Lucene search
K

8691 matches found

CVE
CVE
added 2004/09/01 4:0 a.m.51 views

CVE-2002-1184

The CVE-2002-1184 entry describes that the Windows 2000 system root folder has default Everyone:F permissions and is searched during login or program launch, enabling privilege escalation via Trojan horse programs. Affected software: Microsoft Windows 2000 (system root folder permissions in the s...

4.6CVSS7.2AI score0.01887EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.24 views

CVE-2002-1472

Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LDPRELOAD environment variable that points to a malicious module...

6.5AI score0.00369EPSS
Exploits1References7
CVE
CVE
added 2004/09/01 4:0 a.m.69 views

CVE-2002-1472

CVE-2002-1472 describes an untrusted search path vulnerability in XFree86’s libX11.so used by setuid/setgid programs. A local attacker can leverage a modified LD_PRELOAD to point to a malicious module and gain root privileges; impact is local privilege escalation. The vulnerability is associated ...

7.2CVSS6.5AI score0.00369EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2003/12/31 5:0 a.m.9 views

CVE-2003-1452

Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program...

3.6CVSS7.2AI score0.00522EPSS
Exploits1References5
NVD
NVD
added 2003/03/03 5:0 a.m.19 views

CVE-2002-1472

Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LDPRELOAD environment variable that points to a malicious module...

7.2CVSS6.5AI score0.00369EPSS
Exploits1References7
CVE
CVE
added 2001/09/12 4:0 a.m.45 views

CVE-1999-1232

The CVE-1999-1232 entry concerns SGI IRIX 6.2, specifically the day5datacopier component. The vulnerability arises from an untrusted search path: a local user can influence PATH to point to a malicious cp program, enabling arbitrary command execution. Impact is local confidentiality, integrity, a...

7.2CVSS7.9AI score0.00393EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.16 views

CVE-1999-1232

Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program...

7.2AI score0.00393EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/04/14 12:0 a.m.23 views

mkpasswd: acutally its worse than just not many passwords

due to a fault in expect the interpreter that runs the mkpasswd script it is trivially easy to cause arbitrary commands to be executed by someone else. under RH7.0 anyway the search path for libs for it includes /var/tmp/ check out http://bugzilla.redhat.com/bugzilla/showbug.cgi?id=28224 for...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2000/09/18 12:0 a.m.20 views

Microsoft Windows NT 4.02000 - DLL Search Path

Microsoft Windows NT 4.02000 - DLL Search Path source: https://www.securityfocus.com/bid/1699/info When a program executes under Microsoft Windows, it may require additional code stored in DLL library files. These files are dynamically located at run time, and loaded if necessary. A weakness exis...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2000/09/18 12:0 a.m.23 views

Microsoft Windows NT 4.0/2000 - DLL Search Path

source: https://www.securityfocus.com/bid/1699/info When a program executes under Microsoft Windows, it may require additional code stored in DLL library files. These files are dynamically located at run time, and loaded if necessary. A weakness exists in the algorithm used to locate these files...

7.4AI score
Exploits0
NVD
NVD
added 1997/05/16 4:0 a.m.12 views

CVE-1999-1232

Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program...

7.2CVSS0.00393EPSS
Exploits0References3
Rows per page
Query Builder