CVE-2007-3883

CVE-2007-3883 affects the Data Dynamics ActiveBar ActiveX control (actbar3.ocx) version 3.2 and earlier. The vulnerability allows remote attackers to create or overwrite files by providing a full pathname as an argument to the Save method, or to the first argument of SaveLayoutChanges or SaveMenu...

[Eleytt] 7LIPIEC2007

Eleytt Research www.eleytt.com Overview/Credit: ==================== Michal Bucko www.eleytt.com/michal.bucko sapheal.hack.pl Vulnerability Table =================== 1. Firefox 2.0.0.4 Remote Denial of Service Vulnerability 2. Microsoft Register Server Remote Denial of Service Issue 3. FreeWRL...

vafileoverwrite-06-039.txt

Portcullis Security Advisory 06-039 Vulnerable System: Visionsoft Audit Vulnerability Title: The VSAOD server allows unauthenticated arbitrary file overwrites. Vulnerability Discovery and Development: Portcullis Security Testing Services during an application assessment. Further research was...

Code injection

The Nonnoi ASP/Barcode ActiveX control nonnoiASPBarcode.dll allows remote attackers to overwrite arbitrary files via an argument to the SaveBarcode function...

CVE-2007-3633

Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the 1 SaveLastError method and probably the 2 WriteExe method...

Chilkat Zip ActiveX控件任意文件覆盖漏洞

BUGTRAQ ID: 24806 Chilkat Zip是一个功能强大的ActiveX控件，允许建立及管理压缩文件。 Chilkat Zip ActiveX控件在处理请求参数时存在漏洞，远程攻击者可能利用此漏洞破坏用户系统上的文件。 Chilkat Zip ActiveX控件（ChilkatZip2.dll）的SaveLastError和WriteExe方式没有正确地验证用户输入。如果用户受骗访问了恶意站点并向上述方式传送了恶意参数的话，就可能导致覆盖任意系统文件。 Chilkat Software Chilkat Zip 12.4.2.0...

CVE-2007-2837

The 1 getRule and 2 getChains functions in server/rules.cpp in fireflierd fireflier-server in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file...

CVE-2007-2837

The CVE-2007-2837 issue affects FireFlier 1.1.6 (fireflier-server). The getRule and getChains functions in server/rules.cpp allow local users to exploit an unsafe temporary file handling (symlink to /tmp/fireflier.rules) to overwrite arbitrary files. The Debian advisory DSA-1326-1 documents the f...

CVE-2007-2837

The 1 getRule and 2 getChains functions in server/rules.cpp in fireflierd fireflier-server in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file...

CVE-2007-2838

CVE-2007-2838 affects gsambad 0.1.4, where the populate_conns.c routine permits local users to overflow/overwrite arbitrary files by a symlink attack on the /tmp/gsambadtmp temporary file. The underlying issue is unsafe creation/use of temporary files, enabling local privilege concerns (no remote...

CVE-2007-2837

The 1 getRule and 2 getChains functions in server/rules.cpp in fireflierd fireflier-server in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file...

Directory traversal

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

CVE-2007-3504 describes a directory traversal vulnerability in the PersistenceService of Sun Java Web Start (JDK/JRE 5.0 Update 11 and earlier; Java Web Start in SDK/JRE 1.4.2_13 and earlier) on Windows. An application that grants itself file overwrite privileges can cause unauthorized actions, p...

HP Photo Digital Imaging HPQXML.DLL任意文件覆盖漏洞

HP Photo Digital Imaging是一款图象处理软件。 HP Photo Digital Imaging HPQXML.DLL ActiveX控件不正确调用方法，远程攻击者可以利用漏洞覆盖系统任意文件，造成拒绝服务或任意代码执行。 问题存在于HPQXML.DLL中的ActiveX控件，由于不安全调用"saveXMLAsFile"方法，构建恶意的WEB页，诱使用户访问可导致覆盖系统任意文件，造成拒绝服务或任意代码执行。 HP HP Photo Digital Imaging hpqxml.dll 2.0.0.133 目前没有解决方案提供：...

Design/Logic Flaw

A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax Vector 1.3 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the WriteMovie method...

CVE-2007-3459

A CVE-2007-3459 entry describes a vulnerability in Civitech Avax Vector 1.3 where the ActiveX control Avaxswf.dll version 1.0.0.1 permits remote attackers to create or overwrite arbitrary files by supplying a full pathname to the WriteMovie method. The issue affects the ActiveX component and can ...

Design/Logic Flaw

The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method...

CVE-2007-3400

The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method...