Microsoft Visual Basic for Applications Insecure Library Loading (MS12-046; CVE-2012-1854)

A remote code execution vulnerability has been reported in Microsoft Visual Basic for Applications VBA...

VulnCheck KEV: CVE-2012-1854

Microsoft Visual Basic for Applications VBA contains an insecure library loading vulnerability that could allow for remote code execution...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading...

CVE-2012-1849

Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading...

Apache HTTP Server 'LD_LIBRARY_PATH'不安全库装载任意代码执行漏洞

Bugtraq ID: 53046 CVE ID：CVE-2012-0883 Apache HTTP Server是一款流行的HTTP服务程序 由于不安全处理LDLIBRARYPATH，可导致在当前工作目录中搜索DSO，攻击者可以利用此漏洞以HTTPD服务上下文执行任意代码 0 Apache 2.0.x Apache 2.1.x Apache 2.2.x Apache 2.3.x 厂商解决方案 Apache ----- Apache Software Foundation Apache 2.4.2已经修复此漏洞，建议用户下载使用： http://www.apache.org/...

Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.2. It is, therefore, potentially affected by an insecure library loading issue. The utility 'apachectl' can receive a zero-length directory name in the LDLIBRARYPATH via the 'envvars' file. A local...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expression Design 2, 3, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .xpr or .DESIGN file, aka...

Microsoft Visual Studio Add-In Insecure Library Loading (MS12-021; CVE-2012-0008)

An elevation of privilege vulnerability has been reported in Microsoft Visual Studio...

MS12-012: Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)

The remote host contains a version of Windows Color Control Panel that is affected by an insecure library loading vulnerability. A remote attacker could exploit this by tricking a user into opening a .camp, .cdmp, .gmmp, .icc, or .icm file in a directory that also contains a malicious 'sti.dll'...

Mindjet MindManager 2012 10.0.493 Buffer Overflow / Denial Of Service

Mindjet MindManager 2012 v10.0.493 Multiple Remote Vulnerabilities Vendor: Mindjet Product web page: http://www.mindjet.com Affected version: 10.0.493 Windows Summary: An intuitive visual framework that fosters clarity, innovative thinking & communication to improve business results. Desc:...

RSA SecurID Software Token < 4.1.1 Insecure Library Loading

The remote Windows host contains a version of RSA SecurID Software Token 3.0, 4.0, or 4.1 earlier than 4.1.1. As such, it is reportedly affected by an insecure library loading vulnerability. If an attacker can trick a user on the affected system into opening a specially crafted Software Token fil...

ESA-2011-039: RSA&#40;r&#41;, The Security Division of EMC, announces security fixes and improvements for RSASecurID&#40;r&#41; Software Token 4.1 for Microsoft&#40;r&#41;Windows&#40;r&#41;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-039: RSA®, The Security Division of EMC, announces security fixes and improvements for RSASecurID® Software Token 4.1 for Microsoft®Windows® Advisories Updated December 12, 2011 Summary: RSA, The Security Division of EMC, announces security...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka...

Microsoft PowerPoint Insecure Library Loading (MS11-094; CVE-2011-3396)

A remote code execution vulnerability has been reported in Microsoft PowerPoint. The vulnerability is due to an error in the way Microsoft PowerPoint restricts the path used for loading external libraries. A remote attacker could exploit this vulnerability by enticing a user to open a legitimate...

Internet Explorer Insecure Library Loading Code Execution (MS11-089; CVE-2011-2019)

A remote code execution vulnerability has been reported in Internet Explorer IE. The vulnerability is due to an error in the way IE restricts the path used for loading external libraries. A remote attacker could exploit this vulnerability by enticing a user to open a legitimate HTML file that is...

IBM Db2 'DT_RPATH' Insecure Library Loading Code Execution Vulnerabilities

IBM Db2 is prone to insecure library loading vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2";...

IBM DB2 'DT_RPATH' Insecure Library Loading Code Execution Vulnerabilities

The host is running IBM DB2 and is prone to insecure library loading vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmdb2dtrpathinsecurelibloadvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ IBM DB2 'DTRPATH' Insecure Library Loading Code Execution Vulnerabilities Authors: Antu Sanadi...

Design/Logic Flaw

Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure...

Design/Logic Flaw

Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in...