168 matches found
Rapid7 Metasploit Pro DLL Loading Remote Code Execution Vulnerability
Metasploit Pro is a powerful guided penetration testing platform. A DLL loading remote code execution vulnerability exists in Rapid7 Metasploit Pro prior version 4.13.0-2017022101, which can be exploited by a remote attacker to execute arbitrary code in the context of an affected application...
Rapid7 Insight Collector DLL Loading Remote Code Execution Vulnerability
Rapid7 is the world's leading security risk information solution for vulnerability management, vulnerability scanning, vulnerability assessment and penetration testing. The Rapid7 Insight Collector DLL is loaded with a remote code execution vulnerability that can be exploited by a remote attacker...
KLA10921 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain priveleges. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerabilit...
CVE-2016-3235
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...
Guitar Lessons Beginners LITE - Base64 encoded String, Corrupted files, Dynamic Code Loading vulnerabilities
HackApp vulnerability scanner discovered that application Guitar Lessons Beginners LITE published at the 'play' market has multiple vulnerabilities...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote...
Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2016-00282)
Microsoft Windows is a series of operating systems designed for personal computer and server users from the American company Microsoft. Microsoft Windows fails to properly load DLL files, allowing attackers to exploit the vulnerability to build special files that can be tricked into parsing and...
Corel PDF Fusion <= 1.14 Arbitrary Code Execution Vulnerability - Windows
Corel PDF Fusion is prone to an arbitrary code execution vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Privacy killer: the Flash permissions reflection-vulnerability warning-the black bar safety net
0x00 Preface Always thought the risk has long been valued, but recently accidentally found, there are still many sites the presence of the defects, which are some of the commonly used email, social networking sites, so it is necessary then to explore it again. In fact, this is not what...
VideoStudio Pro X7 'u32ZLib.dll' DLL Loading Arbitrary Code Execution Vulnerability
VideoStudio Pro X7 is a video editing software. An arbitrary code execution vulnerability exists in VideoStudio Pro X7 'u32ZLib.dll' DLL loading due to VideoStudio Pro X7 failing to properly load the "u32ZLib.dll" file. This allows an attacker to construct a malicious DLL file to load arbitrary...
0-Days Exposed in Several Corel Applications
UPDATE–Researchers from Core Security have disclosed DLL hijacking vulnerabilities in several applications made by Corel Software after the vendor didn’t respond to Core’s notifications about the flaws. There are no patches available for the bugs, which can allow remote code execution. Corel sell...
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378)
This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-base...
SAP GUI DLL Loading Arbitrary Code Execution (Note 1511179)
The remote host is running a version of SAP GUI that reportedly insecurely looks in its current working directory when resolving DLLs such as 'MFC80LOC.DLL' and 'MFC80RUS.DLL'. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72211; scriptversion"1.4";...
Mozilla Thunderbird ESR 17.x < 17.0.5 Multiple Vulnerabilities
The installed version of Thunderbird ESR 17.x is earlier than 17.0.5 and is, therefore, potentially affected the following vulnerabilities: - Various memory safety issues exist. CVE-2013-0788 - An out-of-bounds memory read error exists related to 'CERTDecodeCertPackage' and certificate decoding...
CVE-2013-0095
Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging the installation of a WebK...
Ubuntu Update for linux USN-1683-1
Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN16831.nasl 8542 2018-01-26 06:57:28Z teissa $ Ubuntu Update for linux USN-1683-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...
CentOS Update for java CESA-2011:0281 centos5 x86_64
Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2011:0281 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CVE-2012-1849
Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading...
Microsoft Expression Design wintab32.dll Library Loading
Added: 04/25/2012 CVE: CVE-2012-0016 BID: 52375 OSVDB: 80001 Background Microsoft Expression Design is a commercial professional illustration vector and raster graphic design tool for web images. Problem Microsoft Expression Design contains a flaw in the way it loads dynamic-link libraries DLL. T...
ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-039: RSA®, The Security Division of EMC, announces security fixes and improvements for RSASecurID® Software Token 4.1 for Microsoft®Windows® Advisories Updated December 12, 2011 Summary: RSA, The Security Division of EMC, announces security...