Microsoft Internet Explorer Multiple Vulnerabilities (2482017)

This host is missing a critical security update according to Microsoft Bulletin MS11-003. OpenVAS Vulnerability Test $Id: secpodms11-003.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2482017 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

Flash Player < 10.2.152.26 Multiple Vulnerabilities (APSB11-02)

The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.152.26. Such versions are potentially affected by multiple vulnerabilities : - An integer overflow exists that could lead to code execution. CVE-2011-0558 - Multiple memory corruption vulnerabilities exist that cou...

Adobe Reader < 10.0.1 / 9.4.2 / 8.2.6 Multiple Vulnerabilities (APSB11-03)

The version of Adobe Reader installed on the remote host is earlier than 10.0.1 / 9.4.2 / 8.2.6. Such versions are reportedly affected by multiple vulnerabilities : - Multiple input validation vulnerability exist that could lead to code execution. CVE-2010-4091, CVE-2011-0586, CVE-2011-0587,...

Microsoft Windows Backup Manager Insecure Library Loading (MS11-001; CVE-2010-3145)

The Windows Backup Manager sdclt.exe allows users to restore a computer's system files to an earlier point in time. A remote attacker could convince a user to open a legitimate Windows Backup Catalog file .wbcat that is located in the same network directory as a specially crafted DLL file. Then,...

Adobe Photoshop CS5 Insecure Library Loading Code Execution (APSB10-30; CVE-2010-3127)

Adobe Photoshop CS5 is a graphics editing program that features a 3D engine. A library-loading vulnerability has been identified in Adobe Photoshop CS5. This vulnerability is due to the application insecurely loading certain librairies from the current working directory, which could allow attacke...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Windows Movie Maker WMM 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker MSWMM file, aka "Insecure Library Loading Vulnerability."...

Design/Logic Flaw

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST...

CVE-2010-3965

The CVE-2010-3965 issue is an Insecure Library Loading (untrusted search path) vulnerability in Windows Media Encoder 9. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 Gold/SP2. The root cause is that Windows Media Encoder loa...

CVE-2010-3967

CVE-2010-3967 describes an Untrusted Search Path/Insecure Library Loading vulnerability in Microsoft Windows Movie Maker 2.6. A Trojan DLL placed in the current working directory (e.g., a directory containing an MSWMM file) can be loaded by WMM, allowing local users to gain privileges. The issue ...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Adobe Photoshop CS5 < 12.0.2 (APSB10-30)

The installed version of Adobe Photoshop is older than 12.0.2, and hence affected by the following issues : - Insecure library loading, which could result in arbitrary code execution. CVE-2010-3127 - Multiple unspecified vulnerabilities. C Tenable Network Security, Inc. include"compat.inc"; if...

MS10-097: Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)

The remote Windows host contains a version of the Internet Connection Signup Wizard that incorrectly restricts the path used for loading external libraries. If an attacker can trick a user on the affected system into opening a specially crafted .ins or .isp file located in the same network...

Microsoft Windows Media Encoder Insecure Library Loading (MS10-094; CVE-2010-3965)

Microsoft Windows Media Encoder is a production tool for converting both live and prerecorded audio and video to Windows Media Format. A remote code execution vulnerability has been reported in the way that Microsoft Office handles the loading of DLL files. The vulnerability is caused when the...

CVE-2010-4296

vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via...

PT-2010-5404 · Vmware · Vmware Server +3

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 7.0 through 7.1.2 build 301547 VMware Player versions 3.1.x through 3.1.1 build 301547 VMware Server version 2.0.2 VMware Fusion versions 3.1.x through 3.1.1 build 332100 Description: The issue is related to the...

AOL Instant Messenger Insecure Library Loading Vulnerability

A vulnerability has been discovered in AOL Instant Messenger, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • dwmapi.dll This can be exploit...

Native Instruments Kontakt 4 Player 4.1.3 Insecure Library Loading

/ Native Instruments Kontakt 4 Player v4.1.3 Insecure Library Loading Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 4.1.3.4125 Standalone Summary: KONTAKT 4 PLAYER is the free sample player based on award-winning KONTAKT...

Native Instruments Guitar Rig 4 Player v4.1.1 Insecure Library Loading Vulnerability

Summary GUITAR RIG 4 PLAYER is the free, modular and expandable effects processor from Native Instruments, combining creative effects routing possibilities with ease-of-use and pristine sound quality. The included FACTORY SELECTION library provides one stunning Amp emulation with Matched Cabinet,...