FFFTP < 1.98d Untrusted Search Path Vulnerability (Dec 2011) - Windows

FFFTP is prone to untrusted search path vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FFFTP Untrusted Search Path Vulnerability (Windows)

The host is running FFFTP and is prone to untrusted search path vulnerability. OpenVAS Vulnerability Test $Id: gbffftpuntrustedsearchpathvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ FFFTP Untrusted Search Path Vulnerability Windows Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks...

FFFTP < 1.98b Untrusted Search Path Vulnerability - Windows

FFFTP is prone to untrusted search path vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787...

DSquare Exploit Pack: D2SEC_CISCOANY

Name| d2secciscoany ---|--- CVE| CVE-2011-2040 Exploit Pack| D2ExploitPack Description| Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability Notes|...

CVE-2011-1036

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System HIPS 8.1, as used in CA Internet Security Suite ISS 2010, allows remote attacker...

CVE-2011-0638

Microsoft Windows does not properly warn the user before enabling additional Human Interface Device HID functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that...

CVE-2011-0640

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device HID functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a...

Null pointer dereference

Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device HID functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the...

CVE-2011-0639

Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device HID functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the...

CVE-2011-0639

CVE-2011-0639 affects Apple Mac OS X where enabling HID functionality over USB can be performed without user warning. The embedded issue allows user-assisted attackers to run arbitrary code via crafted USB data, demonstrated by keyboard/mouse data sent by malware on a smartphone connected to the ...

Design/Logic Flaw

The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a "...

Foxit Reader < 3.2.1 Arbitrary Program Execution

The version of Foxit Reader installed on the remote Windows host is prior to 3.2.1. It is, therefore, affected by an arbitrary program execution vulnerability related to certain '/Type /Action /S /Launch' or '/Launch /Action' sequences. An attacker can exploit these, by tricking a user into openi...

Office OCX Multiple ActiveX Controls OpenWebFile Arbitrary Program Execution

Office OCX provides multiple software products that parse various Microsoft Office documents. Some of these products include Word Viewer OCX, Excel Viewer OCX, PowerPoint Viewer OCX, and Office Viewer OCX. These products act as ActiveX document containers to create, open, edit, and print...

Ubuntu 8.04 LTS / 8.10 / 9.04 : nagios2, nagios3 vulnerability (USN-795-1)

It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server. Note that Tenable Network Security has extracted the preceding description block directly from t...

Symantec Alert Management System 2 multiple vulnerabilities

SUMMARY The version of Alert Management System 2 AMS2 used by some versions of Symantec System Center, Symantec Antivirus Server, and Symantec AntiVirus Central Quarantine Server contains four vulnerabilities. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec AntiVirus Corporate...

Design/Logic Flaw

Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...

CVE-2008-4699

Insecure method vulnerability in the ActiveX control PAWWeb11.ocx in Peachtree Accounting 2004 allows remote attackers to execute arbitrary programs via the ExecutePreferredApplication method...

CVE-2008-0581

Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch...

CVE-2008-0581

Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch...