PT-2019-16892 · Ibm · Ibm Spectrum Protect Storage Agents +1

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect Servers versions 7.1 through 8.1 IBM Spectrum Protect Storage Agents versions 7.1 through 8.1 Description: A local attacker could gain elevated privileges on the system by loading a specially crafted library loaded by the...

CVE-2019-0973

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then...

CVE-2019-0973

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then...

CVE-2019-0973 Windows Installer Elevation of Privilege Vulnerability

...

Windows Installer Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then...

CVE-2019-7093

Creative Cloud Desktop Application installer versions 4.7.0.400 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2019-7093

Creative Cloud Desktop Application installer versions 4.7.0.400 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2019-7093

Creative Cloud Desktop Application installer versions 4.7.0.400 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2018-16156

In PaperStream IP TWAIN 1.42.0.5685 Service Update 7, the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkicFjicube32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes...

NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution

/ NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution Vendor: NREL Product web page: https://beopt.nrel.gov Affected version: 2.8.0.0, 2.7.0.0 and 2.6.0.1 Summary: The BEoptaC/ Building Energy Optimization Tool software provides capabilities to evaluate residential building designs...

APSB19-11 Security update available for the Adobe Creative Cloud Desktop Application

Adobe has released a security update for the Creative Cloud Desktop Application installer for Windows. This update resolves an insecure library loading vulnerability in the installer that could lead to privilege escalation...

CVE-2019-1636 Cisco Webex Teams URI Handler Insecure Library Loading Vulnerability

A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit...

CVE-2019-1636 Cisco Webex Teams URI Handler Insecure Library Loading Vulnerability

A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit...

Cisco Webex Teams URI Handler Insecure Library Loading Vulnerability

A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit...

CVE-2018-15983

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

Privilege escalation

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2018-15983

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

UBUNTU-CVE-2018-15983

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2018-15983

CVE-2018-15983 affects Adobe Flash Player up to 31.0.0.153 (and 31.0.0.108 and earlier). The issue is insecure library loading (DLL hijacking) that could allow privilege escalation. Affected product: Flash Player on multiple platforms; root cause is DLL loading without proper verification in the ...

Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.2. It is, therefore, potentially affected by an insecure library loading issue. The utility 'apachectl' can receive a zero-length directory name in the LDLIBRARYPATH via the 'envvars' file. A local...