620 matches found
DSX Raritan Console Servers weak permissions
Executable files are writable by unprivileged users...
SilverCity: Insecure file permissions
Background SilverCity provides lexical analysis for over 20 programming and markup languages. Description The SilverCity package installs three executable files with insecure permissions. Impact A local attacker could modify the executable files, causing arbitrary code to be executed with the...
CVE-2005-0230
Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files...
PT-2005-2067 · Phpbb · Phpbb
Name of the Vulnerable Software and Affected Versions: phpBB versions 2.0.x Description: The issue concerns a file upload script, specifically the mod for phpBB, which fails to properly restrict the types of files that can be uploaded. This allows remote authenticated users to execute arbitrary...
Mozilla Firefox weak permissions
Weak permissions for executable files...
Insecure file permissions in the Firefox browser for Linux >= v0.9
after installing firefox many of the permissions are set to 777, allowing anyone on the system to change the contents of the executable files. this first occured in the 0.9 release in the tar.gz release as well as in the installer. the problem or is it called a feature now? still exists in the...
Gadu-Gadu 6.0 - File Download Filename Obfuscation
Gadu-Gadu 6.0 - File Download Filename Obfuscation source: https://www.securityfocus.com/bid/11017/info Gadu-Gadu is a Polish instant messaging application for Microsoft Windows operating systems. It is reported that the Gadu-Gadu instant messenger application contains a weakness allowing attacke...
Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass
Symantec Norton AntiVirus 2002 - Nested File Manual Scan Bypass source: https://www.securityfocus.com/bid/10164/info A vulnerability has been reported in Symantec Norton AntiVirus 2002 that may potentially cause deeply nested files with specific names to bypass manual scanning. This could permit...
Caché weak permissions
Weak permissions for executable files and directories...
PT-2002-2566 · Microsoft · Windows Media Player
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Player WMP version 6.3 Description: The issue allows local users to gain privileges by deleting or modifying executables due to world-writable permissions. Recommendations: For Microsoft Windows Media Player WMP versio...
CVE-2002-1139
The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target...
Qualcomm Eudora 5/6 - File Attachment Spoofing (2)
source: https://www.securityfocus.com/bid/5432/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing malicious content, and in avoiding generating...
Qualcomm Eudora 56 - File Attachment Spoofing (1)
Qualcomm Eudora 56 - File Attachment Spoofing 1 source: https://www.securityfocus.com/bid/5432/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing...
REFRESH: EUDORA MAIL 5.1.1
Tuesday, July 23, 2002 Trivial silent delivery and installation of an executable on a target computer. This can be accomplished with the default installation of the mail client Eudora 5.1.1: 'allow executables in HTML content' DISABLED 'use Microsoft viewer' ENABLED The manufacturer...
Проблемы в TrendMicro InterScan VirusWall (shared folder permissons)
При установке создается разделяемая папка, содержащая исполняемые файлы доступная всем пользователям на запись/изменение...
Дырка в Apache-ssl из Trustix
Из-за ошибки в скрипте инсталляции часть исполняемых файлов устанавливается открытыми на запись...
Дырка в FlagShip
несколько исполняемых файлов открыто на запись...
Дырка в VariCAD 7.0
несколько исполняемых файлов открыты на запись...
Проблемы с OpenLDAP
исполняемые файлы устанавливаются с разрешениями позволяющие запись для группы...
Проблема с Eudora
Eudora считает исполняемыми только файлы с расширением .exe, .com и .bat, что позволяет прислать пользователю исполняемый файл, который будет запущен без предупреждения...