5 matches found
Debian DSA-5303-1 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5303 advisory. Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. For the stable...
Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions
The Mozilla Foundation Security Advisory describes this flaw as: A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code...
File Upload Vulnerability in Longcai MX of Longcai Technology Inc.
Longcai MX is a marketing website that caters to consumer needs and buying desires. A file upload vulnerability exists in Longcai MX, a subsidiary of Longcai Technology, due to the system's failure to strictly filter file contents. An attacker can upload arbitrary files and obtain administrator...
Java write file file name 0 0 truncation BUG that caused file upload vulnerability and fix-vulnerability warning-the black bar safety net
Java in the above two environments to write the files, because 0 0 is truncated and not correct for the new generated file name. For example, the user needs to username abc. jsp . jpg, but after 0 0 after truncation, the resulting file name becomes the abc. jsp , therefore we are in relation to t...
Script local/remote file inclusion/reading and file name truncation vulnerability FUZZ tool details-vulnerability warning-the black bar safety net
Script file include vulnerability can be said is endless, bitter in the market, there is no good comprehensive functions of the targeted open-source tools to do the reference, now the file contains several typical vulnerability for an example. To Plug-in source code and detailed description: This...