12 matches found
CVE-2023-37243
The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible t...
Untrusted Search Path
Overview Affected versions of this package are vulnerable to Untrusted Search Path due to the use of an unprotected C:\Windows\Temp directory to copy and execute binaries. When executed as SYSTEM user, the process uses GetTempPathW which points to this insecure directory, allowing standard users ...
Untrusted Search Path
Overview Affected versions of this package are vulnerable to Untrusted Search Path due to the use of an unprotected C:\Windows\Temp directory to copy and execute binaries. When a bundle runs as the SYSTEM user, it uses GetTempPathW which points to this insecure directory to drop and load multiple...
PT-2023-15623 · Acuant · Acuant Acufill Sdk
Name of the Vulnerable Software and Affected Versions: Acuant AcuFill SDK versions prior to 10.22.02.03 Description: An issue was discovered in the Acuant AcuFill SDK. During installation, an executable file gets executed out of the C:WindowsTemp directory. A standard user can create the path fil...
PT-2022-6663 · Cisco · Cisco Secure Client
Name of the Vulnerable Software and Affected Versions: Cisco Secure Client formerly Cisco AnyConnect Secure Mobility Client versions affected versions not specified Description: A vulnerability in the client update process of Cisco Secure Client Software for Windows could allow a low-privileged,...
CVE-2018-5731
An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the...
Race condition
A race condition in the wmimalwarescan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program...
CVE-2014-2848
CVE-2014-2848 describes a local privilege-escalation flaw in Nessus 5.2.1, caused by a race condition in the wmi_malware_scan.nbin plugin before 201402262215. Attackers could replace the dissolvable agent executable in the Windows Temp directory with a Trojan horse to gain privileges. Connected s...
AOL Instant Messenger 4.x - Arbitrary File Creation
source: https://www.securityfocus.com/bid/4526/info An issue has been reported, which could allow an AIM user to save files to arbitrary locations. Reportedly, this is achievable when a direct connection is made between two AIM users. Files that are sent to a user include an img tag and a data ta...
AOL Instant Messenger 4.x - Arbitrary File Creation
AOL Instant Messenger 4.x - Arbitrary File Creation source: https://www.securityfocus.com/bid/4526/info An issue has been reported, which could allow an AIM user to save files to arbitrary locations. Reportedly, this is achievable when a direct connection is made between two AIM users. Files that...
Microsoft Active Movie Control 1.0 - Filetype
Microsoft Active Movie Control 1.0 - Filetype source: https://www.securityfocus.com/bid/1221/info The Microsoft Active Movie Control a multimedia ActiveX control will download files of any type specified in the control parameters in an HTML document, regardless of whether or not they are a valid...
Microsoft Active Movie Control 1.0 - Filetype
source: https://www.securityfocus.com/bid/1221/info The Microsoft Active Movie Control a multimedia ActiveX control will download files of any type specified in the control parameters in an HTML document, regardless of whether or not they are a valid media type. A hostile website, HTML email or...