...
Skype - URI Handler Input Validation
Skype - URI Handler Input Validation Description The Windows Skype client implements two URI handlers, Skype: and Skype-Plugin. Both handlers allow for easy browser integration and are supported by all modern browsers. When a Skype link is clicked, the Skype.exe process is spawned with the /URI:...
Skype - URI Handler Input Validation
Description The Windows Skype client implements two URI handlers, Skype: and Skype-Plugin. Both handlers allow for easy browser integration and are supported by all modern browsers. When a Skype link is clicked, the Skype.exe process is spawned with the /URI: command argument, followed by the use...
[SECURITY] Fedora 12 Update: wireshark-1.2.6-1.fc12
Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...
Immunity Canvas: IE_HELP
Name| iehelp ---|--- CVE| CVE-2010-0483 Exploit Pack| CANVAS Description| iehelp Notes| CVE Name: CVE-2010-0483 VENDOR: Microsoft Notes: Use from httpserver with name iehelp. Options are: message - Message of the MessageBox to be displayed to the user default: "Press F1 to stop this" Must not be...
systemtap: remote code execution via stap-server
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request...
Fedora 12 : cacti-0.8.7e-3.fc12 (2009-12560)
This fix contains several official patches from cacti: Command Line Add Graphs Syntax SNMP Invalid Responses Template Import/Export Duplication Cross-Site Scripting Fixes http://www.cacti.net/downloadpatches.php Note that Tenable Network Security has extracted the preceding description block...
Bournal information leak
Command line paramters including encryption key are visible in processes list. Insecure temporary files creation...
mysql: mysql command line client XSS flaw
Cross-site scripting XSS vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be...
rar. exe at the mention of the right in the magical-vulnerability warning-the black bar safety net
3est rar. exe is? It is the famous winrar comes with a command line unzip program. At the mention of the right in the US is often todownloada variety of sensitive files, such as:SU directory. You think about it, if the su catalog file so much, do you want onedownload is?? This obviously is very...
Cross site request forgery (csrf)
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request...
Command line under a new account method-vulnerability warning-the black bar safety net
Today research about the user control panel file nusrmgr. cpl, the discovery call is to the Shell. Users to add users, it also simultaneously calls the wscript. shell, Shell. Application, Shell. LocalMachine these three components. But added to the user while this one Shell. Users is sufficient. ...
Design/Logic Flaw
The command line interface in Overland Storage Snap Server 410 with GuardianOS 5.1.041 runs the "less" utility with a higher-privileged uid than the CLI user and without sufficient restriction on shell escapes, which allows local users to gain privileges using the "!" character within less to...
[SECURITY] Fedora 11 Update: ImageMagick-6.5.1.2-2.fc11
ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...