221 matches found
Potential Internet Explorer Security Risk
Potential Security Risk with Internet Explorer This was tested on version: 5.00.2614.3500 with Windows 98 SE 4.10.2222A. I was playing with Favorites and added a favorite with the name of 'www.dsakfjhasdfj.com' and set it to point to the address 'c:command.com'. dont include the '' characters...
CVE-2001-0424
BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id...
CVE-2001-0370
fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters...
CVE-2001-0424
BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id...
CVE-2000-1123
CVE-2000-1123 involves a buffer overflow in the pioout command on IBM AIX 4.3.x and earlier. The root cause is a vulnerable buffer handling in pioout, allowing local users to execute arbitrary commands with privileges on affected systems. Documents confirm the affected product as IBM AIX 4.3.x an...
CVE-2001-0111
CVE-2001-0111 : The vulnerability affects the splitvt utility (before 1.6.5). It is a format-string flaw that can allow a local attacker to run arbitrary commands via the -rcfile argument. Debian’s DSA-014-2 describes a buffer overflow/format-string attack with root access risk; remediation is up...
CVE-2001-0115
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter...
Sendfile 1.x2.1 - Forced Privilege Lowering Failure
Sendfile 1.x2.1 - Forced Privilege Lowering Failure source: https://www.securityfocus.com/bid/2652/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction...
Sendfile 1.x2.1 - Local Privileged Arbitrary Command Execution
Sendfile 1.x2.1 - Local Privileged Arbitrary Command Execution source: https://www.securityfocus.com/bid/2645/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. Due to a problem dropping privileges completely before running user-specified...
Sendfile 1.x/2.1 - Forced Privilege Lowering Failure
source: https://www.securityfocus.com/bid/2652/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction with other problems found in the daemon, it may be...
CVE-2001-0112
Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands...
CVE-2000-1089
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability...
CVE-2000-1004
Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters...
CVE-2000-1089
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability...
CVE-2000-1163
ghostscript before 5.10-16 uses an empty LDRUNPATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript...
CVE-2000-0963
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFODIRS...
CVE-2000-0918
Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters...
CVE-2000-0918
Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters...
CVE-2000-0595
libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory...
CVE-2000-0340
Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable...