Limonade Framework 3.0 Local File Disclosure

Exploit Title: Limonade framework Local file disclosure filtering bypass Date: 2013 17 November Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://limonade-php.github.io/‎ Tested on: Linux Ubuntu, PHP...

[CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability

Affected Vendor: http://metaclassy.com/ - Affected Software: Byword for iOS - Affected Version: 2.x prior to 2.1 - Issue Type: Lack of validation/user confirmation leading to destruction of data - Release Date: 29 Sept 2013 - Discovered by: Guillaume Ross - CVE Identifier: CVE-2013-5725 - Issue...

CVE-2013-5725

The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL...

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

Mozilla Products: Multiple vulnerabilities

Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the ‘Mozilla...

The star outside the mention of the right new ideas&the star outside security Bulletin(mention the right vulnerability)-vulnerability warning-the black bar safety net

Statement, This is not what a star outside 0DAY, which at Best, only one in could not find a writable executable directory of a mention of the right ideas. I dare not say that I first found, there may be other people also found, and also in the use. In fact, numerous examples demonstrate that the...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : update-manager vulnerabilities (USN-1284-1)

David Black discovered that Update Manager incorrectly extracted the downloaded upgrade tarball before verifying its GPG signature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to replace arbitrary files. CVE-2011-3152 David Black...

[ MDVSA-2010:180 ] rpm

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:180 http://www.mandriva.com/security/ Package : rpm Date : September 13, 2010 Affected: 2009.0, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in rpm:...

The Windows File System vulnerability-a small vulnerability, big-vulnerability warning-the black bar safety net

Windows useful file to replace the command, to bypass the File Protection Used to replace file replace, even being used of the file can also be replaced. Very invincible. For example: in C:\create a directory, c:\aaa Then copy an mp3 to c:\aaa and named to the c:\aaa\a. mp3 Then copy another...

CVE-2004-2768

dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid file, 2 setgid file, or 3 device, a related issue to CVE-2010-2059...

CVE-2004-2768

dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid file, 2 setgid file, or 3 device, a related issue to CVE-2010-2059...

CVE-2010-2198

CVE-2010-2198 affects RPM 4.8.0 and earlier; root cause in lib/fsm.c is that metadata for an executable file is not properly reset during upgrade/removal of an RPM package. This can allow local users to gain privileges or bypass access restrictions by creating a hard link to the vulnerable file t...

CVE-2010-2059

CVE-2010-2059 affects RPM package manager: lib/fsm.c in RPM 4.8.0 and, per the description, unspecified 4.7.x and 4.6.x, and RPM before 4.4.3, may fail to reset executable file metadata during upgrade, potentially allowing local users to gain privileges by creating a hard link to a vulnerable (se...

Firefox: Predictable /tmp pathname use

Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp locati...

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the "Open with"...

Firefox: Predictable /tmp pathname use

Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp locati...

Code injection

TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions Everyone: Full Control for files under %PROGRAMFILES%, which allows local users to gain privileges by replacing executables with Trojan horse programs...

CVE-2009-3274

Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp locati...

CVE-2009-3274

CVE-2009-3274 affects Mozilla Firefox on Linux. The vulnerability arises because the Downloads window selects files using a predictable "/tmp" pathname, allowing a local attacker to replace an arbitrary downloaded file by pre-placing a file in /tmp before the download occurs (related to the Downl...

CVE-2009-3274

Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp locati...