1075 matches found
WebKit XML External Entity Information Disclosure Vulnerability
Exploit for unknown platform in category remote exploits =============================================================== WebKit XML External Entity Information Disclosure Vulnerability =============================================================== Title: WebKit XML External Entity Information...
EPSON Status Monitor 3 Privilege Escalation
------- EPSON Status Monitor 3 local privilege escalation vulnerability -------- by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ -------------------------------------------------------------------------------- After that pyrokinesis found:...
Running CMD.EXE as Local System-vulnerability warning-the black bar safety net
Author: zerosoul Before the evil eight to see the admin Account you can use plan the task execution program to obtain SYSTEM privileges. Then yesterday saw someone Blog on a tool, saying that anyone perform can be give SYSTEM permissions to the CMD. I think he said that may is the permission to...
Visagesoft eXPert PDF Viewer ActiveX Control File Overwrite Vulnerability
eXPert PDF Viewer ActiveX is prone to an ActiveX Control based file overwrite vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Altiris Deployment Solution Agent < 6.9.355 Local Privilege Escalation (SYM08-019)
The version of the Altiris Deployment Solution Agent installed on the remote host is affected by a local privilege escalation issue. Successful exploitation of this issue could allow an authorized non-privileged user to gain local system access on the client system. C Tenable Network Security, In...
CVE-2008-5015
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has...
CVE-2008-5015
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has...
Insomnia : ISVA-081020.1 - Altiris Deployment Server Agent - Privilege Escalation
Insomnia Security Vulnerability Advisory: ISVA-081020.1 Name: Altiris Deployment Server Agent - Privilege Escalation Released: 20 October 2008 Vendor Link: http://www.altiris.com/ Affected Products: Altiris Deployment Server 6.X Original Advisory:...
Webmin OS command injection vulnerability
Overview Webmin, a web-based system management tool, contains a vulnerability that allows an unauthorized Webmin user to execute OS commands. Webmin is a web-based system management tool. Webmin for Windows contains a vulnerability that allows an unauthorized Webmin user to execute OS commands by...
Virus Security heap overflow vulnerability
Overview SourceNext Virus Security has a problem in the email processing. It is affected by a heap overflow vulnerability when receiving specially crafted emails. Impact A remote attacker may cause a denial of service and execute arbitrary code with the Local System privilege. Solution None...
SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure Vulnerability
No description provided by source. Name SugarCRM – Local File Disclosure SugarCRM http://www.sugarcrm.com/docs/ReleaseNotes/OpenSourceReleaseNotes4.5.1j/ Advisories SugarReleaseNotes4.5.1j.2.6.html Bug 20522 http://dl.sugarforge.org/sugarcrm/SugarCE5.0Latest/SugarCE5.0.0/...
McAfee E-Business Server Authentication Packet Remote Overflow
McAfee E-Business Server, an enterprise tool for digitally encrypting and signing electronic files, is installed on the remote host. The version of this software installed on the remote host fails to properly handle over-sized authentication packets sent to its administration interface, generally...
Symantec Mail Security for SMTP File Parsing Vulnerabilities
Symantec Mail Security for SMTP, which provides anti-spam and anti- virus protection for the IIS SMTP Service, is installed on the remote Windows host. The version of Symantec Mail Security for SMTP installed on the remote host reportedly is affected by multiple vulnerabilities caused by buffer...
Tencent QQ scene vulnerability to the hack of the law-vulnerability and early warning-the black bar safety net
According to analysys international released the 2 0 0 7 in the first 2 quarters of China im market quarterly monitoring report shows, Chinese active IM software account has reached 3. 7 6 million, which has 2. 9 million active user accounts for Tencent QQ is well deserved IM the king. But did yo...
Hexamail Server pop3 Service USER Command Remote Overflow (credentialed check)
According to its version, the installation of Hexamail on the remote host is affected by a buffer overflow in its POP3 service component that can be exploited by an unauthenticated, remote attacker to crash the service or to execute arbitrary code on the affected host with LOCAL SYSTEM privileges...
Local privilege escalation vulnerability in Cisco VPN client
======= Summary ======= Name: Permissively-ACLed cvpnd.exe allows interactive users to run arbitrary binaries with Local System Privileges Release Date: 16 August 2007 Reference: NGS00503 Discover: Dominic Beecher [email protected] Vendor: Cisco Vendor Reference: cisco-sa-20070815-vpnclient...
Design/Logic Flaw
Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...
CVE-2007-4380
Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...
Debian DSA-1327-1 : gsambad - insecure temporary files
Steve Kemp from the Debian Security Audit project discovered that gsambad, a GTK+ configuration tool for samba, uses temporary files in an unsafe manner which may be exploited to truncate arbitrary files from the local system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
DSA-1327-1 gsambad - insecure temporary files
Bulletin has no description...