Fedora 16 : ecryptfs-utils-90-1.fc16 (2011-10671)

privilege escalation via mountpoint race conditions CVE-2011-1831, CVE-2011-1832 - race condition when checking source during mount CVE-2011-1833 - mtab corruption via improper handling CVE-2011-1834 - key poisoning via insecure temp directory handling CVE-2011-1835 - information disclosure via...

Fedora 14 : ecryptfs-utils-90-1.fc14 (2011-10718)

privilege escalation via mountpoint race conditions CVE-2011-1831, CVE-2011-1832 - race condition when checking source during mount CVE-2011-1833 - mtab corruption via improper handling CVE-2011-1834 - key poisoning via insecure temp directory handling CVE-2011-1835 - information disclosure via...

Fedora 15 : ecryptfs-utils-90-1.fc15 (2011-10733)

privilege escalation via mountpoint race conditions CVE-2011-1831, CVE-2011-1832 - race condition when checking source during mount CVE-2011-1833 - mtab corruption via improper handling CVE-2011-1834 - key poisoning via insecure temp directory handling CVE-2011-1835 - information disclosure via...

ecryptfs-utils security update

82-6.3 - do not forget to set the group id in mount.ecryptfsprivate 82-6.2 - fix regression in ecryptfs-setup-private 82-6.1 - security fixes: - privilege escalation via mountpoint race conditions CVE-2011-1831, CVE-2011-1832 - race condition when checking source during mount CVE-2011-1833 - mtab...

HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution

Added: 08/29/2011 CVE: CVE-2011-2404 BID: 49100 OSVDB: 74510 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software HPTicketMgr.dll is vulnerable to directory traversal due to insufficient input validation by the...

StudioLine Photo Basic 3.70.34.0 - NMSDVDXU.dll ActiveX Control Arbitrary File Overwrite

StudioLine Photo Basic 3.70.34.0 - NMSDVDXU.dll ActiveX Control Arbitrary File Overwrite source: https://www.securityfocus.com/bid/49192/info StudioLine Photo Basic ActiveX is prone to an arbitrary-file-overwrite vulnerability. Attackers can overwrite arbitrary files on the victim's computer in t...

StudioLine Photo Basic 3.70.34.0 - 'NMSDVDXU.dll' ActiveX Control Arbitrary File Overwrite

source: https://www.securityfocus.com/bid/49192/info StudioLine Photo Basic ActiveX is prone to an arbitrary-file-overwrite vulnerability. Attackers can overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control typically Internet...

CVE-2011-1837

The lock-counter implementation in utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors...

CentOS Update for xmlsec1 CESA-2011:0486 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-2185

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...

Design/Logic Flaw

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...

CVE-2011-2185

Fabric before 1.1.0 is vulnerable to a local-symlink attack that lets local users overwrite arbitrary files. The issue arises from symlinks pointing to files in /tmp (notably /tmp/fab.*.tar) or other top-level /tmp paths during Fabric operations, enabling modification of target files by an attack...

CVE-2011-2185

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...

Paltalk Messenger ActiveX Control Multiple Insecure Methods

Vulnerability ID: HTB23026 Reference: http://www.htbridge.ch/advisory/paltalkmessengeractivexcontrolmultipleinsecuremethods.html Product: Paltalk Messenger Vendor: Paltalk http://www.paltalk.com Vulnerable Version: 10.0 and probably prior Tested on: 10.0 Vendor Notification: 22 June 2011...

IDrive Online Backup ActiveX Control < 3.4.1 Arbitrary File Overwrite

The version of IDrive installed on the remote Windows host is earlier than 3.4.1 and includes a third-party ActiveX control named UniBasicPack.UniTextBox from CyberActiveX with an insecure method. Specifically, the 'SaveToFile' method can be abused to overwrite arbitrary files. Note that this...

Pro Softnet IDrive Online Backup 3.4.0 - ActiveX SaveToFile() Arbitrary File Overwrite

Pro Softnet IDrive Online Backup 3.4.0 - ActiveX SaveToFile Arbitrary File Overwrite source: https://www.securityfocus.com/bid/48582/info Pro Softnet IDrive Online Backup ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. A...

Pro Softnet IDrive Online Backup 3.4.0 - ActiveX &#039;SaveToFile()&#039; Arbitrary File Overwrite

source: https://www.securityfocus.com/bid/48582/info Pro Softnet IDrive Online Backup ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. An attacker can exploit this issue to corrupt and overwrite arbitrary files on a...

Ashampoo 3D CAD Professional 3.0.1 Insecure Method

Vulnerability ID: HTB23019 Reference: http://www.htbridge.ch/advisory/ashampoo3dcadprofessional3activexcontrolinsecuremethod.html Product: Ashampoo 3D CAD Professional 3 Vendor: Ashampoo GmbH & Co http://www.ashampoo.com Vulnerable Version: 3.0.1 and probably prior Tested on: 3.0.1 Vendor...

CVE-2009-5080

The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...

CVE-2009-5079

The 1 gendef.sh, 2 doc/fixinfo.sh, and 3 contrib/gdiffmk/tests/runtests.in scripts in GNU troff aka groff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro.tmp or /tmp/ temporary file...