Lucene search
K

778 matches found

NVD
NVD
added 2012/12/04 6:5 a.m.16 views

CVE-2012-5138

Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors...

10CVSS6.1AI score0.01497EPSS
Exploits0References6
Prion
Prion
added 2012/12/04 6:5 a.m.20 views

Design/Logic Flaw

Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors...

10CVSS6.8AI score0.01497EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2012/12/04 2:0 a.m.25 views

CVE-2012-5138

Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors...

6AI score0.01497EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2012/12/04 2:0 a.m.33 views

CVE-2012-5138

Removed by vendor...

10CVSS9.4AI score0.01497EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/12/04 12:0 a.m.22 views

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.3AI score0.02507EPSS
Exploits0References2
Opera Security Advisories
Opera Security Advisories
added 2012/11/19 12:0 a.m.9 views

Error pages can be used to guess local file paths – Opera Security Advisories

Remote web pages should not be able to detect what files a user has on their local machine. Certain error pages do not apply this restriction correctly, allowing web pages to produce an error page where a script can run. The script can then use various events to detect whether files on the user’s...

5.8AI score
Exploits0References1
Nmap
Nmap
added 2012/03/08 5:51 p.m.114 views

versant-info NSE Script

Extracts information, including file paths, version and database names from a Versant object database. Example Usage nmap -p 5019 --script versant-info Script Output PORT STATE SERVICE REASON 5019/tcp open versant syn-ack | versant-info: | Hostname: WIN-S6HA7RJFAAR | Root path: C:\Versant\8 |...

10CVSS9.4AI score0.99448EPSS
Exploits33
Tenable Nessus
Tenable Nessus
added 2012/02/02 12:0 a.m.22 views

Fedora 16 : BackupPC-3.2.1-7.fc16 (2012-0825)

change %%sharedstatedir to %%localstatedir/lib as these expand differently on EL bz 767719 - fix XSS vulnerability bz 749846, bz 749847, bz 749848 CVE-2011-3361 - additional documentation about enabling correct channels in RHEL to resolve all dependencies bz 749627 - fix bug with missing...

4.3CVSS5.4AI score0.02507EPSS
Exploits1References6
myhack58
myhack58
added 2011/10/04 12:0 a.m.17 views

winwebmail mention the right-vulnerability warning-the black bar safety net

Another collection below winwebmail default installation path, this is for if in Start—program there is no winwebmail shortcut. c:\winwebmail\web if you cannot browse to change to the d:\winwebmail\web\ In addition, if you can not find the path please use Registry to read the...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/23 12:0 a.m.20 views

VMCPlayer 1.0 Denial Of Service

done by BraniX www.hackers.org.pl found: 2011.03.22 published: 2011.03.22 tested on: Windows XP SP3 Home Edition App: VMCPlayer 1.0 App Url: http://files.videomobileconverter.com/vmcplayer.exe VMCPlayer.exe MD5: 8a98ffbb404731f8f5ffbf3eaf30a327 VMCPlayer can be DoS'ed in two or probably more ways...

7.4AI score
Exploits0
rdot
rdot
added 2010/12/10 12:0 a.m.11 views

Вышел PHP 5.3.4

ChangeLog Выпуск новой версии не был бы настолько примечателен, если бы не следующая строчка в ченджлоге: Цитата: Paths with NULL in them foo\0bar.txt are now considered as invalid. Rasmus --- Видимо усечение пути нулл-байтом теперь останется в прошлом. Решение проблемы на примере функции file: S...

0.6AI score
Exploits0
Opera Security Advisories
Opera Security Advisories
added 2010/06/29 12:0 a.m.7 views

File inputs can disclose the path to selected files – Opera Security Advisories

File inputs can disclose the path to selected files – Opera Security Advisories OPCOM Team | June 29, 2010 Severity Less severe Description When a file is selected in a file upload input, the path to that file is not exposed through the input’s value property. This is done to protect any sensitiv...

5.7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/06/25 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-953-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.4AI score0.03681EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2010/06/22 12:0 a.m.24 views

Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : fastjar vulnerability (USN-953-1)

Dan Rosenberg discovered that fastjar incorrectly handled file paths containing '..' when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted jar file, arbitrary files could be overwritten with user privileges. Note that Tenable Network Security ha...

5.8CVSS5.4AI score0.03681EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2010/06/21 5:56 p.m.50 views

USN-953-1: fastjar vulnerability

Dan Rosenberg discovered that fastjar incorrectly handled file paths containing ".." when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted jar file, arbitrary files could be overwritten with user privileges...

5.8CVSS5.4AI score0.03681EPSS
Exploits1
Exploit DB
Exploit DB
added 2010/06/08 12:0 a.m.27 views

Phreebooks 2.0 - Local File Inclusion

Advisory Name: Local File Inclusion in Phreebooks v2.0 Internal Cybsec Advisory Id: Vulnerability Class: Local File Inclusion Release Date: 2010-05-26 Affected Applications: Phreebooks v2.0 Affected Platforms: Any running Phreebooks v2.0 Local / Remote: Remote Severity: Medium – CVSS: 5...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/02/01 12:0 a.m.46 views

SAP BusinessObjects 'HappyAxis2.jsp' Information Disclosure

The SAP BusinessObjects installation on the remote web server is leaking information via '/BusinessProcessBI/axis2-web/HappyAxis.jsp'. This page contains debugging information such as local file paths, operating system version, and Java version. A remote attacker could use this information to mou...

5.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/06/05 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-723-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.1188EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2009/02/18 6:59 p.m.62 views

USN-723-1: Git vulnerabilities

It was discovered that Git did not properly handle long file paths. If a user were tricked into performing commands on a specially crafted Git repository, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2008-3546 It was discovered that t...

7.5CVSS6AI score0.1188EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2008/07/02 12:48 p.m.3 views

Firefox javascript arbitrary code execution

The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from 1 file: URIs, 2 data: URIs, or 3 certain non-canonical chrome: URIs, which allows remote attacker...

6.8CVSS6.2AI score0.03213EPSS
Exploits1References4
Rows per page
Query Builder