Code injection

The 1 gendef.sh, 2 doc/fixinfo.sh, and 3 contrib/gdiffmk/tests/runtests.in scripts in GNU troff aka groff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro.tmp or /tmp/ temporary file...

CVE-2009-5079

The 1 gendef.sh, 2 doc/fixinfo.sh, and 3 contrib/gdiffmk/tests/runtests.in scripts in GNU troff aka groff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro.tmp or /tmp/ temporary file...

UBUNTU-CVE-2009-5080

The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...

CVE-2009-5081

CVE-2009-5081 affects GNU troff (Groff) up to and including 1.21. The vulnerability arises in the tempfile usage due to an insufficient number of X characters in the template argument, enabling a local attacker to overwrite arbitrary files via a symlink attack on a temporary file. Multiple source...

CVE-2009-5080

CVE-2009-5080 affects GNU troff (groff) 1.21 and earlier, due to improper handling of failed temporary-directory creation in the eqn2graph/ grap2graph/ pic2graph scripts, enabling local symlink attacks to overwrite files. Connected sources confirm the vulnerable components are eqn2graph/eqn2graph...

CVE-2009-5079

Vulnerability summary (CVE-2009-5079) : In Groff (GNU troff) versions up to 1.21 and earlier, several scripts (gendef.sh, doc/fixinfo.sh, contrib/gdiffmk/tests/runtests.in) allow local users to overwrite arbitrary files via a symlink attack on groff temporary files (gro#####.tmp or /tmp/#####). T...

CVE-2009-5080

The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...

CygniCon CyViewer - ActiveX Control 'SaveData()' Insecure Method

source: https://www.securityfocus.com/bid/48483/info CygniCon CyViewer ActiveX control is prone to a vulnerability caused by an insecure method. Successfully exploiting this issue will allow attackers to create or overwrite files within the context of the affected application typically Internet...

CVE-2009-5044

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...

CVE-2009-5044

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...

CVE-2009-5044

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...

CVE-2009-5044

CVE-2009-5044 affects Groff (GNU Troff) via contrib/pdfmark/pdfroff.sh, where groff before 1.21 creates insecure temporary files (pdf#####.tmp) that can be exploited by a local user to overwrite arbitrary files through a symlink attack. Public sources in connected docs confirm this vulnerability ...

Kofax 2.5.0.933 File Overwrite

Vulnerability ID: HTB23016 Reference: http://www.htbridge.ch/advisory/kofaxetransactionssendersendboxactivexcontrolsavemessageinsecuremethod.html Product: Kofax e-Transactions Sender Sendbox Vendor: Kofax, Inc http://www.kofax.com/ Vulnerable Version: 2.5.0.933 and probably prior Tested on:...

StudioLine Photo Basic 3 ActiveX control Insecure Method

High-Tech Bridge SA Security Research Lab has discovered a vulnerability in StudioLine Photo Basic 3 ActiveX control, which can be exploited to overwrite arbitrary files. 1 Insecure method in StudioLine Photo Basic 3 ActiveX control The vulnerability is caused due to the NMSDVDX.DVDEngineX.1...

File overwrite vulnerability in Multi-Domain Management / Provider-1 script (CVE-2011-2664)

...

Quest Big Brother Remote File Overwrite

Added: 06/14/2011 BID: 47805 OSVDB: 72347 Background Quest Big Brother is server monitoring package. Problem The 'bbntd.exe' service of the Big Brother server version 4.40 and prior does not properly sanitize user requests and may allow an attacker to upload files using a directory traversal...

Quest Big Brother Remote File Overwrite

Added: 06/14/2011 BID: 47805 OSVDB: 72347 Background Quest Big Brother is server monitoring package. Problem The 'bbntd.exe' service of the Big Brother server version 4.40 and prior does not properly sanitize user requests and may allow an attacker to upload files using a directory traversal...

Quest Big Brother Remote File Overwrite

Added: 06/14/2011 BID: 47805 OSVDB: 72347 Background Quest Big Brother is server monitoring package. Problem The 'bbntd.exe' service of the Big Brother server version 4.40 and prior does not properly sanitize user requests and may allow an attacker to upload files using a directory traversal...

Quest Big Brother Remote File Overwrite

Added: 06/14/2011 BID: 47805 OSVDB: 72347 Background Quest Big Brother is server monitoring package. Problem The 'bbntd.exe' service of the Big Brother server version 4.40 and prior does not properly sanitize user requests and may allow an attacker to upload files using a directory traversal...

CVE-2011-1595

Directory traversal vulnerability in the diskcreate function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. dot dot in a pathname...