Oracle AutoVue AutoVueX ActiveX Control ExportEdaBom Arbitrary File Overwrite

Added: 11/07/2011 BID: 50332 OSVDB: 76539 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring specialized computer-aid...

Oracle AutoVue AutoVueX ActiveX Control ExportEdaBom Arbitrary File Overwrite

Added: 11/07/2011 BID: 50332 OSVDB: 76539 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring specialized computer-aid...

Oracle AutoVue AutoVueX ActiveX Control ExportEdaBom Arbitrary File Overwrite

Added: 11/07/2011 BID: 50332 OSVDB: 76539 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring specialized computer-aid...

CVE-2011-3616

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf...

CVE-2011-3616

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf...

CVE-2011-3616

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf...

php: file path injection vulnerability in RFC1867 file upload filename

The rfc1867posthandler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request...

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url:...

Debian DSA-2323-1 : radvd - several vulnerabilities

Multiple security issues were discovered by Vasiliy Kulikov in radvd, an IPv6 Router Advertisement daemon : - CVE-2011-3602 setinterfacevar function doesn't check the interface name, which is chosen by an unprivileged user. This could lead to an arbitrary file overwrite if the attacker has local...

Design/Logic Flaw

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

CVE-2011-3869

CVE-2011-3869 affects Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x. A local user can overwrite arbitrary files via a symlink attack on the .k5login file. Impact: local privilege or file tampering risk. Remediation: upgrade to 2.7.5+ (or 2.6.11+), or newer 0.25.x line as indicated in...

Puppet uses predictable filenames, allowing arbitrary file overwrite

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files...

Oracle AutoVue 20.0.1 - AutoVueX.ocx ActiveX Control ExportEdaBom() Insecure Method

Oracle AutoVue 20.0.1 - AutoVueX.ocx ActiveX Control ExportEdaBom Insecure Method source: https://www.securityfocus.com/bid/50332/info Oracle AutoVue 'AutoVueX.ocx' ActiveX control is prone to a vulnerability caused by an insecure method. Successfully exploiting this issue will allow attackers to...

SuSE 10 Security Update : CUPS (ZYPP Patch Number 7774)

This update fixes the following security issues : - 601830: CSRF via admin web interface. CVE-2010-0540 - 680210: users in group 'lp' can overwrite arbitrary files. CVE-2010-2431 - 711490: heap overflow in gif decoder. CVE-2011-2896 - 715643: heap overflow in gif decoder CVE-2011-3170 This update...

D-Bus: Multiple vulnerabilities

Background D-Bus is a message bus system, a simple way for applications to talk to each other. Description Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow for local Denial of Service daemon...

Wget: User-assisted file creation or overwrite

Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description It was discovered that Wget was unsafely trusting server-provided filenames. This allowed attackers to overwrite or create files on the user's system...

[USN-1223-1] Puppet vulnerabilities

========================================================================== Ubuntu Security Notice USN-1223-1 September 30, 2011 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

CVE-2011-3869

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

USN-1223-1: Puppet vulnerabilities

It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. CVE-2011-3869 Ricky Zhou discovered that Puppet did not drop privileges when creating SSH...

HP Easy Printer Care Software HPTicketMgr.dll Directory Traversal (CVE-2011-2404)

A code execution vulnerability has been reported in HP Easy Printer Care Software. The vulnerability is due to insufficient input validation by an ActiveX control within the affected product. A remote attacker may exploit this vulnerability by enticing an affected user to open a malicious link...