CVE-2009-1253

James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file...

CVE-2009-1212

PrecisionID Data Matrix ActiveX control (DMATRIXLib.Datamatrix) contains insecure input validation in SaveBarCode and SaveEnhWMF, enabling remote arbitrary file writes. Affected component: PRECIS~2.DLL within PrecisionID Data Matrix ActiveX. Impact: potential overwrite of arbitrary files on the h...

CVE-2009-1207

Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv01 through snv111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files...

CVE-2009-1215

CVE-2009-1215 concerns GNU screen. The connected docs confirm a race condition in GNU screen 4.0.3 that allows a local user to create or overwrite arbitrary files via a symlink attack on /tmp/screen-exchange. Impact is local privilege-related file manipulation (no remote vector stated in the sour...

PrecisionID ActiveX unsafe methods

Unsafe SaveBarCode and SaveEnhWMF methods allow files overwriting...

PrecisionID Datamatrix - ActiveX Arbitrary File Overwrite

PrecisionID Datamatrix - ActiveX Arbitrary File Overwrite Digital Security Research Group DSecRG Advisory DSECRG-09-030 !!! original advisory !!! http://dsecrg.com/pages/vul/DSECRG-09-030.html Application: PrecisionID activeX controls Versions Affected: Vendor URL: http://PrecisionID.com Bugs:...

Gentoo Security Advisory GLSA 200903-39 (pam_krb5)

The remote host is missing updates announced in advisory GLSA 200903-39. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Design/Logic Flaw

Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier ActiveX control allows remote attackers to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to the download method...

Expert PDF EditorX ActiveX File Overwrite Vulnerability

This host is installed with Expert PDF EditorX and is prone to ActiveX file overwrite vulnerability. OpenVAS Vulnerability Test $Id: secpodexpertpdfeditorxactivexvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Expert PDF EditorX ActiveX File Overwrite Vulnerability Authors: Sujit Ghosal Copyright:...

KLA10286 WLF vulnerability in Orbit Downloader

An argument injection vulnerability was found in Orbit Downloader. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited remotely via a specially designed method call. Original advisories - Exploitation Public exploits exist for this...

Expert PDF EditorX ActiveX File Overwrite Vulnerability

Expert PDF EditorX is prone to ActiveX file overwrite vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-1064

CVE-2009-1064 targets Orbit Downloader (ActiveX control orbitmxt.dll 2.1.0.2) and affects Orbit Downloader versions 2.8.7 and earlier. The issue is an argument-injection flaw in the download method that allows a remote attacker to overwrite arbitrary files by crafting whitespace, a command-line s...

Ubuntu: Security Advisory (USN-436-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-6490

function/updatexml.php in FLABER 1.1 and earlier allows remote attackers to overwrite arbitrary files by specifying the target filename in the targetfile parameter. NOTE: this can be leveraged for code execution by overwriting a PHP file, as demonstrated using function/uploadfile.php...

Morovia Barcode ActiveX Control < 3.6.0 Arbitrary File Overwrite

The version of the Morovia Barcode ActiveX control installed on the remote Windows host allows overwriting of arbitrary files via calls to the control's 'Save' and 'ExportImage' methods. If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, he can...

Gentoo Security Advisory GLSA 200903-20 (websvn)

The remote host is missing updates announced in advisory GLSA 200903-20. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200903-20 (websvn)

The remote host is missing updates announced in advisory GLSA 200903-20. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

[ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200903-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Openswan: Insecure temporary file creation

Background Openswan is an implementation of IPsec for Linux. Description Dmitry E. Oboukhov reported that the IPSEC livetest tool does not handle the ipseclive.conn and ipsec.olts.remote.log temporary files securely. Impact A local attacker could perform symlink attacks to execute arbitrary code...

CVE-2008-6424

The CVE-2008-6424 entry corresponds to a directory traversal flaw in FFFTP 1.96b. An attacker-controlled FTP LIST response containing .. can cause the remote FTP server to create or overwrite arbitrary files on the affected system. The vulnerability arises from how LIST command results are handle...