Microsoft Internet Explorer permits to examine the existence of local files

Microsoft Internet Explorer permits to examine the existence of local files Description: There is a security bug in Microsoft Internet Explorer, which allows to check up existence of local files in system directories Root C:/, WINDOWS, SYSTEM, SYSTEM32, DESKTOP, COMMAND, Internet Explorer...

Microsoft Internet Explorer 6 - Local Resource Enumeration

source: https://www.securityfocus.com/bid/11621/info Microsoft Internet Explorer is reported prone to a local resource enumeration vulnerability. It is reported that the vulnerability exists because when handling 'res://' requests for local resources, Internet explorer behavior may reveal the...

Adobe acrobat / Adobe Reader 6 can read local files

Adobe acrobat / Adobe Reader 6 can read local files Description Acrobat/ Acrobat reader is software for viewing and printing Adobe Portable Document Format PDF files. Adobe PDF files can be viewed on most major operating systems. Version 6 of this program has an issue with the way it handles...

SCSA028.txt

================================================= Security Corporation Security Advisory SCSA-028 Nuked-Klan Multiple Vulnerabilities ================================================= PROGRAM: Nuked-KlaN HOMEPAGE: http://www.nuked-klan.org VULNERABLE VERSIONS: b1.4, b1.5, SP2 RISK: MEDIUM/HIGH...

Internet Explorer Shell Folders local files access

It's possible to address local files by URL shell: with relative paths...

Opera 7 - Image Rendering HTML Injection

source: https://www.securityfocus.com/bid/6756/info It has been reported that, when generating HTML to display images or embedded media, Opera does not correctly format the provided URL or sufficiently encode URLs to local files. As a result of this lack of sanitization Opera is vulnerable to HTM...

CVE-2002-1339

The "XMLURL" property in the Spreadsheet component of Office Web Components OWC 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files...

CVE-2002-1338

CVE-2002-1338 affects the Chart component in Office Web Components (OWC) 9 and 10. The Load method throws an exception when a referenced file does not exist, which can be leveraged by an attacker to determine the existence of local files on the target system. The issue is described in multiple so...

CVE-2002-1339

The "XMLURL" property in the Spreadsheet component of Office Web Components OWC 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files...

Moderate: Red Hat Security Advisory: : : : Updated wget packages fix directory traversal bug

The wget packages shipped with Red Hat Linux 6.2 through 8.0 contain a security bug which, under certain circumstances, can cause local files to be written outside the download directory. Updated 10 July 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems Versions of wget pri...

MySQL privilege escalation

By using PHP in conjuction with MySQL it's possible to access local files...

Multiple Opera bug

Errors in scripting allow access to local files...

EUVD-2002-1275

The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" null character URL...

CVE-2002-1082

The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded...

QT Assistant unauthorized access

It's possible to obtain access to any local HTML file via TCP/7358...

Microsoft Windows Media Player ActiveX control allows execution of javascript in "already open" frames

Overview A vulnerability in the Windows Media Player may allow remote attackers to view the contents of local files on the victim's computer. Description Using the "LaunchURL" method of the Windows Media Player ActiveX control, a web page author may be able to circumvent the frame security featur...

CVE-2002-1082

The CVE-2002-1082 issue affects ezContents 1.40 and earlier, where the Image Upload capability allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded. The vulnerability is network-exploitable with low attack complexity and no authentication requi...

Microsoft Windows XP - HCP URI Handler Abuse

Microsoft Windows XP - HCP URI Handler Abuse source: https://www.securityfocus.com/bid/5478/info Microsoft Internet Explorer on Windows XP comes equipped with a protocol handler for the 'Help and Support Center' application. The protocol handler may be specified in links, and when such a link is...

Reading local files in Netscape 6 and Mozilla (GM#001-NS)

GreyMagic Security Advisory GM001-NS ===================================== By GreyMagic Software, Israel. 30 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm001-ns/. Topic: Reading local files in Netscape 6 and Mozilla. Discovery date: 30 Mar 2002. Affected applications:...

Multiple local files detection issues with OWC in IE (GM#008-IE)

GreyMagic Security Advisory GM008-IE ===================================== By GreyMagic Software, Israel. 08 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm008-ie/. Topic: Multiple local files detection issues with OWC in IE. Discovery date: 25 Feb 2002, 05 Mar 2002...