6873 matches found
WordPress GRAND Flash Album Gallery SQL Injection / Disclosure / File Overwrite
WordPress GRAND Flash Album Gallery plugin versions 1.9.0 and 2.0.0 suffer from file disclosure, file overwrite, directory traversal, and remote SQL injection vulnerabilities. Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery Plugin...
Bash: Multiple vulnerabilities
Background Bash is the standard GNU Bourne Again SHell. Description Two vulnerabilities have been found in Bash: Bash example scripts do not handle temporary files securely CVE-2008-5374. Improper bounds checking in Bash could cause a stack-based buffer overflow CVE-2012-3410. Impact A remote...
HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite
A directory traversal and file overwrite vulnerability has been reported in the HP Application Lifecycle Management ActiveX control...
CVE-2012-5355
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...
CVE-2012-5355
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...
HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite
Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...
HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite
Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...
HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite
Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...
HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite
Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...
CVE-2011-4363
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS...
UBUNTU-CVE-2011-4363
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS...
CVE-2011-4363
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS...
CVE-2011-4363
CVE-2011-4363 affects Perl’s Proc::ProcessTable (ProcessTable.pm) v0.45 where TTY information caching enables a local symlink attack on /tmp/TTYDEVS, allowing local users to overwrite arbitrary files. Public advisories from Mageia (MGASA-2013-0254), Mandriva (MDVSA-2013:216), and Fedora (FEDORA-2...
CVE-2012-5303
Monkey HTTP Daemon 0.9.3 is vulnerable to a local file overwrite via a symlink attack on its PID file. The issue is a race condition that can occur when a pathname different from the default /var/run/monkey.pid is used, allowing local users to trick the daemon into overwriting arbitrary files. Im...
Mandrake Linux Security Advisory : mgetty (MDKSA-2000:042)
There is a problem in the mgetty package, which contains a number of tools for sending and receiving faxes. The faxrunq tool uses a marker file in the /tmp directory, which is world-writable, in an insecure fashion. This problem, if exploited, allows malicious users to overwrite files on the syst...
CVE-2011-5146
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot...
CVE-2011-5146
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot...
CVE-2011-5146
CVE-2011-5146 affects Bokken before 1.6 and 1.5-x before 1.5-3 for Debian. The root cause is a symlink attack on /tmp/graph.dot, allowing local users to overwrite arbitrary files. Impact described as local user access with potential file overwrite; no exploitation details or patches are provided ...
CVE-2011-5136
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter...
CVE-2011-5136
The CVE affects showImg.php in EPractize Labs Subscription Manager (likely version 1.0). A remote attacker can overwrite arbitrary files via the db parameter, indicating a file-write risk due to unsafely handled input. The publicly available description confirms impact as arbitrary file overwrite...