Lucene search
K

182 matches found

securityvulns
securityvulns
added 2009/01/21 12:0 a.m.68 views

US-CERT Technical Cyber Security Alert TA09-020A -- Microsoft Windows Does Not Disable AutoRun Properly

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-020A Microsoft Windows Does Not Disable AutoRun Properly Original release date: January 20, 2009 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows Overview Disabling...

0.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2009/01/21 12:0 a.m.5 views

PT-2009-2915 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue allows attackers to execute arbitrary code through various means, including inserting CD-ROM or DVD media, connecting a USB or Firewire device, mapping a network drive, ...

7.2CVSS7.2AI score0.06283EPSS
Exploits0References4
myhack58
myhack58
added 2008/12/25 12:0 a.m.16 views

Make the server a reboot infinite loop-bug warning-the black bar safety net

The injection loop Source: Chinese hackers Alliance Sometimes, we go through the database backup a batch to the Startup menu, you want the server on the next restart to run our batch processing. But we, Ah, etc., the server is not restarting, what should I do? Allow administrator to help us resta...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2008/08/01 12:0 a.m.26 views

Citrix Metaframe Privilege escalation

Autorun item path is not fully specified...

3.9AI score
Exploits0References1Affected Software2
Packet Storm
Packet Storm
added 2008/07/10 12:0 a.m.20 views

wefi3330-lfi.txt

================================================== INFO ================================================== The wireless client, WeFi v3.3.3.0 is susceptible to a local information disclosure due to irresponsible coding. Earlier versions may also be affected...

7.4AI score
Exploits0
Prion
Prion
added 2008/03/24 10:44 p.m.27 views

Code injection

Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a 1 CD-ROM device or 2 U3-enabled USB device containing a filesystem with an...

9.3CVSS7.8AI score0.30112EPSS
Exploits0References7
CVE
CVE
added 2008/03/24 10:0 p.m.74 views

CVE-2008-0951

CVE-2008-0951 affects Windows Vista/Server 2008 where NoDriveTypeAutoRun is not properly enforced. The vulnerability allows code execution via (1) CD-ROM AutoRun paths or (2) U3-enabled USB devices containing an Autorun.inf file, with user-assisted remote or physically proximate access. Microsoft...

9.3CVSS7.3AI score0.30112EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2008/03/24 10:0 p.m.42 views

CVE-2008-0951

Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a 1 CD-ROM device or 2 U3-enabled USB device containing a filesystem with an...

7.3AI score0.30112EPSS
Exploits0References7
CERT
CERT
added 2008/03/20 12:0 a.m.51 views

Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value

Overview Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value, which may prevent Windows from effectively disabling AutoRun and AutoPlay features. Description AutoRun, which was introduced with Windows 95, is a feature that causes Windows to automatically take an actio...

9.3CVSS7AI score0.30112EPSS
Exploits0References11
myhack58
myhack58
added 2008/01/04 12:0 a.m.51 views

The coolest windows Backdoor-vulnerability warning-the black bar safety net

The back door principle: Go to: small Chapter blog http://blog.csdn.net/scz123/archive/2007/03/14/1528695.aspx In windows 2 0 0 0/xp/vista, press shift key 5 times, you can open the sticky position, 会运行sethc.exe and, in the login interface may also be open. It's reminiscent of a WINDOWS...

7.8AI score
Exploits0
CERT
CERT
added 2006/04/12 12:0 a.m.29 views

SunnComm MediaMax privilege elevation vulnerability

Overview SunnComm MediaMax contains a privilege elevation vulnerability, which may allow a user with limited rights to execute code with elevated privileges. Description SunnComm MediaMax SunnComm MediaMax is copy protection software that is automatically installed by some audio CDs. Sony BMG has...

4.6CVSS7.1AI score0.00468EPSS
Exploits1References7
myhack58
myhack58
added 2006/03/13 12:0 a.m.28 views

Analysis from Autorun. inf file of the attack-vulnerability warning-the black bar safety net

Recently the popular online via the AutoRun. inf file so that the each other all the hard drive completely shared, or in the Trojan horse method, since the AutoRun. inf files in hack technology the application is still very rare, the corresponding data is not much, there are a lot of people feel...

Exploits0
CVE
CVE
added 2005/12/30 11:0 a.m.44 views

CVE-2005-4590

CVE-2005-4590 : Affects Spb Kiosk Engine 1.0.0.1. Local users can bypass restrictions on allowed applications via (1) removable media with an autorun-executing program and (2) applications that invoke other apps, demonstrated by a file: URL for a .exe. Root cause is bypass of application-restrict...

4.6CVSS6.8AI score0.0033EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2002/10/04 4:0 a.m.12 views

CVE-2002-0915

autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file...

2.1CVSS6.3AI score0.00387EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.18 views

CVE-2002-0915

autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file...

6.3AI score0.00387EPSS
Exploits0References3
CVE
CVE
added 2002/08/31 4:0 a.m.43 views

CVE-2002-0915

CVE-2002-0915 affects Xandros-based Linux distributions. A local user can abuse the autorun facility with the -c parameter to cause autorun to print the first line of an arbitrary file. The issue is described as a local-priority information disclosure without remote access. The NVD entry assigns ...

2.1CVSS6.7AI score0.00387EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2002/06/03 12:0 a.m.32 views

xandros-autorun.txt

There is a new debian based distro called Xandros making its way on to the market.I believe the developers from Corel Linux are on board with Xandros. It has at least one public beta and another on the way and I know of at least one OS that uses it as its backend. I got a chance to play on a coup...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2000/02/23 5:0 a.m.24 views

CVE-2000-0155

Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive...

6.6AI score0.03939EPSS
Exploits1References2
CVE
CVE
added 2000/02/23 5:0 a.m.62 views

CVE-2000-0155

CVE-2000-0155 affects Windows NT Autorun: the system executes the autorun.inf file on non-removable media, allowing a local attacker to specify an alternate program to run when other users access a drive. The provided documents describe the vulnerability in terms of its existence and impact (loca...

7.2CVSS7AI score0.03939EPSS
Exploits1References2Affected Software3
NVD
NVD
added 2000/02/18 5:0 a.m.18 views

CVE-2000-0155

Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive...

7.2CVSS6.6AI score0.03939EPSS
Exploits1References2
Rows per page
Query Builder