4529 matches found
[ GLSA 200803-23 ] Website META Language: Insecure temporary file usage
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
GLSA-200803-23 : Website META Language: Insecure temporary file usage
The remote host is affected by the vulnerability described in GLSA-200803-23 Website META Language: Insecure temporary file usage Temporary files are handled insecurely in the files wmlbackend/p1ipp/ipp.src, wmlcontrib/wmg.cgi, and wmlbackend/p3eperl/eperlsys.c, allowing users to overwrite or...
Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of malformed cell comments. When Excel...
CVE-2008-0808
Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...
DEBIAN-CVE-2008-0808
Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...
Cross site scripting
Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...
CVE-2008-0808
Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...
CVE-2008-0808
Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...
CVE-2008-0808
Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...
CVE-2008-0808
Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...
CVE-2008-0808
CVE-2008-0808 is an XSS in Ikiwiki's meta plugin, affecting Ikiwiki before 1.1.47. Exploitation could allow remote script/HTML injection via meta tags. Debian and OSV advisories reference fixed releases and urge upgrading Ikiwiki to patched versions (e.g., Debian etch 1.33.4); no exploit details ...
CVE-2008-0665
wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...
CVE-2008-0666
Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on 1 the /tmp/pe.tmp.$$ temporary file used by wmlcontrib/wmg.cgi and 2 temporary files used by wmlbackend/p3eperl/eperlsys.c...
Code injection
Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on 1 the /tmp/pe.tmp.$$ temporary file used by wmlcontrib/wmg.cgi and 2 temporary files used by wmlbackend/p3eperl/eperlsys.c...
CVE-2008-0665
wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...
DEBIAN-CVE-2008-0666
Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on 1 the /tmp/pe.tmp.$$ temporary file used by wmlcontrib/wmg.cgi and 2 temporary files used by wmlbackend/p3eperl/eperlsys.c...
DEBIAN-CVE-2008-0665
wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...
CVE-2008-0665
CVE-2008-0665 affects Website META Language (WML) 2.0.11, where wml_backend/p1_ipp/ipp.src allows local users to overwrite arbitrary files via a symlink attack on ipp.$$.tmp. The issue is confirmed in multiple advisories (Debian DSA-1492-1/2, Gentoo GLSA-200803-23, Mandriva MDVSA-2008:076, Gentoo...
CVE-2008-0665
wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...
CVE-2008-0666
Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on 1 the /tmp/pe.tmp.$$ temporary file used by wmlcontrib/wmg.cgi and 2 temporary files used by wmlbackend/p3eperl/eperlsys.c...