Lucene search
K

1464 matches found

Symantec
Symantec
•added 2010/08/10 12:0 a.m.•14 views

Microsoft Internet Explorer 'boundElements' Use-After-Free Error Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

7.8AI score
Exploits0Affected Software4
Packet Storm
Packet Storm
•added 2010/07/26 12:0 a.m.•36 views

Outlook ATTACH_BY_REF_RESOLVE File Execution

$Id: ms10045outlookrefresolve.rb 9925 2010-07-25 16:04:22Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS6.4AI score0.55278EPSS
Exploits11
Packet Storm
Packet Storm
•added 2010/07/26 12:0 a.m.•42 views

Outlook ATTACH_BY_REF_ONLY File Execution

$Id: ms10045outlookrefonly.rb 9926 2010-07-25 17:31:04Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS6.4AI score0.55278EPSS
Exploits11
Metasploit
Metasploit
•added 2010/07/25 4:0 p.m.•27 views

Outlook ATTACH_BY_REF_ONLY File Execution

It has been discovered that certain e-mail message cause Outlook to create Windows shortcut-like attachments or messages within Outlook. Through specially crafted TNEF streams with certain MAPI attachment properties, it is possible to set a path name to files to be executed. When a user double...

9.3CVSS7AI score0.55278EPSS
Exploits11
Metasploit
Metasploit
•added 2010/07/25 4:0 p.m.•37 views

Outlook ATTACH_BY_REF_RESOLVE File Execution

It has been discovered that certain e-mail message cause Outlook to create Windows shortcut-like attachments or messages within Outlook. Through specially crafted TNEF streams with certain MAPI attachment properties, it is possible to set a path name to files to be executed. When a user double...

9.3CVSS6.4AI score0.55278EPSS
Exploits11
securityvulns
securityvulns
•added 2010/07/15 12:0 a.m.•55 views

Outlook PR_ATTACH_METHOD file execution vulnerability

------------------------------------------------------------------------ Outlook PRATTACHMETHOD file execution vulnerability ------------------------------------------------------------------------ Yorick Koster, October 2009 -----------------------------------------------------------------------...

9.3CVSS6.7AI score0.55278EPSS
Exploits11
Tenable Nessus
Tenable Nessus
•added 2010/07/01 12:0 a.m.•25 views

Fedora 12 : xinha-0.96.1-1.fc12 (2010-9260)

Name: CVE-2010-1916 URL: https://vulners.com/cve/CVE-2009-1916 Assigned: 20100511 Reference: MISC: http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiw yg-editor-plugin-configuration-injection-vulnerability/index.html Reference: MISC:...

10CVSS5.7AI score0.10304EPSS
Exploits2References6
exploitpack
exploitpack
•added 2010/06/08 12:0 a.m.•11 views

Phreebooks 2.0 - Local File Inclusion

Phreebooks 2.0 - Local File Inclusion Advisory Name: Local File Inclusion in Phreebooks v2.0 Internal Cybsec Advisory Id: Vulnerability Class: Local File Inclusion Release Date: 2010-05-26 Affected Applications: Phreebooks v2.0 Affected Platforms: Any running Phreebooks v2.0 Local / Remote: Remot...

7.4AI score
Exploits0
CISA
CISA
•added 2010/04/13 12:0 a.m.•14 views

Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR...

6.7AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
•added 2010/04/06 12:0 a.m.•7 views

Microsoft Windows Vista Windows Mail File Execution (MS07-034; CVE-2007-1658)

Microsoft Windows Mail product is an implementation of an email and newsgroup client capable of handling most standard Internet protocols as well as numerous proprietary Microsoft protocols and formats. It is the successor to Outlook Express and is included in recent versions of Microsoft Windows...

9.3CVSS6.3AI score0.35771EPSS
Exploits1
CERT
CERT
•added 2010/03/05 12:0 a.m.•46 views

Energizer DUO USB battery charger software allows unauthorized remote system access

Overview The software available for the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. Description Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been...

9.3CVSS6.5AI score0.27429EPSS
Exploits6References5
CVE
CVE
•added 2010/02/22 9:0 p.m.•52 views

CVE-2010-0680

CVE-2010-0680 – ZeusCMS 0.2: A directory traversal in index.php allows remote attackers to include and execute arbitrary local files via the page parameter. This can impact confidentiality, integrity, and availability (CVSS v2 base score 7.5). Affected product/version: ZeusCMS 0.2. Connected reco...

7.5CVSS7.4AI score0.02318EPSS
Exploits1References2Affected Software1
CVE
CVE
•added 2010/01/06 9:33 p.m.•81 views

CVE-2010-0157

CVE-2010-0157 is a Local File Inclusion (directory traversal) vulnerability in the Joomla! Bible Study component (com_biblestudy) version 6.1. An attacker can craft a .. in the controller parameter of studieslist to index.php to cause arbitrary local file inclusion, potentially enabling remote co...

7.5CVSS6AI score0.12969EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
•added 2009/12/28 6:27 p.m.•18 views

CVE-2009-4435

Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALSnlang parameter to 1 mod/poll.php and 2 mod/new.php...

7.3AI score0.02014EPSS
Exploits1References4
securityvulns
securityvulns
•added 2009/12/21 12:0 a.m.•51 views

[ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability

============================================= INTERNET SECURITY AUDITORS ALERT 2009-005 - Original release date: March 2nd, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS scored ============================================= I. VULNERABILITY...

0.8AI score
Exploits0
NVD
NVD
•added 2009/12/04 10:30 p.m.•24 views

CVE-2009-4211

The U.S. Defense Information Systems Agency DISA Security Readiness Review SRR script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to 1 java, 2 openssl, 3 php, 4 snort, 5 tshark, 6 vncserver, or 7 wireshark, which allows local users to gain...

9.3CVSS6.6AI score0.01691EPSS
Exploits1References4
Prion
Prion
•added 2009/12/04 10:30 p.m.•11 views

Code injection

The U.S. Defense Information Systems Agency DISA Security Readiness Review SRR script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to 1 java, 2 openssl, 3 php, 4 snort, 5 tshark, 6 vncserver, or 7 wireshark, which allows local users to gain...

9.3CVSS6.8AI score0.01691EPSS
Exploits1References4
Prion
Prion
•added 2009/12/04 7:30 p.m.•16 views

Directory traversal

Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. dot dot in the action parameter...

7.5CVSS7.6AI score0.02405EPSS
Exploits0References2
Prion
Prion
•added 2009/11/12 5:54 p.m.•25 views

Design/Logic Flaw

Incomplete blacklist vulnerability in browser/download/downloadexe.cc in Google Chrome before 3.0.195.32 allows remote attackers to force the download of certain dangerous files via a "Content-Disposition: attachment" designation, as demonstrated by 1 .mht and 2 .mhtml files, which are...

9.3CVSS6.6AI score0.02254EPSS
Exploits0References13Affected Software1
Prion
Prion
•added 2009/10/02 7:30 p.m.•9 views

Directory traversal

Directory traversal vulnerability in ls.php in LittleSite aka LS or LittleSite.php 0.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the file parameter to index.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a U...

7.5CVSS7.6AI score0.02386EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder