286 matches found
CVE-2006-2511
CVE-2006-2511 concerns the ActiveX version of FrontRange iHEAT. The vulnerability arises when an authenticated user uploads a file with an extension not associated with an application and selects it via the Open With dialog, potentially allowing execution of arbitrary programs or access to arbitr...
CVE-2006-0015
Cross-site scripting XSS vulnerability in vtibin/vtiadm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the 1...
Information disclosure
gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-1485
gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-1485
gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2005-2711
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to...
CVE-2006-0845
CVE-2006-0845 affects Leif M. Wright's Blog 3.5. The vulnerability arises when an administrator can configure the sendmail path to a malicious pathname, allowing remote authenticated users with admin privileges to execute arbitrary shell commands. The EVULN/SECURITYVULNS records indicate a shell ...
Design/Logic Flaw
GUI display truncation vulnerability in ICQ Inc. formerly Mirabilis ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...
CVE-2003-1291
VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables...
[SA15907] Mozilla Thunderbird Attachment Spoofing Vulnerability
TITLE: Mozilla Thunderbird Attachment Spoofing Vulnerability SECUNIA ADVISORY ID: SA15907 VERIFY ADVISORY: http://secunia.com/advisories/15907/ CRITICAL: Less critical IMPACT: Spoofing, System access WHERE: From remote SOFTWARE: Mozilla Thunderbird 1.x http://secunia.com/product/4652/ DESCRIPTION...
Ubuntu 4.10 / 5.04 : util-linux vulnerability (USN-184-1)
David Watson discovered that 'umount -r' removed some restrictive mount options like the 'nosuid' flag. If /etc/fstab contains user-mountable removable devices which specify the 'nosuid' flag which is common practice for such devices, a local attacker could exploit this to execute arbitrary...
CVE-2005-2711
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to...
GLSA-200512-17 : scponly: Multiple privilege escalation issues
The remote host is affected by the vulnerability described in GLSA-200512-17 scponly: Multiple privilege escalation issues Max Vozeler discovered that the scponlyc command allows users to chroot into arbitrary directories. Furthermore, Pekka Pessi reported that scponly insufficiently validates...
[EXPL] F-Secure Internet Gatekeeper Local Root (Exploit)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Open WebMail userstat.pl Arbitrary Command Execution
The target is running at least one instance of Open WebMail in which the userstat.pl component fails to sufficiently validate user input. SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
X11 Server Unauthenticated Access
The remote X11 server accepts connections from anywhere. An attacker can connect to it to eavesdrop on the keyboard and mouse events of a user on the remote host. It is even possible for an attacker to grab a screenshot of the remote host or to display arbitrary programs. An attacker can exploit...
CVE-2005-3113
The ActiveX control for NateOn Messenger NateonDownloadManager.ocx allows remote attackers to download and execute arbitrary programs by setting the arguments to the GotNate.Excute method...
CVE-2005-3113
CVE-2005-3113 affects NateOn Messenger: the ActiveX control NateonDownloadManager.ocx lets remote attackers set arguments to GotNate.Excute to download and run arbitrary programs. The impact is remote code execution on the vulnerable host; exploitation status and concrete mitigations are not deta...
USN-184-1: umount vulnerability
David Watson discovered that "umount -r" removed some restrictive mount options like the "nosuid" flag. If /etc/fstab contains user-mountable removable devices which specify the "nosuid" flag which is common practice for such devices, a local attacker could exploit this to execute arbitrary...
Opera < 8.02 Multiple Vulnerabilities
The remote host is using Opera, an alternative web browser. The version of Opera installed on the remote host contains several flaws. One involves imaging dragging and could result in cross-site scripting attacks and user file retrieval. A second may let attackers spoof the file extension in the...