CA BrightStor ARCServe Backup LGServer Arbitrary File Upload (CVE-2007-5005; CVE-2008-1329)

Computer Associates BrightStor ARCserve Backup for Laptops and Desktops provides backup and data recovery for remote, mobile and desktop computers. In general, a backup system is comprised of a server and multiple clients, also known as agents. The server establishes, organizes, and controls all ...

Proland Software Protector Plus antivirus weak permissions

Executable files have Everyone:Full Control permissions...

CVE-2008-6996

Google Chrome BETA 0.2.149.27 does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service disk consumption or exploit other vulnerabilities via a URL that references an executable file, possibly related to the "ask...

Code injection

Google Chrome BETA 0.2.149.27 does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service disk consumption or exploit other vulnerabilities via a URL that references an executable file, possibly related to the "ask...

HP Network Node Manager remote console weak files permissions

Weak permissions for C:Program FilesHP OpenView allows executable files and system service file spoofing...

CVE-2008-6996

CVE-2008-6996 affects Google Chrome BETA 0.2.149.27. The vulnerability is that Chrome does not prompt the user before saving an executable file, potentially enabling a remote attacker or malware to cause disk-based DoS or exploit other vulnerabilities via a URL referencing an executable (possibly...

CVE-2008-6996

Removed by vendor...

EPSON Status Monitor 3 local privilege escalation vulnerability

------- EPSON Status Monitor 3 local privilege escalation vulnerability -------- by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ -------------------------------------------------------------------------------- After that pyrokinesis found:...

EPSON Status Monitor 3 Local Privilege Escalation Vulnerability

Exploit for unknown platform in category local exploits =============================================================== EPSON Status Monitor 3 Local Privilege Escalation Vulnerability =============================================================== ------- EPSON Status Monitor 3 local privilege...

CVE-2009-2265

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009,...

CVE-2009-2265

Removed by vendor...

Windows 7 retains Windows Explorer security risk

From InformationWeek Thomas Claburn Windows 7 RC is now available, but Microsoft’s new operating system could use a bit more tinkering to improve security. Specifically, Windows Explorer provides a way to hide a file’s extension. Virus writers use this feature to disguise executable files as...

Hacking tricks of a few over-active Defense method-vulnerability warning-the black bar safety net

Generally the Trojan is added from the start is antivirus software active defense, or 3 6 0 intercept,a few days ago in an online found several registry since the start of the method,the effect is also good,can be considered currently active Defense of a large Dead Space,even of micro-point turne...

CVE-2008-5002

Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control ChilkatCrypt2.dll 4.3.2.1 in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating...

Google Chrome Automatic File Download

Google's Chrome BETA allows files e.g. executable files to be automatically downloaded to the user's computer without any user prompt. To check the flaw, open a URL that points to an executable file. nerex...

Novell ZENworks Endpoint Security Management security client privilege escalation

Application launch with SYSTEM privileges by relative path, temporary executable files creatin in user-controlled directory...

CVE-2002-2401

NT Virtual DOS Machine NTVDM.EXE in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs...

CVE-2002-2401

NTVDM.EXE in Windows 2000/NT/XP fails to verify user execution permissions for 16‑bit executables, allowing local users to bypass the loader and run arbitrary programs. Root cause: missing permission verification on 16‑bit file execution. Mitigation/remediation details are not provided in the con...

Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files

VISIT ORIGINAL ADVISORY FOR MORE DETAILS http://myimei.com/security/2007-09-01/olate-download-342-useruploadphp-upload-executable-files.html VISIT ORIGINAL ADVISORY FOR MORE DETAILS/ ——-Summary—— Software: Olate Download Sowtware's Web Site: http://www.olate.co.uk/ Versions: 3.4.2 Class: Remote...

Checkpoint ZoneAlarm multiple privilege escalations

Vsdatant.sys driver multiple IOCTLs buffer overflows. Weak permissions for executable files...