CVE-2010-3145

CVE-2010-3145 concerns the Windows Backup Manager insecure DLL loading in sdclt.exe (Backup Manager) on Windows Vista SP1/SP2. The vulnerability arises from untrusted search path loading a Trojan horse fveapi.dll located in the current working directory, triggered when opening a Windows Backup Ca...

CVE-2010-3144

CVE-2010-3144 concerns an insecure library loading vulnerability in the Internet Connection Signup Wizard (ICSW) affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is untrusted search path handling that allows loading a Trojan horse DLL (smmscrpt.dll) from the current direct...

CVE-2010-3146

CVE-2010-3146 corresponds to the Microsoft Groove 2007 insecure library loading vulnerability. Multiple OpenVAS/SecPod/SAINT entries confirm that Groove 2007 (SP2) loads untrusted libraries from the current working directory when opening .vcg or .gta files, specifically mso.dll or GroovePerfmon.d...

MS KB2269637: Insecure Library Loading Could Allow Remote Code Execution

The remote host is missing Microsoft KB2264107 or an associated registry change, which provides a mechanism for mitigating binary planting or DLL preloading attacks. Insecurely implemented applications look in their current working directory when resolving DLL dependencies. If a malicious DLL wit...

Adobe Reader < 7.1.0 / 8.1.2 Multiple Vulnerabilities

The version of Adobe Reader installed on the remote host is earlier than 8.1.2 or 7.1.0. Such versions are reportedly affected by multiple vulnerabilities : - A design error vulnerability may allow an attacker to gain control of a user's printer. - Multiple stack-based buffer overflows may allow ...

IBM DB2 database multiple security vulnerabilities

Directory traversal, buffer overflow, shared libraries loaded from insecure locations, files and directories manipulation...