Transmission任意文件覆盖漏洞

Bugraq ID: 37659 CVE ID：CVE-2010-0012 Transmission是一款nix下的BT下载软件。 Transmission在保存文件前应用程序不正确过滤"name"关键词，攻击者构建一个在"name"关键词中包含"../"目录遍历序列的.torrent文件，诱使用户打开，可覆盖本地系统中的任意文件。 Transmission Project Transmission 1.76 Transmission Project Transmission 1.50 Transmission Project Transmission 1.41 Transmission...

DEBIAN-CVE-2010-0012

Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. dot dot in a pathname within a .torrent file...

Directory traversal

Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. dot dot in a pathname within a .torrent file...

CVE-2010-0012

Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. dot dot in a pathname within a .torrent file...

PT-2010-1838 · Transmission · Transmission

Name of the Vulnerable Software and Affected Versions: Transmission versions 1.22, 1.34, 1.75, and 1.76 Description: The issue allows remote attackers to overwrite arbitrary files via a .. dot dot in a pathname within a .torrent file. This is due to a directory traversal vulnerability in...

DSA-1967-1 transmission - directory traversal

Bulletin has no description...

SAP GUI WebViewer3D ActiveX Control Arbitrary File Overwrite (CVE-2007-4475)

The SAP GUI is the GUI client in SAP's 3-tier architecture of database, application server and client. A vulnerability was reported in the SAP GUI. The vulnerability is caused due to a boundary error in the bundled EAI WebViewer3D ActiveX control webviewer3d.dll when processing arguments passed t...

Oracle Document Capture ActiveX — Insecure method, buffer overflow

Application: Oracle Document Capture Versions Affected: Oracle Document Capture 10.1.3.5 Vendor URL: Bugs: Insecure method. Buffer overflow. Exploits: YES Reported: 14.12.2009 Vendor response: 15.12.2009 Date of Public Advisory: 24.01.2011 CVE-number: CVE-2010-3599 Author: Alexandr Polyakov...

CVE-2009-2840

Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors...

GLSA-200911-01 : Horde: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200911-01 Horde: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Horde: Stefan Esser of Sektion1 reported an error within the form library when handling image form fields CVE-2009-3236. Martin Geisler and...

Horde: Multiple vulnerabilities

Background Horde is a web application framework written in PHP. Description Multiple vulnerabilities have been discovered in Horde: Stefan Esser of Sektion1 reported an error within the form library when handling image form fields CVE-2009-3236. Martin Geisler and David Wharton reported that an...

CVE-2009-1297

iscsidiscovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise SLE 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name...

EMC Captiva ISIS PixTools PDIControl.PDI.1控件任意文件覆盖漏洞

BUGTRAQ ID: 36566 EMC Captiva ISIS PixTools是一套软件开发包，包括扫描、查看和图形处理模块。 Captiva ISIS PixTools所提供的PDIControl.PDI.1 ActiveX控件（PDIControl.dll）没有正确地验证对SetLogFileName和WriteToLog方式所传送的参数。如果用户受骗访问了恶意网页并向上述方式传送了特制参数，就会导致在用户系统上创建或覆盖任意文件。 EMC Captiva ISIS PixTools 2.2 临时解决方法： 对clsid...

Geany .18 - Local File Overwrite

Geany .18 - Local File Overwrite !/bin/sh redbull.sh AKA Geany 0.18 Local File Overwrite Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 10.06.2009 I was checking out some IDEs and decided on Geany. Nice interface, good features, but it doesn't defend against...

Geany .18 Local File Overwrite

Exploit for unknown platform in category local exploits ============================== Geany .18 Local File Overwrite ============================== Title: Geany .18 Local File Overwrite CVE-ID: OSVDB-ID: Author: Jeremy Brown Published: 2009-10-06 Verified: yes view source print? !/bin/sh...

Geany 0.18 Local File Overwrite

!/bin/sh redbull.sh AKA Geany 0.18 Local File Overwrite Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 10.06.2009 I was checking out some IDEs and decided on Geany. Nice interface, good features, but it doesn't defend against symbolic links when writing the run...

Geany .18 Local File Overwrite

No description provided by source. !/bin/sh redbull.sh AKA Geany 0.18 Local File Overwrite Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 10.06.2009 I was checking out some IDEs and decided on Geany. Nice interface, good features, but it doesn't defend against...

Geany .18 - Local File Overwrite

!/bin/sh redbull.sh AKA Geany 0.18 Local File Overwrite Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 10.06.2009 I was checking out some IDEs and decided on Geany. Nice interface, good features, but it doesn't defend against symbolic links when writing the run...

Debian: Security Advisory (DSA-1897-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities

EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities source: https://www.securityfocus.com/bid/36566/info The EMC Captiva PixTools Distributed Imaging ActiveX control is prone to multiple insecure-method vulnerabilities that affect the...