337 matches found
CVE-2014-1832
CVE-2014-1832 affects Phusion Passenger 4.0.37 and is caused by insecure handling of temporary files, enabling a local attacker to perform a symbolic/link attack on (1) control_process.pid or (2) generation-* files. This allows writing to certain files/directories with local access. The issue ari...
CVE-2011-5293
The cmdSave method in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeDify Designer 5.0.2 allows remote attackers to write to arbitrary files via a pathname in the argument...
CVE-2011-5293
The CVE-2011-5293 entry concerns ThreeDify Designer 5.0.2. The cmdSave method of the ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll allows remote attackers to write to arbitrary files via a pathname argument. Affected product: ThreeDify Designer 5.0.2 (ActiveX control). Vulnerability type...
CVE-2011-5289
The CVE-2011-5289 entry concerns the SaveDecrypted method of the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX control in ChilkatCrypt2.dll used by aTube Catcher 2.3.570. The vulnerability allows remote attackers to write to arbitrary files by supplying a pathname in the argument to SaveDecrypted. Docume...
(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Nmap 任意文件写漏洞(CVE-2013-4885)
BUGTRAQ ID: 62024 CVECAN ID: CVE-2013-4885 nmap是一款用于网络发现(Network Discovery)和安全审计(Security Auditing)的网络安全工具,它是自由软件。 Nmap 6.25在http-domino-enum-passwords NSE脚本内存在任意文件上传漏洞,攻击者可利用此漏洞以当前用户权限写任意文件。 0 Nmap 6.25 厂商补丁: Nmap ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://nmap.org/download.html nmap --script...
ecshop 2.6 x background write shell 0day-vulnerability warning-the black bar safety net
The relevant variable is not filtered, resulting in the submission of data to write into shell holes. Vulnerability file: admineditlanguages.php The relevant variable is not filtered! elseif $REQUEST'act' == 'edit' / Language items of the path / $langfile = isset$POST'filepath' ?...
Foxit PDF Reader 4.2 Javascript File Write
This module exploits an unsafe Javascript API implemented in Foxit PDF Reader version 4.2. The createDataObject Javascript API function allows for writing arbitrary files to the file system. This issue was fixed in version 4.3.1.0218. Note: This exploit uses the All Users directory currently, whi...
FTPx Corp FTP Explorer Directory Traversal Vulnerability
FTPx Corp FTP Explorer is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
All PEAR Mail functions contain an arbitrary file write vulnerability-vulnerability warning-the black bar safety net
出现 问题 的 地方 位于 Sendmail.php ...... if ! isset$from return PEAR::raiseError'No from address given.'; elseif strpos$from, ' ' !== false || strpos$from, ';' !== false || strpos$from, '&' !== false || strpos$from, "' !== false return PEAR::raiseError'From address specified with dangerous characters.';...
CVE-2008-5625
PHP 5 before 5.2.7 is affected by CVE-2008-5625: when safe_mode is enabled via php_admin_flag in httpd.conf, error_log restrictions are not enforced, allowing context-dependent attackers to write to arbitrary files by placing a php_value error_log entry in .htaccess. The vulnerability arises from...
CVE-2008-4210
fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...
PHP 5.2 - FOpen Safe_mode Restriction Bypass
PHP 5.2 - FOpen Safemode Restriction Bypass source: https://www.securityfocus.com/bid/22261/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations; other attacks may also be possible. This...
CVE-2005-3124
CVE-2005-3124 affects the syslogtocern script in Acme thttpd prior to 2.23, enabling local attackers to overwrite arbitrary files via a symlink attack on a temporary file. Public advisories (Debian DSA-883-1, SUSE, Ubuntu, OpenVAS/Nessus entries) describe insecure temporary-file handling in thttp...
CVE-2002-0631
Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges...
CVE-1999-0803
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack...
Lincoln D. Stein nph-publish.cgi pathname Parameter Traversal Arbitrary File Write
The 'nph-publish.cgi' is installed. This CGI has a well known security flaw that lets an attacker to execute arbitrary commands with the privileges of the HTTP daemon usually root or nobody. %NASLMINLEVEL 70300 This script was written by Mathieu Perrin See the Nessus Scripts License for details...