1409 matches found
WordPress Link Library plugin <= 5.2.1 - SQL Injection
No description provided by source. Exploit Title: WordPress Link Library plugin = 5.2.1 SQL Injection Vulnerability Date: 2011-09-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/link-library.zip Version: 5.2.1 tested Note:...
CVE-2014-1520
maintenserviceinstaller.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process...
Foxit Reader < 6.1.4 Trojan DLL Injection
The version of Foxit Reader installed on the remote Windows host is prior to 6.1.4. It is, therefore, affected by a flaw in how dynamic-link library DLL files are located and loaded, specifically file imgseg.dll. The application uses a fixed path to search for this file, and the path can include...
HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/61745/info HTC Sync Manager is prone to multiple arbitrary code-execution vulnerabilities. An attacker can exploit these issues by enticing a legitimate user to use the...
HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
source: https://www.securityfocus.com/bid/61745/info HTC Sync Manager is prone to multiple arbitrary code-execution vulnerabilities. An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a...
New Reveton Ransomware Variant Steals Passwords
The developers of Reveton have expanded that ransomware’s repertoire with a password stealing functionality, according to new research. Ransomware, sometimes called scareware, is a type of malware that locks down infected machines, offering to unlock them only after a fee has been paid. Oftentime...
Foxit Reader < 5.4.3 Trojan DLL Injection
The version of Foxit Reader installed on the remote Windows host is prior to 5.4.3. It is, therefore, affected by a flaw in how dynamic-link library DLL files are located and loaded, specifically file fxdecod1.dll. The application uses a fixed path to search for this file, and the path can includ...
Adobe Pixel Bender Toolkit2 - tbbmalloc.dll Multiple DLL Loading Code Execution Vulnerabilities
Adobe Pixel Bender Toolkit2 - tbbmalloc.dll Multiple DLL Loading Code Execution Vulnerabilities // source: https://www.securityfocus.com/bid/55179/info Adobe Pixel Bender Toolkit2 is prone to multiple vulnerabilities that allow attackers execute arbitrary code. An attacker can exploit these issue...
Adobe Pixel Bender Toolkit2 - 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities
// source: https://www.securityfocus.com/bid/55179/info Adobe Pixel Bender Toolkit2 is prone to multiple vulnerabilities that allow attackers execute arbitrary code. An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network...
Adobe releases open source malware classification tool
Adobe releases open source malware classification tool Adobe Systems has released a malware classification tool in order to help security incident first responders, malware analysts and security researchers more easily identify malicious binary files. The 'Adobe Malware Classifier' tool uses...
Microsoft Expression 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
Description Microsoft Expression is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link...
Microsoft Windows Color Control Panel Remote Code Execution Vulnerability (2643719)
This host is missing an important security update according to Microsoft Bulletin MS12-012. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft PowerPoint Insecure Library Loading (MS11-094; CVE-2011-3396)
A remote code execution vulnerability has been reported in Microsoft PowerPoint. The vulnerability is due to an error in the way Microsoft PowerPoint restricts the path used for loading external libraries. A remote attacker could exploit this vulnerability by enticing a user to open a legitimate...
Internet Explorer Insecure Library Loading Code Execution (MS11-089; CVE-2011-2019)
A remote code execution vulnerability has been reported in Internet Explorer IE. The vulnerability is due to an error in the way IE restricts the path used for loading external libraries. A remote attacker could exploit this vulnerability by enticing a user to open a legitimate HTML file that is...
MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
The remote Windows host is missing an security update. It is, therefore, affected by a flaw in Windows Mail and Windows Meeting Space related to the search path that is used when loading dynamic link library DLL files. This path may include directories that are not trusted or under user control. ...
MS11-076: Vulnerability in Windows Media Center could allow remote code execution: October 11, 2011
Resolves a vulnerability in Windows Media Center that could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library DLL file.INTRODUCTIONMicrosoft has released security bulletin...
PT-2011-2985 · Microsoft · Windows Server 2003 +6
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: T...
WordPress Link Library plugin <= 5.2.1 SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Link Library plugin = 5.2.1 SQL Injection Vulnerability Date: 2011-09-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/link-library.zip Version: 5.2.1 tested Note:...
WordPress Link Library 5.2.1 SQL Injection
Exploit Title: WordPress Link Library plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0%23 --------------- Vulnerable code --------------- ./link-library-ajax.php: echo $mylinklibraryplugin-LinkLibrary...; ./link-library.php: class linklibraryplugin ... function LinkLibrary... return...
WordPress Plugin Link Library 5.2.1 - SQL Injection
WordPress Plugin Link Library 5.2.1 - SQL Injection Exploit Title: WordPress Link Library plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0%23 --------------- Vulnerable code --------------- ./link-library-ajax.php: echo $mylinklibraryplugin-LinkLibrary...; ./link-library.php: class...