565 matches found
UBUNTU-CVE-2013-2111
The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...
ElasticSearch Remote Code Execution Exploit
Exploit for multiple platform in category web applications body padding-top: 50px; .starter-template padding: 40px 15px; text-align: center; function esinject var readfile; var writefile; readfile = functionfilename return "import java.util.;\nimport java.io.;\nnew Scannernew File"" + filename +...
CVE-2013-6955 Synology DSM remote code execution
Products Affected By CVE-2013-6955 Diskstation Manager 4.0 4.2 4.3 4.3-3810 Vendor: Synology Status: Patched webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary...
HP-UX rlpdaemon Local .rhosts Append
!/opt/perl5/bin/perl -w HP-UX rlpdaemon local exploit Bulletin HPSBUX0111-176 November 2001 For use only on machines where you have legitimate root. This attempts to add junk including "localhost +" to /.rhosts. Obvious variants could include /etc/passwd. use IO::Socket; $PORT = 9000; pick...
CVE-2013-2913
CVE-2013-2913 is a use-after-free in Blink’s XMLDocumentParser::append within Chromium-based browsers (Chrome/Chromium 30 era). The flaw in XML document parsing can lead to denial of service or other unspecified impact. Public references in the initial description indicate the issue affected Chro...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
CVE-2011-1679
ncpfs 2.2.6 and earlier attempts to use 1 ncpmount to append to the /etc/mtab file and 2 ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small...
CVE-2011-0017
The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack...
Alt-N WebAdmin Source Code Disclosure
Vulnerable: v3.3.3 Vendor: www.altn.com Category: Environment Error Vulnerable ======== Alt-N WebAdmin 3.3.3 U-Mail for Windows V9.8 U-Mail GateWay for Windows V9.8 Details: ========= A source code disclosure vulnerability exists with Alt-N WebAdmin Server. Remote attacker can be exploited to...
Firefox race condition flaw (MFSA 2010-73)
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...
Firefox race condition flaw (MFSA 2010-73)
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...
Firefox race condition flaw (MFSA 2010-73)
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...
Firefox race condition flaw (MFSA 2010-73)
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...
CVE-2010-2537
The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...
CVE-2010-2537
The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...
CVE-2010-2537
The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...
PT-2010-4090 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.35 Description: The issue allows local users to overwrite an append-only file. This can be achieved via a BTRFS IOC CLONE or BTRFS IOC CLONE RANGE ioctl call that specifies the append-only file as a donor...
Design/Logic Flaw
The mextcheckarguments function in fs/ext4/moveextent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVEEXT ioctl call that specifies this file as a donor...