UBUNTU-CVE-2015-8621

t-coffee before 11.00.8cbe486-2 allows local users to write to /.tcoffee globally...

CVE-2017-4921

VMware vCenter Server 6.5 prior to 6.5 U1 contains an insecure library loading issue that occurs due to the use of LDLIBRARYPATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation...

Installer of LhaForge may insecurely load Dynamic Link Libraries

Overview LhaForge is a file compression/decompression software. The installer of LhaForge contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with t...

glibc: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

glibc: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

glibc: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

DEBIAN-CVE-2017-1000366

glibc contains a vulnerability that allows specially crafted LDLIBRARYPATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap...

UBUNTU-CVE-2017-1000366

glibc contains a vulnerability that allows specially crafted LDLIBRARYPATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap...

Foxit Reader < 7.3.0 Multiple Vulnerabilities

Binary data 9467.prm...

The vulnerability of the Microsoft Office software allows a malicious attacker to execute arbitrary code.

A vulnerability in Microsoft Office software, related to errors in checking the path of dynamically loaded libraries. Exploiting this vulnerability allows a malicious attacker to execute arbitrary code contained in the dynamic library located in the document’s open directory...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

Updated hawtjni packages fix security vulnerability

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp/ when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJ...

QNX 6.2/6.3 - Multiple Local Privilege Escalation and Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16539/info QNX is susceptible to multiple local vulnerabilities. These issues include multiple buffer-overflow vulnerabilities, a format-string vulnerability, an insecure library-path vulnerability, insecure...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

DEBIAN-CVE-2013-2035

Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp...

UBUNTU-CVE-2013-2035

Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp...

httpd: insecure handling of LD_LIBRARY_PATH in envvars

envvars aka envvars-std in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl...

AZL-37030 CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20

sfcb in sblim-sfcb places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

AZL-41033 CVE-2012-0883 affecting package httpd for versions less than 2.4.2-1

envvars aka envvars-std in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl...

ibutils: insecure relative RPATH

Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux RHEL 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux RHEL 5 allows local users to gain privileges via a Trojan Horse...