CVE-2006-1323

Directory traversal vulnerability in WinHKI 1.6 and earlier allows user-assisted attackers to overwrite arbitrary files via a 1 RAR, 2 TAR, 3 ZIP, or 4 TAR.GZ archive with a file whose file name contains ".." sequences...

CVE-2006-1323

CVE-2006-1323 affects WinHKI 1.6 and earlier. The vulnerability is a directory traversal in archive handling where a file name containing ".." inside RAR, TAR, ZIP, or TAR.GZ archives can allow a user-assisted attacker to overwrite arbitrary files on the system. The root cause is improper validat...

CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1182

Adobe Graphics Server 2.0 and 2.1 formerly AlterCast and Adobe Document Server ADS 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the 1 saveContent...

CVE-2006-0950

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...

Design/Logic Flaw

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...

CVE-2006-0950

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...

CVE-2006-0950

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...

CVE-2006-0950

CVE-2006-0950 affects unalz 0.53. The vulnerability is a directory traversal in ALZ extraction, where filename paths containing .. can cause files to be written outside the intended directory. This is due to an input validation error during extraction. Affected component: unalz (ALZ archive handl...

Code injection

Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...

CVE-2006-1063

Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...

CVE-2006-1063

CVE-2006-1063 affects Lurker 2.0 and earlier. A remote attacker can create or overwrite files in any writable directory named “mbox” due to the vulnerability in Lurker’s handling of such directories. Debian security advisories (DSA-999-1) fix this issue by upgrading lurker to version 1.2-5sarge1 ...

GLSA-200602-14 : noweb: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200602-14 noweb: Insecure temporary file creation Javier Fernandez-Sanguino has discovered that the lib/toascii.nw and shell/roff.mm scripts insecurely create temporary files with predictable filenames. Impact : A local attacker...

Wimpy MP3 Player 5 - Text File Overwrite

Wimpy MP3 Player 5 - Text File Overwrite source: https://www.securityfocus.com/bid/16696/info Wimpy MP3 is prone to a weakness that permits the overwriting of a text file with arbitrary attacker-supplied data. Successful exploitation of this issue may aid an attacker in further attacks. The...

[Full-disclosure] Wimpy MP3 Player - Text file overwrite vulnerability

======================================================================================= XOR Crew :: Security Advisory 2/10/2006 ======================================================================================= Wimpy MP3 Player - Text file overwrite. lame...

CVE-2005-3342

noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in 1 lib/toascii.nw and 2 shell/roff.mm...

CVE-2005-3342

noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in 1 lib/toascii.nw and 2 shell/roff.mm...

CVE-2005-3240

Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and...