6871 matches found
Design/Logic Flaw
The senddatatostdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing HPLIP 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file...
CVE-2011-2722
CVE-2011-2722 : In HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10, the send_data_to_stdout path in prnt/hpijs/hpcupsfax.cpp allows local users to overwrite arbitrary files via a symlink attack on /tmp/hpcupsfax.out. This yields a local, low–to–moderate impact with possible partial integ...
CVE-2012-2093
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the gettmpfilename function...
CVE-2012-2093
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the gettmpfilename function...
CVE-2012-2120
latex2man in texlive-extra-utils 2011.20120322, and possibly other versions or packages, when used with the H or T option, allows local users to overwrite arbitrary files via a symlink attack on a temporary file...
CVE-2012-2093
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the gettmpfilename function...
Low: iproute
Issue Overview: iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by 1 configure or 2 examples/dhcp-client-script. Affected Packages: iproute Issue Correction: Run yum update iproute or yum update --advisory ALAS-2012-64 to update...
Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite
try obj.SaveToFile"c:\windows\win.ini"; catche try obj.SaveToFile"../../../../../../../../../../windows/win.ini"; catche...
Quest InTrust 10.4.x - ReportTree SimpleTree Classes
Quest InTrust 10.4.x - ReportTree SimpleTree Classes Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite homepage: http://www.quest.com/intrust/ description: "InTrust securely collects, stores, reports and alerts on event log data from...
Quest InTrust 10.4.x ReportTree and SimpleTree Classes
Exploit for windows platform in category remote exploits Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite homepage: http://www.quest.com/intrust/ description: "InTrust securely collects, stores, reports and alerts on event log data...
2X ApplicationServer TuxSystem ActiveX ExportSettings() Method Arbitrary File Overwrite
The install of the 2X ApplicationServer TuxSystem ActiveX control on the remote host reportedly could be abused to create or overwrite arbitrary files on the affected host using its 'ExportSettings' method. By tricking a user into opening a specially crafted web page, a remote, unauthenticated...
PYSEC-2012-31
libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat...
2X ApplicationServer 10.1 - TuxSystem Class ActiveX Control Remote File Overwrite
2X ApplicationServer 10.1 - TuxSystem Class ActiveX Control Remote File Overwrite 2X ApplicationServer 10.1 TuxSystem Class ActiveX Control TuxScripting.dll ExportSettings Remote File Overwrite Vulnerability tested against: Microsoft Windows Server 2003 r2 sp2 Internet Explorer 8 vendor...
2X Application Server 10.1 File Overwrite
2X ApplicationServer 10.1 TuxSystem Class ActiveX Control TuxScripting.dll ExportSettings Remote File Overwrite Vulnerability tested against: Microsoft Windows Server 2003 r2 sp2 Internet Explorer 8 vendor description: "2X Software is a global leader of desktop and application delivery, remote...
2X ApplicationServer 10.1 TuxSystem Class ActiveX Control File Overwrite
Exploit for windows platform in category remote exploits 2X ApplicationServer 10.1 TuxSystem Class ActiveX Control TuxScripting.dll ExportSettings Remote File Overwrite Vulnerability tested against: Microsoft Windows Server 2003 r2 sp2 Internet Explorer 8 vendor description: "2X Software is a...
2X ApplicationServer 10.1 - TuxSystem Class ActiveX Control Remote File Overwrite
2X ApplicationServer 10.1 TuxSystem Class ActiveX Control TuxScripting.dll ExportSettings Remote File Overwrite Vulnerability tested against: Microsoft Windows Server 2003 r2 sp2 Internet Explorer 8 vendor description: "2X Software is a global leader of desktop and application delivery, remote...
USN-1372-1: Puppet vulnerabilities
It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions typically root. CVE-2012-1053 It was discovered that...
[USN-1351-1] AccountsService vulnerability
========================================================================== Ubuntu Security Notice USN-1351-1 January 31, 2012 accountsservice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
php: file path injection vulnerability in RFC1867 file upload filename
The rfc1867posthandler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request...
Apache Struts 2 Multiple Remote Code Execution and File Overwrite Vulnerabilities (safe check) (deprecated)
This plugin has been deprecated due to relying on a timing based check that is prone to false positives. A local plugin will be added that covers this CVE. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2020/11/18 due to timing based false positives. Local plugin added to replace CVE...