6873 matches found
McAfee Virtual Technician ActiveX 控件'Save()'方法文件覆盖漏洞
BUGTRAQ ID: 58750 CVECAN ID: CVE-2012-5879 McAfee Virtual Technician是分析诊断工具。 McAfee Virtual Technician 6.5.0.2101及其他版本的ActiveX控件存在安全漏洞可导致攻击者覆盖或创建受影响应用上下文内的任意文件。该安全漏洞存在于"McHealthCheck.dll"的"Save"方法。 0 McAfee Virtual Technician 6.5.0.2101 厂商补丁: McAfee ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
GlusterFS: insecure temporary file creation
Multiple insecure temporary file creation flaws were found in Red Hat Storage. A local user on the Red Hat Storage server could use these flaws to cause arbitrary files to be overwritten as the root user via a symbolic link attack...
Samba < 2.0.10 Remote Arbitrary File Overwrite
Binary data 1338.prm...
AIX 7.1 TL 1 : bos.rte.odm (U848045)
The remote host is missing AIX PTF U848045, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
AIX 6.1 TL 6 : bos.rte.odm (U850143)
The remote host is missing AIX PTF U850143, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
Pidgin 'libpurple' 任意文件覆盖漏洞(CVE-2013-0271)
BUGTRAQ ID: 57952 CVECAN ID: CVE-2013-0271 Pidgin是一款多合一世界主流即时通讯软件集成工具。 Pidgin 2.10.7之前版本libpurple中MXit protocol插件存在安全漏洞,允许攻击者通过特制的mxit或mxit/imagestrips路径名创建或覆盖文件。 0 Pidgin 2.x 厂商补丁: Pidgin ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.pidgin.im/news/security/...
Code injection
1 installer/basedefs.py and 2 modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...
CVE-2013-0261
CVE-2013-0261 concerns PackStack/openstack-packstack. A local attacker can exploit a symlink attack during manifest creation to overwrite arbitrary files in /tmp, potentially affecting files the invoking user can access and, per Red Hat advisory, could lead to denial of service and manipulation o...
PT-2013-2196
Name of the Vulnerable Software and Affected Versions PackStack affected versions not specified Description The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. This is due to vulnerabilities in two components: 1...
CVE-2013-0200
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
DEBIAN-CVE-2013-0200
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
CVE-2013-0200
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
Design/Logic Flaw
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
CVE-2013-0200
CVE-2013-0200 affects HP Linux Imaging and Printing (HPLIP) up to version 3.12.4. The vulnerability allows local attackers to overwrite arbitrary files via a symlink attack on temporary files such as /tmp/hpcupsfilterc_#.bmp, /tmp/hpcupsfilterk_#.bmp, /tmp/hpcups_job#.out, /tmp/hpijs_#####.out, o...
CVE-2013-0200
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
CVE-2013-0162
The diffpp function in lib/gauntletrubyparser.rb in the rubyparser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...
CVE-2013-0162
Removed by vendor...
CVE-2013-0162
CVE-2013-0162 affects the ruby_parser gem (diff_pp function in lib/gauntlet_rubyparser.rb) and earlier 3.1.1, where temporary file handling in /tmp is insecure. This allows a local attacker to craft a symlink attack that can overwrite arbitrary files accessible to the Ruby process. The vulnerabil...
PT-2013-2141 · Ruby · Ruby Parser
Name of the Vulnerable Software and Affected Versions: ruby parser gem versions 3.1.1 and earlier Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. This is due to the diff pp function in lib/gauntlet...
rubygem-ruby_parser: incorrect temporary file usage
The diffpp function in lib/gauntletrubyparser.rb in the rubyparser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...