6886 matches found
Design/Logic Flaw
The 1 ltmmCaptureCtrl Class, 2 ltmmConvertCtrl Class, and 3 ltmmPlayCtrl Class ActiveX controls ltmm15.dll 15.1.0.17 and earlier in LEADTOOLS Multimedia Toolkit 15 allow attackers to overwrite arbitrary files via the SaveSettingsToFile method...
CVE-2008-1605
The 1 ltmmCaptureCtrl Class, 2 ltmmConvertCtrl Class, and 3 ltmmPlayCtrl Class ActiveX controls ltmm15.dll 15.1.0.17 and earlier in LEADTOOLS Multimedia Toolkit 15 allow attackers to overwrite arbitrary files via the SaveSettingsToFile method...
CVE-2008-1605
CVE-2008-1605 affects LEADTOOLS Multimedia Toolkit 15 ActiveX controls (ltmmCaptureCtrl, ltmmConvertCtrl, ltmmPlayCtrl in ltmm15.dll
LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite
source: https://www.securityfocus.com/bid/28442/info LEADTOOLS Multimedia is prone to multiple vulnerabilities that allow attackers to overwrite arbitrary files. These issues affect multiple ActiveX controls. An attacker can exploit these issues by enticing an unsuspecting victim to view a...
GLSA-200803-27 : MoinMoin: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200803-27 MoinMoin: Multiple vulnerabilities Multiple vulnerabilities have been discovered: A vulnerability exists in the file wikimacro.py because the macroGetval function does not properly enforce ACLs CVE-2008-1099. A directory...
CVE-2008-1322
The CVE-2008-1322 issue affects ASG-Sentry Network Manager, specifically the File Check Utility (fcheck.exe) bundled with versions up to 7.0.0. The connected Nessus entry documents that fcheck.exe fails to sanitize input when creating index files, allowing an unauthenticated remote attacker to ov...
GLSA-200803-13 : VLC: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200803-13 VLC: Multiple vulnerabilities Multiple vulnerabilities were found in VLC: Michal Luczaj and Luigi Auriemma reported that VLC contains boundary errors when handling subtitles in the ParseMicroDvd, ParseSSA, and ParseVplay...
Code injection
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling...
CVE-2008-0883
Adobe Acrobat Reader (acroread) 8.1.2 is affected by CVE-2008-0883 due to an insecure temporary-file creation in the startup/SSL-related handling, enabling a local attacker to overwrite arbitrary files via a symlink attack. Affected component: acroread wrapper script; root cause is insecure tempo...
CVE-2008-0930
wediteur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information...
Symantec Backup Exec调度程序ActiveX栈溢出及文件覆盖漏洞
BUGTRAQ ID: 28008,26904 CVECAN ID: CVE-2007-6016,CVE-2007-6017 Symantec Backup Exec是一款全面的数据备份解决方案。 Symantec Backup Exec for Windows Server(BEWS)的调度程序组件所安装的ActiveX控件中存在多个栈溢出和不安全函数调用漏洞,远程攻击者可能利用此漏洞控制用户系统。...
CVE-2007-6017
The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of servi...
CVE-2007-6017
The PVATLCalendar.PVCalendar.1 ActiveX control (pvcalendar.ocx) in the Media Server component of Symantec Backup Exec for Windows Server (BEWS) 11d/12.0 exposes an unsafe Save method. The vulnerability allows a remote attacker to cause a denial of service (browser crash) or to create/overwrite ar...
CVE-2008-0806
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.USERID temporary file...
CVE-2008-0806
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.USERID temporary file...
DEBIAN-CVE-2008-0806
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.USERID temporary file...
BrightStor ARCserve Backup LGServer directory traversal
Added: 02/15/2008 CVE: CVE-2007-5005 BID: 24348 OSVDB: 41350 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A directory traversal vulnerability in rxRPC.dll in the...
CVE-2008-0782
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot in the MOINID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter...
CVE-2008-0665
wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...
CVE-2008-0666
Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on 1 the /tmp/pe.tmp.$$ temporary file used by wmlcontrib/wmg.cgi and 2 temporary files used by wmlbackend/p3eperl/eperlsys.c...