390 matches found
CVE-2013-6660
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site...
Code injection
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site...
CVE-2013-6660
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site...
CVE-2013-6660
Removed by vendor...
Microsoft Antimalware Client Privilege Elevation Vulnerability (2823482)
This host is missing an important security update according to Microsoft Bulletin MS13-034. OpenVAS Vulnerability Test $Id: secpodms13-034.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft Antimalware Client Privilege Elevation Vulnerability 2823482 Authors: Veerendra GG Copyright: Copyright c 2013...
MS13-034: Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)
The remote host is running a version of the Microsoft Antimalware Client that could allow elevation of privilege due to the way that pathnames are used. By successfully exploiting this vulnerability, an attacker could execute arbitrary code and take complete control of an affected system. But the...
CVE-2013-0895
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors...
CVE-2013-0842
Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors...
CVE-2013-0842
Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors...
Design/Logic Flaw
Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors...
CVE-2013-0842
Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors...
CVE-2013-0842
Technical details about CVE-2013-0842 are not publicly provided in the connected documents. Monitor for updates from OpenVAS and GLSA entries; sources reference Chrome vulnerabilities in general but do not provide specifics for this CVE.
CVE-2013-0842
Removed by vendor...
PT-2013-1937 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA devices with firmware 8.4 Description: The issue is related to improper validation of unspecified input concerning UNC share pathnames, which can be exploited by remote authenticated users to cause a...
Ubuntu: Security Advisory (USN-1312-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for linux-ti-omap4 USN-1304-1
Ubuntu Update for Linux kernel vulnerabilities USN-1304-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13041.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ti-omap4 USN-1304-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...
Ubuntu Update for linux-ti-omap4 USN-1302-1
Ubuntu Update for Linux kernel vulnerabilities USN-1302-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13021.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ti-omap4 USN-1302-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...
DEBIAN-CVE-2011-4675
The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading tilde characters to home-directory pathnames but does not restrict use of these characters in strings received from the network, which might allow remote attackers to conduct absolu...
DEBIAN-CVE-2011-1932
Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . dot characters in a pathname that is used for a file transfer in an Internet game...
fuse: unprivileged user can unmount arbitrary locations via symlink attack
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789...