AIX 6.1 TL 7 : bos.rte.odm (U865807)

The remote host is missing AIX PTF U865807, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

PHP 5.5.x < 5.5.16 Multiple Vulnerabilities

According to its banner, the remote web server is running a version of PHP 5.5.x prior to 5.5.16. It is, therefore, affected by the following vulnerabilities : - LibGD contains a NULL pointer dereference flaw in its 'gdImageCreateFromXpm' function in the 'gdxpm.c' file. By using a specially craft...

AIX 7.1 TL 2 : bos.rte.odm (U865302)

The remote host is missing AIX PTF U865302, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

vm-support 0.88 File Overwrite / Information Disclosure

Author: dolevf Date: 18.6.2014 Version: vm-support latest version 0.88 Tested on: Red Hat Enterprise Linux 6 Relevant CVEs: 2014-4199, 2014-4200 1. About the application ------------------------ VMware support is a tool designed to collect diagnostic information such as logs, configuration files...

CVE-2014-5120

CVE-2014-5120 affects the PHP GD extension. gd_ctx.c does not ensure that pathnames lack a NUL (%00) sequence, enabling remote attackers to overwrite arbitrary files via crafted input when calling the imagegd, imagegd2, imagegif, imagejpeg, imagepng, imagewbmp, or imagewebp functions. Affected ve...

CVE-2014-2524

The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...

CVE-2014-2524

The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...

CVE-2014-5260

The 1 mkxmltype and 2 mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/xml temporary file...

CVE-2014-5260

The 1 mkxmltype and 2 mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/xml temporary file...

Design/Logic Flaw

The 1 mkxmltype and 2 mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/xml temporary file...

XML Sitemap Generator 3.2.8 - XML File Overwrite Arbitrary Code Execution

The google-xml-sitemaps-generator WordPress plugin was affected by a XML File Overwrite Arbitrary Code Execution security vulnerability...

PowerPoint Viewer OCX 3.1 - Remote File Overwrite Exploit

No description provided by source. HTML ---------------------------------------------------------- br PowerPoint Viewer OCX v3.1 br ---------------------------------------------------------- br -----------------------------------br By Mountassif Moad a.k.a Stack...

Pegasus Imaging ImagXpress 8.0 - Remote Arbitrary File Overwrite

No description provided by source. pre codespan style=font: 10pt Courier New;span class=general1-symbolbody bgcolor=E0E0E0----------------------------------------------------------------------------- bPegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite/b url:...

lionmax software www file share pro 2.4x Multiple Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/9425/info WWW File Share Pro has been reported prone to multiple remote vulnerabilities. The first reported issue is that a remote attacker may employ the upload functionality of the vulnerable software to overwrite...

HP-UX 10.20/11.0 man /tmp symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1302/info The programmers of the 'man' command on various HPUX releases have made several fatal mistakes that allow an attacker to trivially set a trap that could result in any arbitrary file being overwritten on the syst...

Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20120104-0 ======================================================================= title: Multiple critical vulnerabilities in Apache Struts2 product: Apache Struts2 OpenSymphony XWork OpenSymphony OGNL vulnerable...

Junsoft JSparm 4.0 Logging Output File Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2515/info JSparm is the Junsoft Performance Analysis Report Maker package. This software package provides an enhanced perfmon performance monitoring package and interface, as well as a performance report generation...

magiciso 5.0 build 0166 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17725/info Reportedly, an attacker can carry out attacks using directory-traversal strings. These issues occur when the application processes malicious archives. A successful attack can allow the attacker to place...

KDE KTVision 0.1 File Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2913/info KTVision works with frame-grabber cards and KDE Unix K Desktop Environment to support TV video display on the PC screen. KTVision is vulnerable to symbolic link attacks. It is possible for an attacker to...

SGI IRIX 6.5.22 GR_OSView Local Arbitrary File Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13058/info A local file overwrite vulnerability affects SGI IRIX. This issue is due to a failure of the affected utility to drop privileges prior to carrying out critical functionality. An attacker may leverage this issue...