Microsoft Windows Object Packager Insecure Executable Launching (MS12-002; CVE-2012-0009)

A remote code execution has ben reported in Microsoft Windows...

Unrestricted file upload

Multiple unrestricted file upload vulnerabilities in the WP Symposium plugin before 11.12.24 for WordPress allow remote attackers to execute arbitrary code by uploading a file with an executable extension using 1 uploadify/uploadadminavatar.php or 2 uploadify/uploadprofileavatar.php, then accessi...

Unrestricted file upload

Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory...

CVE-2011-3666

Based on the Connected documents, CVE-2011-3666 is tied to Mozilla Firefox and Thunderbird on Mac OS X where a fix for CVE-2011-2372 was incorrectly applied, allowing a user-assisted bypass related to executable handling of .jar-like files via crafted web content. The Nessus/OpenSSH-related advis...

Unix Command Shell, Bind TCP (via Ruby) IPv6

Continually listen for a connection and spawn a command shell via Ruby This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 142 include Msf::Payload::Single include...

CVE-2011-4266

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a...

Design/Logic Flaw

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a...

CVE-2011-4266

CVE-2011-4266 affects FFFTP prior to version 1.98d, via an untrusted search path that lets local users gain privileges using a Trojan horse executable in the same directory read to load an extensionless file (demonstrated with README.exe). The vulnerability is rooted in unsafe loading of executab...

CVE-2011-4266

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a...

FFFTP may insecurely load executable files

Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Fumihiko Sano reported this vulnerability to IPA. JPCERT/CC...

JVN#94002296: FFFTP may insecurely load executable files

FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest versio...

Трояним эльфов

Трояним эльфов Задача: Вставить в elf-файл возможность, при указании пароля, запуска произвольных команд. Размер и функционал исходного elf-файла остаются неизменными. Часть 1. Трояним /bin/su из BackTrack 5 R1 x86 образ VMWare BT5R1-GNOME-VM-32.7z 1. ELF и его анатомия в контексте используемой...

eEye Retina audit script could execute untrusted programs as root

Overview eEye Retina audit scripts have the capability to run remote shell scripts in order to determine vulnerable applications. One audit script in particular audit ID 2499 uses find1 and execute -exec when assessing a vulnerability within Gauntlet Firewall. An attacker who can write an...

Facebook Flaw Allows Users to Send Executables

A security researcher has discovered a vulnerability in Facebook’s messaging system that could allow an attacker to send executable attachments to anyone on the popular social network. The vulnerability is such that an attacker doesn’t necessarily need to be friends with the person to whom he sen...

FFFTP may insecurely load executable files

Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC...

Facebook EXE attachment Vulnerability can Compromise with Users Security

Facebook EXE attachment Vulnerability can Compromise with Users Security Nathan Power from SecurityPentest has discovered new Facebook Vulnerability, that can easily attach EXE files in messages,cause possible User Credentials to be Compromised . When using the Facebook 'Messages' tab, there is a...

CVE-2011-0185

Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file...

Format string

Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file...

FreeBSD : ChiTeX/ChiLaTeX unsafe set-user-id root (49ad1bf8-5d7e-11d8-80e3-0020ed76ef5a)

Niels Heinen reports that ChiTeX installs set-user-id root executables that invoked system3 without setting up the environment, trivially allowing local root compromise. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

CVE-2010-4879

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the inputfile parameter...