IBM AIX <= 5.3 sp6 pioout Arbitrary Library Loading Local Root Exploit

No description provided by source. !/bin/sh 07/2007: public release IBM AIX = 5.3 sp6 echo ------------------------------- echo AIX pioout Local Root Exploit echo By qaaz echo ------------------------------- cat piolib.c EOF include stdlib.h include unistd.h void init attribute constructor; void...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378)

This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-base...

Microsoft Office Chinese Grammar Checker Insecure Library Loading (MS14-023; CVE-2014-1756)

An insecure library loading vulnerability has been reported in Microsoft Office proofing tools. The vulnerability is due to the way that the Chinese Simplified Grammar Checker component handles the loading of dynamic-link library .dll files. A remote attacker could exploit this vulnerability by...

Load Library Safely

Dynamically loading libraries in an application can lead to vulnerabilities if not secured properly. In this blog post we talk about loading a library using LoadLibraryEx API and make use of options to make it safe. Know the defaults: The library file name passed to LoadLibrary / LoadLibraryEx ca...

Autodesk AutoCAD Insecure Library Loading (CVE-2014-0819)

An insecure library loading vulnerability has been reported in AutoCAD. The vulnerability is due to an improper dynamic link library DLL search path leading to insecure library loading. A remote attacker could exploit this vulnerability by enticing a user to process an AutoCAD file from a malicio...

Autodesk AutoCAD < 2014 Multiple Vulnerabilities

The remote host has a version of Autodesk AutoCAD installed prior to AutoCAD 2014. It is, therefore, potentially affected by the following vulnerabilities : - An error exists related to handling FAS files that could allow execution of arbitrary VBScript code. CVE-2014-0818 - An error exists relat...

Corel PaintShop Pro Insecure Library Loading (CVE-2013-0733)

A code execution vulnerability exists in Corel's PaintShop Pro...

Watchguard Server Center 11.7.4 Insecure Library Loading

Watchguard Server Center version 11.7.4 suffers from a dll hijacking vulnerability with wgpr.dll. Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION...

Watchguard Server Center 11.7.4 Insecure Library Loading

Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Watchguard Server Center Vendor URL: www.watchguard.com Type: Uncontrolled Search...

Soda PDF Insecure Library Loading Vulnerability - Windows

Soda PDF is prone to insecure library loading vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:soda:sodapdf"; if...

Nitro Pro Insecure Library Loading

The version of Nitro Pro installed on the remote Windows host is earlier than 8.5.2.10 and is, therefore, reportedly affected by an insecure library loading vulnerability. By tricking a user into opening a specially crafted file, an attacker could execute arbitrary code on the remote host subject...

[IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Uncontrolled Search Path Element CWE-427 Date found: 2013-02-23 Date published: 2013-02-23 CVSSv2 Score: 4,4...

Foxit Reader Insecure Library Loading

A code execution vulnerability has been reported in Foxit Reader. The vulnerability is due to an error in a dynamic link library DLL search path. A remote attacker could exploit this vulnerability by enticing a user to open a file from a directory, which also contains a malicious DLL. Successful...

Multiple Products wintab32.dll Insecure Library Loading (CVE-2013-0742)

A code execution vulnerability has been identified in Multiple Products. The vulnerability is due to an improper dynamic link library DLL search path leading to insecure library loading. A remote attacker could exploit this vulnerability by enticing a user to open a file from a directory, which...

Check Point Remote Access Client Insecure Library Loading

The version of Check Point Remote Access Client installed on the remote Windows host is earlier than E75.10 and is, therefore, reportedly affected by an insecure library loading vulnerability. If an attacker can trick a user on the affected system into opening a specially crafted file, they may b...

ThinPrint - &#039;tpfc.dll&#039; Insecure Library Loading Arbitrary Code Execution

// source: https://www.securityfocus.com/bid/55421/info ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code. Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application. include int hijackpoc...

CentOS Update for java CESA-2011:0281 centos5 x86_64

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2011:0281 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

MS12-046: Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960)

The version of Visual Basic for Applications installed on the remote host is affected by an insecure library loading vulnerability. A remote attacker could exploit this flaw by tricking a user into opening a legitimate Microsoft Office file located in the same directory as a maliciously crafted...

Microsoft Office security vulnerabilities

VBA unsafe library loading, Office for Mac weak files permissions...

CVE-2012-1854

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications VBA; and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current...