JVN#91387819: mora Downloader may insecurely load executable files

mora Downloader contains an issue in the file search path when loading files, which may insecurely load executables or other files. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest version according to t...

Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading (MS11-003) - ver 2 (CVE-2011-0038)

A code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer handles the loading of IESHIMS.DLL. A remote attacker can exploit this vulnerability by enticing a target user to save a maliciously crafted dynamic link library DLL file on...

Microsoft Windows Color Control Panel Remote Code Execution Vulnerability (2643719)

This host is missing an important security update according to Microsoft Bulletin MS12-012. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

JVN#85695061: ALFTP may insecurely load executable files

ALFTP provided by ESTsoft Corp. is a FTP client software with the built in FTP server. ALFTP contains an issue when loading files. For example, if an user tries to open README a file without extention which exists in the same directory where README.exe a file with .exe extention exists, README.ex...

Interactive Graphical SCADA System DLL Loading Arbitrary Code Execution Vulnerability

This host is installed with Interactive Graphical SCADA System and is prone to code execution vulnerability. OpenVAS Vulnerability Test $Id: gbigssdllcodeexecutionvuln.nasl 5940 2017-04-12 09:02:05Z teissa $ Interactive Graphical SCADA System DLL Loading Arbitrary Code Execution Vulnerability...

FFFTP < 1.98d Untrusted Search Path Vulnerability (Dec 2011) - Windows

FFFTP is prone to untrusted search path vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)

This host is missing an important security update according to Microsoft Bulletin MS11-094. OpenVAS Vulnerability Test $Id: secpodms11-094.nasl 6523 2017-07-04 15:46:12Z cfischer $ Microsoft Office PowerPoint Remote Code Execution Vulnerabilities 2639142 Authors: Antu Sanadi Copyright: Copyright ...

JVN#94002296: FFFTP may insecurely load executable files

FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest versio...

FFFTP < 1.98b Untrusted Search Path Vulnerability - Windows

FFFTP is prone to untrusted search path vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

JVN#62336482: FFFTP may insecurely load executable files

FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest...

JVN#58019849: GTK+ may insecurely load dynamic libraries

GTK+ is a toolkit for developing applications with GUIs. GTK+ contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact In an application that uses GTK+, arbitrary code may be executed with the privilege of that application. Solution Solution for...

Internet Explorer Telnet URI Insecure Loading

Added: 08/16/2011 CVE: CVE-2011-1961 BID: 49027 OSVDB: 74494 Background A Uniform Resource Identifier URI allows a user to identify a name or a resource on the Internet while specifying the delivery protocol. Problem Unpatched versions of Internet Explorer versions 6 through 9 do not specify the...

Internet Explorer Telnet URI Insecure Loading

Added: 08/16/2011 CVE: CVE-2011-1961 BID: 49027 OSVDB: 74494 Background A Uniform Resource Identifier URI allows a user to identify a name or a resource on the Internet while specifying the delivery protocol. Problem Unpatched versions of Internet Explorer versions 6 through 9 do not specify the...

Internet Explorer Telnet URI Insecure Loading

Added: 08/16/2011 CVE: CVE-2011-1961 BID: 49027 OSVDB: 74494 Background A Uniform Resource Identifier URI allows a user to identify a name or a resource on the Internet while specifying the delivery protocol. Problem Unpatched versions of Internet Explorer versions 6 through 9 do not specify the...

Internet Explorer Telnet URI Insecure Loading

Added: 08/16/2011 CVE: CVE-2011-1961 BID: 49027 OSVDB: 74494 Background A Uniform Resource Identifier URI allows a user to identify a name or a resource on the Internet while specifying the delivery protocol. Problem Unpatched versions of Internet Explorer versions 6 through 9 do not specify the...

JVN#80404511: Windows URL Protocol Handler may insecurely load executable files

Windows URL Protocol Handler loads a specified executable for each protocol. Windows URL Protocol Handler contains an issue with the file search path, which may insecurely load executable files. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution...

Oracle Java Runtime Environment Insecure File Loading

Added: 08/08/2011 OSVDB: 74330 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java application; it consists of the Java...

PowerZip Insecure Library Loading Vulnerability

This host is installed with PowerZip and is prone to insecure library loading vulnerability. OpenVAS Vulnerability Test $Id: gbpowerzipinsecurelibloadvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ PowerZip Insecure Library Loading Vulnerability Authors: Rachana Shetty Copyright: Copyright c 2011...

Java Web Start may insecurely load settings files

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load settings files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file...

Java Web Start may insecurely load policy files

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load policy files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file...