CVE-2009-5115

McAfee Common Management Agent CMA 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object...

CVE-2009-5115

McAfee Common Management Agent CMA 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object...

CVE-2009-5115

CVE-2009-5115 affects McAfee CMA 3.5.5 (3.5.5.588) and 3.6.0 (3.6.0.608), and McAfee Agent 4.0 prior to Patch 3. An authenticated remote attacker could overwrite arbitrary files by accessing a report-writing ActiveX control COM object. Remediation: apply Patch 3 for McAfee Agent 4.0 (and correspo...

CVE-2012-3447

virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...

PYSEC-2012-21

virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...

PT-2012-4720 · Openstack · Openstack Compute

Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions 2012.1.x through 2012.1.1 OpenStack Compute Nova versions Folsom through Folsom-2 Description: The issue allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

Babbsacks babbiges Board 2.8 Full Multiple Vulnerabilites

Exploit for php platform in category web applications Exploit Title: Babbsacks babbiges Board 2.8 Full Multiple Vulnerabilites Date: 12/08/2012 Author: GoLdM Vendor or Software Link: http://sourceforge.net/projects/babb/ Category:: Local File Disclosure + Arbitrary Delete + File Overwrite Google...

CentOS Update for sudo CESA-2012:1149 centos5

Check for the Version of sudo OpenVAS Vulnerability Test CentOS Update for sudo CESA-2012:1149 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2012-3440

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...

DEBIAN-CVE-2012-2652

The bdrvopen function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file...

CVE-2012-3454

CVE-2012-3454 affects eXtplorer 2.1.0b6. The root cause is world-writable permissions on the /var/lib/extplorer/ftp_tmp directory, allowing local users to delete or overwrite arbitrary files. The available sources corroborate this description across NVD, Red Hat, Ubuntu, OSV, and CVE lists. The d...

CVE-2012-3449

CVE-2012-3449 affects Open vSwitch 1.4.2 where two directories under /var/lib/openvswitch/pki/ (controllerca/incoming/ and switchca/incoming/) have world-writable permissions. Local users can delete or overwrite arbitrary files due to these permissions, as documented in multiple advisories. The p...

[USN-1522-1] QEMU vulnerability

========================================================================== Ubuntu Security Notice USN-1522-1 August 02, 2012 qemu-kvm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Scientific Linux Security Update : spice-xpi on SL5.x,SL6.x i386/x86_64

An uninitialized pointer use flaw was found in the SPICE Firefox plug-in. If a user were tricked into visiting a malicious web page with Firefox while the SPICE plug-in was enabled, it could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefo...

Morovia Barcode File Overwrite

Exploit Title: Morovia Barcode ActiveX Professional 3 File Overwrite Exploit Date: July 24, 2012 Author: coolkaveh [email protected] Https://twitter.com/coolkaveh Vendor Homepage:http://www.morovia.com/component/barcode-activex/ Version: 3.8.0 Tested on: windows 7 awesome coolkaveh...

0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability

================ 0A29-12-2 : Metasploit 'pcaplog' plugin privilege escalation vulnerability Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Metasploit plugin 'pcaplog' is vulnerable to an arbitrary file...

CVE-2012-3361

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

Design/Logic Flaw

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

CVE-2012-3361

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

StudioLine Photo Basic NMSDVDXU.dll ActiveX EnableLog() Arbitrary File Overwrite

The remote host has a version of StudioLine Photo Basic less than or equal to 3.70.34.0 installed. Such versions are affected by an arbitrary file overwrite vulnerability in the EnableLog method on the NMSDVDXU.dll ActiveX control. By tricking a victim into opening a specially crafted web page, a...