Lucene search
K

159 matches found

Positive Technologies
Positive Technologies
added 2012/10/11 12:0 a.m.5 views

PT-2012-5963 · Microsoft +1 · Windows 8 +4

Name of the Vulnerable Software and Affected Versions: PHP version 5.3.17 Description: The issue is related to an untrusted search path vulnerability in the installation functionality of PHP. This vulnerability might allow local users to gain privileges via a Trojan horse DLL in the C:PHP...

6CVSS7AI score0.00854EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2011/10/24 12:0 a.m.38 views

CVE-2011-3628

Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

6.9CVSS5.9AI score0.00383EPSS
Exploits0References2
OSV
OSV
added 2010/11/06 12:0 a.m.5 views

UBUNTU-CVE-2010-4001

DISPUTED GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because the GMXLDLIB value is always added to th...

4.6CVSS5.8AI score0.00345EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2010/10/21 7:0 p.m.34 views

CVE-2010-4039

Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors...

9.8CVSS7.2AI score0.01324EPSS
Exploits0References1
CVE
CVE
added 2010/10/21 6:12 p.m.53 views

CVE-2010-4039

CVE-2010-4039 affects Google Chrome on Linux prior to 7.0.517.41 where the process fails to properly set the PATH environment variable. The description does not specify the exact impact or attack vectors; vulnerability details are limited to this PATH handling issue. Open-source/ANSI references i...

9.8CVSS9.2AI score0.01324EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2010/10/21 6:12 p.m.30 views

CVE-2010-4039

Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors...

9.4AI score0.01324EPSS
Exploits0References6
Prion
Prion
added 2010/08/02 9:0 p.m.14 views

Design/Logic Flaw

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the 1 route, 2 mv, and 3 cp programs, a different vulnerability than CVE-2010-1671...

7.2CVSS6.7AI score0.0038EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2010/08/02 8:0 p.m.23 views

CVE-2010-2929

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the 1 route, 2 mv, and 3 cp programs, a different vulnerability than CVE-2010-1671...

6.2AI score0.0038EPSS
Exploits0References4
CVE
CVE
added 2010/08/02 8:0 p.m.39 views

CVE-2010-2929

The CVE-2010-2929 entry identifies an untrusted search path vulnerability in hsolinkcontrol (part of hsolink 1.0.118). The underlying issue is a modified PATH environment variable that is used when executing the programs route, mv, and cp, enabling local users to gain privileges through PATH mani...

7.2CVSS6.5AI score0.0038EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2010/05/19 12:0 a.m.17 views

NetBSD 5.0 Hack PATH Environment Overflow

!/bin/sh NetBSD 5.0 and below Hack PATH Environment overflow proof of concept Successfull Exploitation gives guid 100 games Vulnerable Function is in hack.unix.c It is a basic strcpy stack overflow. Such overflows are hard to exploit in NetBSD. If you can exploit it successfully feel free to...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2010/05/18 12:0 a.m.25 views

NetBSD 5.0 - Hack PATH Environment Overflow (PoC)

!/bin/sh NetBSD 5.0 and below Hack PATH Environment overflow proof of concept Successfull Exploitation gives guid 100 games Vulnerable Function is in hack.unix.c It is a basic strcpy stack overflow. Such overflows are hard to exploit in NetBSD. If you can exploit it successfully feel free to...

7AI score
Exploits0
FreeBSD
FreeBSD
added 2010/04/09 12:0 a.m.46 views

sudo -- Privilege escalation with sudoedit

Todd Miller reports: Sudo's command matching routine expects actual commands to include one or more slash '/' characters. The flaw is that sudo's path resolution code did not add a "./" prefix to commands found in the current working directory. This creates an ambiguity between a "sudoedit" comma...

6.9CVSS6.7AI score0.00402EPSS
Exploits2References2
seebug.org
seebug.org
added 2008/08/03 12:0 a.m.40 views

SAP MaxDB dbmsrv 进程PATH环境变量本地权限提升漏洞

BUGTRAQ ID: 30474 CVECAN ID: CVE-2008-1810 MaxDB是SAP应用中广泛使用的数据库管理系统。 当本地用户运行dbmcli程序时,MaxDB会代表用户执行dbmsrv进程。该进程负责执行用户命令,以sdba组的sdb用户权限运行。由于没有正确地过滤PATH环境变量,如果在变量前添加了攻击者所控制的路径的话,就可能导致以sdb:sdba权限执行任意指令。 SAP MaxDB 7.6.03.15 SAP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.sap.com/...

4.4CVSS6.5AI score0.00337EPSS
Exploits1
NVD
NVD
added 2008/08/01 2:41 p.m.23 views

CVE-2008-1810

Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable...

4.4CVSS6.5AI score0.00337EPSS
Exploits1References6
Cvelist
Cvelist
added 2008/04/09 7:0 p.m.26 views

CVE-2008-1710

Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable...

6.3AI score0.00333EPSS
Exploits0References8
Cvelist
Cvelist
added 2007/10/23 1:0 a.m.16 views

CVE-2003-1452

Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program...

7.2AI score0.00522EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/10/17 1:0 a.m.23 views

CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program...

6.8AI score0.00954EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2007/05/10 12:0 a.m.24 views

Debian DSA-1287-1 : ldap-account-manager - multiple vulnerabilities

Two vulnerabilities have been identified in the version of ldap-account-manager shipped with Debian 3.1 sarge. - CVE-2006-7191 An untrusted PATH vulnerability could allow a local attacker to execute arbitrary code with elevated privileges by providing a malicious rm executable and specifying a PA...

7.2CVSS5.7AI score0.01321EPSS
Exploits0References6
securityvulns
securityvulns
added 2007/01/22 12:0 a.m.45 views

MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability

Summary Apple provides the following description in the The Preference Application documentation: System Preferences is the standard location for presenting system-level preferences on OSX. The preference panes shipped with Mac OS X include panes affecting hardware such as the Sound, Mouse, and...

6.7AI score
Exploits0
NVD
NVD
added 2006/05/04 12:38 p.m.16 views

CVE-2006-2183

Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command...

7.2CVSS7.4AI score0.00573EPSS
Exploits1References6
Rows per page
Query Builder