NULL FTP Server 1.1.0.7 SITE Parameters Command Injection Vuln

Exploit for unknown platform in category remote exploits ============================================================== NULL FTP Server 1.1.0.7 SITE Parameters Command Injection Vuln ============================================================== vuln.sg Vulnerability Research Advisory NULL FTP...

MS08-038: Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)

The remote version of Windows contains a version of the Windows Shell that contains a vulnerability in the way it handles saved searches. An attacker might use this flaw to trick an administrator to execute a saved search and therefore execute arbitrary commands on his behalf. C Tenable Network...

Mozilla Foundation Security Advisory 2007-27

Mozilla Foundation Security Advisory 2007-27 Title: Unescaped URIs passed to external programs Impact: Critical Announced: July 30, 2007 Reporter: Jesper Johansson Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.6 Thunderbird 2.0.0.6 Thunderbird 1.5.0.13 SeaMonkey 1.1.4...

Windows Shell 中的漏洞可能允许特权提升(MS07-006)

在 Windows Shell 操作系统执行新硬件的检测和登记的方式中存在特权提升漏洞。 授权用户可通过利用此漏洞完全控制系统。 Microsoft Windows XP Service Pack 2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 和 Microsoft Windows Server 2003 Service Pack 1 Microsoft Windows Server 2003（用于基于 Itanium 的系统）和 Microsoft Windows Server...

Hardcoded credentials

The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of new hardware."...

CVE-2007-0211

The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of new hardware."...

Microsoft Security Bulletin MS07-006 Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)

Microsoft Security Bulletin MS07-006 Vulnerability in Windows Shell Could Allow Elevation of Privilege 928255 Published: February 13, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Elevation of Privilege Maximum Severity Ratin...

MS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)

The remote version of Windows contains a version of the Windows Shell that contains a vulnerability in the way it performs detection and registration of new hardware. An authenticated user may exploit this vulnerability to elevate his privileges. Tenable Network Security, Inc. include"compat.inc"...

CVE-2006-0012

CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...

Unchecked Buffer in XP Shell Could Enable System Compromise (329390)

It is possible for a malicious user to mount a buffer overrun attack using windows XP shell. SPDX-FileCopyrightText: 2002 SECNAP Network Security, LLC Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2005-2122

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut .lnk file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem CSRSS, a different vulnerability than...

CVE-2005-2118

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut .lnk file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows...

CVE-2005-2118

Summary (CVE-2005-2118 / CVE-2005-2122) : Both vulnerabilities stem from how Windows Shell handles .lnk shortcut files, enabling remote code execution through crafted shortcuts or properties. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003. The issues differ in the...

CVE-2005-2118

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut .lnk file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows...

Microsoft Security Bulletin MS05-049 Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)

Microsoft Security Bulletin MS05-049 Vulnerabilities in Windows Shell Could Allow Remote Code Execution 900725 Published: October 11, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating...

CVE-2005-0063

The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host MSHTA, as demonstrated using a...

CVE-2005-0063

The CVE-2005-0063 issue stems from Windows Shell/MSHTA handling of file associations. A remote code execution vulnerability exists when a user opens a specially crafted OLE2 document (e.g., Word) whose CLSID is manipulated to invoke HTML Application Host (MSHTA) to process the file. Exploitation ...

Microsoft Security Bulletin MS05-016 Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)

Microsoft Security Bulletin MS05-016 Vulnerability in Windows Shell that Could Allow Remote Code Execution 893086 Issued: April 12, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

MS05-016: Vulnerability in Windows Shell (893086)

The remote version of Windows contains a flaw in the Windows Shell that could allow an attacker to elevate his privileges and/or execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to lure a victim into visiting a malicious website or into opening a malicious...

Microsoft Security Bulletin MS05-008 Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)

Microsoft Security Bulletin MS05-008 Vulnerability in Windows Shell Could Allow Remote Code Execution 890047 Issued: February 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...