1024 matches found
CVE-2014-2383 - Arbitrary file read in dompdf
Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 partial fix Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is present on dompdf.php file that allows remote or local...
CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...
DEBIAN-CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...
CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...
UBUNTU-CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...
CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...
PT-2014-4669 · Dompdf · Dompdf
Name of the Vulnerable Software and Affected Versions: dompdf versions prior to 0.6.1 Description: The issue allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input file parameter. This can be demonstrated by using a...
CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...
dompdf 0.6.0 Arbitrary File Read Vulnerability
Exploit for php platform in category web applications Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 partial fix Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is...
DEBIAN-CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
Design/Logic Flaw
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
CVE-2011-4099
The CVE-2011-4099 issue affects the capsh program in libcap prior to version 2.22, where the current working directory is not changed when --chroot is used, enabling local users to bypass chroot restrictions. Affected component: libcap (capsh utility). Root cause: chroot handling does not chdir t...
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
stunnel: Arbitrary code execution
Background The stunnel program is designed to work as an SSL encryption wrapper between a client and a local or remote server. Description A buffer overflow vulnerability has been discovered in stunnel. Please review the CVE identifier referenced below for details. Impact A remote attacker could...
Juniper Junos J-Web - Privilege Escalation Vulnerability
Exploit for php platform in category web applications Sense of Security - Security Advisory Release Date. 10-Sep-2013 Last Update. - Vendor Notification Date. 27-Sep-2012 Product. Juniper Junos J-Web Platform. Junos Affected versions. All builds prior to 2013-02-28 are affected Severity Rating...
Juniper Junos J-Web - Privilege Escalation
Juniper Junos J-Web - Privilege Escalation Sense of Security - Security Advisory - SOS-13-003 security advisory Release Date. 10-Sep-2013 Last Update. - Vendor Notification Date. 27-Sep-2012 Product. Juniper Junos J-Web Platform. Junos Affected versions. All builds prior to 2013-02-28 are affecte...
CentOS 4 : vixie-cron (CESA-2005:361)
An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specifie...