MoinMoin MOIN_ID Cookie userform Action Traversal Arbitrary File Overwrite

The remote host is running MoinMoin, a wiki application written in Python. The version of MoinMoin installed on the remote host fails to validate input to the 'MOINID' cookie before using it to read and write user profiles. By providing the name of a file that exists on the remote host and is...

Aconon Mail 2004 - Directory Traversal

Application: acononR Mail Affected versions: probably all known, tested against 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1 Affected plattforms: every, Aconon runs at Win32, Linux, Solaris ... Exploitation: remote Description: Aconon Mail is a commercial newsletter software, providi...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

DEBIAN-CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

Debian Security Advisory DSA 262-1 (samba)

The remote host is missing an update to samba announced via advisory DSA 262-1. OpenVAS Vulnerability Test $Id: deb2621.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 262-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 160-1 (scrollkeeper)

The remote host is missing an update to scrollkeeper announced via advisory DSA 160-1. OpenVAS Vulnerability Test $Id: deb1601.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 160-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 053-1 (nedit)

The remote host is missing an update to nedit announced via advisory DSA 053-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

Debian: Security Advisory (DSA-574-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

flexnet-overwrite.txt

Who: Macrovision What: Macrovision FlexNext Connect is a software package that allows ISV's to update their software products. It is generally used in conjunction with the InstallShield software deploymnet framework. FlexNet uses a number of ActiveX controls, some of which are marked safe for...

Microsoft Rich Textbox Control 6.0 (SP6) SaveFile() Insecure Method

No description provided by source. precodespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"----------------------------------------------------------------------------- bMicrosoft Rich Textbox Control 6.0 SP6 "SaveFile" Insecure Method/b...

HP Software Update Tool ActiveX Control File Overwrite (CVE-2007-6506)

HP Software Update tool provides updates for HP software programs and HP devices. An arbitrary file overwrite vulnerability has been reported in the HP Software Update Tool. The vulnerability is due to a design weakness in the HP Software Update ActiveX control. To trigger this issue, an attacker...

CVE-2007-6595

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on 1 temporary files used by the cligentempfd function in libclamav/others.c or on 2 .ascii files used by sigtool, when utf16-decode is enabled...

Design/Logic Flaw

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...

CVE-2007-5342

CVE-2007-5342 affects Apache Tomcat versions 5.5.9–5.5.25 and 6.0.0–6.0.15 where the default catalina.policy for the JULI logging component fails to restrict permissions for web applications. The underly­ing issue is that untrusted web apps can modify logging configuration options and overwrite a...

CVE-2007-6506

The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to 1 overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly 2 access arbitrary files via the...

CVE-2007-6506

The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to 1 overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly 2 access arbitrary files via the...

CUPS: Multiple vulnerabilities

Background CUPS provides a portable printing layer for UNIX-based operating systems. The alternate pdftops filter is a CUPS filter used to convert PDF files to the Postscript format via Poppler; the filter is installed by default in Gentoo Linux. Description Wei Wang McAfee AVERT Research...