CVE-2007-1419

CVE-2007-1419 affects Java Dynamic Management Kit 5.1, where the JMX RMI-IIOP Remote API does not properly enforce java.policy. This allows a local attacker with privileged remote authenticated access to obtain certain MBeans data. The issue is described as a local-privilege/数据访问 risk with a base...

CVE-2007-1382

The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode...

PHP COM extensions (inconsistent Win32) safe_mode Bypass Exploit

No description provided by source. ?php //PHP COM extensions inconsistent Win32 safemode bypass //by rgod $suntzu = new COM"WScript.Shell"; $suntzu-Run'c:windowssystem32cmd.exe /c '.escapeshellarg$GETcmd.' '.dirname$SERVERSCRIPTFILENAME.'/suntzoi.txt';...

PHP COM extensions (inconsistent Win32) safe_mode Bypass Exploit

Exploit for unknown platform in category local exploits ================================================================ PHP COM extensions inconsistent Win32 safemode Bypass Exploit ================================================================ Run'c:\windows\system32\cmd.exe /c...

PHP 'COM' Extensions - inconsistent Win32 'safe_mode' Bypass

Run'c:\windows\system32\cmd.exe /c '.escapeshellarg$GETcmd.' '.dirname$SERVERSCRIPTFILENAME.'/suntzoi.txt'; $suntzoi=file"suntzoi.txt"; for $i=0; $i milw0rm.com 2007-03-07...

CVE-2006-7134

Unrestricted file upload vulnerability in mainuser.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...

security flaw

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9 ibaseadduser, and 1...

security flaw

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9 ibaseadduser, and 1...

MDKA-2006:032 : epiphany-extensions

Recently, epiphany was updated to work with the latest Mozilla Firefox however new epiphany-extensions packages were not available. This update provides updated epiphany-extensions for epiphany. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not...

SUSE-SA:2007:005: w3m

The remote host is missing the patch for the advisory SUSE-SA:2007:005 w3m. A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not...

CVE-2007-0896

Cross-site scripting XSS vulnerability in the 1 Sage before 1.3.10, and 2 Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712...

Cross site scripting

Cross-site scripting XSS vulnerability in the 1 Sage before 1.3.10, and 2 Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712...

CVE-2007-0896

CVE-2007-0896 affects Sage before 1.3.10 and Sage++ extensions for Firefox. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script or HTML via a <SCRIPT/=''SRC=' sequence in an RSS feed. Supported sources classify the issue as active hist...

CVE-2007-0505

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue...

Solaris 10 (x86) : 124209-01

SunOS 5.10x86: Trusted Extensions header. Date this patch was last updated by Sun : Dec/07/06 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Solaris 10 (sparc) : 124208-01

SunOS 5.10: Trusted Extensions header file. Date this patch was last updated by Sun : Dec/11/06 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Debian DSA-1237-1 : kernel-source-2.4.27 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4093 Olof Johansson reported a local DoS Denia...

CVE-2006-6585

The Extensions manager in Mozilla Firefox 2.0 does not properly populate the list of local extensions, which allows attackers to construct an extension that hides itself by finding its name in the list and then calling RemoveElement, as demonstrated by the FFsniFF extension. NOTE: it was later...

DEBIAN-CVE-2006-6585

The Extensions manager in Mozilla Firefox 2.0 does not properly populate the list of local extensions, which allows attackers to construct an extension that hides itself by finding its name in the list and then calling RemoveElement, as demonstrated by the FFsniFF extension. NOTE: it was later...

CVE-2006-6585

The Extensions manager in Mozilla Firefox 2.0 does not properly populate the list of local extensions, which allows attackers to construct an extension that hides itself by finding its name in the list and then calling RemoveElement, as demonstrated by the FFsniFF extension. NOTE: it was later...