Microsoft Outlook2000Express 6.0 - Arbitrary Program Execution

Microsoft Outlook2000Express 6.0 - Arbitrary Program Execution source: https://www.securityfocus.com/bid/6923/info Microsoft Outlook and Outlook Express may execute arbitrary programs through objects embedded in HTML email messages. When an email message or newsgroup message is viewed using...

Microsoft Outlook2000/Express 6.0 - Arbitrary Program Execution

source: https://www.securityfocus.com/bid/6923/info Microsoft Outlook and Outlook Express may execute arbitrary programs through objects embedded in HTML email messages. When an email message or newsgroup message is viewed using Outlook, a temporary object is created in the Internet Explorer cach...

[SECURITY] [DSA 204-1] New kdlibs packages fix arbitrary program execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 204-1 [email protected] http://www.debian.org/security/ Martin Schulze December 5th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 158-1] New gaim packages fix arbitrary program execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 158-1 [email protected] http://www.debian.org/security/ Martin Schulze August 27th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 158-1] New gaim packages fix arbitrary program execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 158-1 [email protected] http://www.debian.org/security/ Martin Schulze August 27th, 2002 http://www.debian.org/security/faq -...

CVE-2002-0532

EMU Webmail allows local users to execute arbitrary programs via a .. dot dot in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters...

CVE-2002-0767

simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges...

CVE-2001-0942

dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLEHOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLEHOME to an alternate directory that contains a malicious version of dbsnmp...

HP Openview NNM6.1 ovactiond bin exploit

Hello, Summery: HP Openview NNM6.1 and earlier running on unix have a problem with the suid bin executable ovactiond. It allows for starting of any program by just sending a trap or event to the station running the daemon. Details: in the trapd.conf the following is defined by default NNM6.1: EVE...

guninski31.txt

Georgi Guninski security advisory 31, 2001 Windows Media Player 7 and IE vulnerability - executing arbitrary programs Systems affected: Windows Media Player 7 and IE Risk: High Date: 1 January 2001 Legal Notice: This Advisory is Copyright c 2000 Georgi Guninski. You may distribute it unmo dified...

Windows Media Player 7 and IE vulnerability - executing arbitrary programs

Georgi Guninski security advisory 31, 2001 Windows Media Player 7 and IE vulnerability - executing arbitrary programs Systems affected: Windows Media Player 7 and IE Risk: High Date: 1 January 2001 Legal Notice: This Advisory is Copyright c 2000 Georgi Guninski. You may distribute it unmodified...

Microsoft Windows Media Player 7.0 - JavaScript URL

Microsoft Windows Media Player 7.0 - JavaScript URL source: https://www.securityfocus.com/bid/2167/info Windows Media Player is an application used for digital audio, and video content viewing. It can be embedded in webpages as an ActiveX control. It is possible to execute a javascript URL from...

OBJECT TYPE="text/html" may allow executing arbitrary programs in IE 5.5

Georgi Guninski security advisory 29, 2000 OBJECT TYPE="text/html" may allow executing arbitrary programs in IE 5.5 Systems affected: IE 5.5 probably 5.x and Outlook/Outlook Express, have not tested Risk: High Date: 23 November 2000 Legal Notice: This Advisory is Copyright c 2000 Georgi Guninski...

guninski23.txt

----- Forwarded message from Georgi Guninski ----- Approved-By: [email protected] Delivered-To: [email protected] Delivered-To: [email protected] X-Mailer: Mozilla 4.75 en Win98; U X-Accept-Language: en Date: Thu, 5 Oct 2000 15:19:28 +0300 Reply-To: Georgi Guninski...

IE 5.5/Outlook security vulnerability - com.ms.activeX.ActiveXComponent allows executing arbitrary programs

Georgi Guninski security advisory 23, 2000 IE 5.5/Outlook security vulnerability - com.ms.activeX.ActiveXComponent allows executing arbitrary programs Systems affected: IE 5.5/Outlook/Outlook Express - probably other versions, have not tested Risk: High Date: 5 October 2000 Legal Notice: This...

Microsoft Virtual Machine 2000310032003300 Series - com.ms.activeX.ActiveXComponent Arbitrary Program Execution

Microsoft Virtual Machine 2000310032003300 Series - com.ms.activeX.ActiveXComponent Arbitrary Program Execution source: https://www.securityfocus.com/bid/1754/info If a malicious website operator were to embed a specially crafted java object into a HTML document, it would be possible to execute...

Microsoft Virtual Machine 2000/3100/3200/3300 Series - 'com.ms.activeX.ActiveXComponent' Arbitrary Program Execution

source: https://www.securityfocus.com/bid/1754/info If a malicious website operator were to embed a specially crafted java object into a HTML document, it would be possible to execute arbitrary programs on a target host viewing the webpage through either Microsoft Internet Explorer or Outlook. Th...

Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases

Georgi Guninski security advisory 21, 2000 Double clicking on MS Office dpocuments from Windows Explorer may execute arbitrary programs in some cases Systems affected: MS Office 2000, Win98/Win2000 probably other applications Risk: Medium Date: 18 September 2000 Legal Notice: This Advisory is...

MS Word and MS Access vulnerability - executing arbitrary programs, may be exploited by IE/Outlook

Georgi Guninski security advisory 17, 2000 MS Word and MS Access vulnerability - executing arbitrary programs, may be exploited by IE/Outlook Systems affected: MS Word and MS Access 2000 with or without Service Release 1a IE and Outlook may be also used, but are not needed / Windows 98 - almost...

Corel Linux OS 1.0 - get_it PATH

Corel Linux OS 1.0 - getit PATH source: https://www.securityfocus.com/bid/928/info A component of the "Corel Update" utility distributed with Corel's Linux OS is vulnerable to a local PATH vulnerability. The binary "getit", which is stored in /usr/X11R6/bin, is setuid root installed by default on...