649 matches found
CVE-2010-3963
Buffer overflow in the Routing and Remote Access NDProxy component in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, related to the Routing and Remote Access service RRAS and improper copying from user mode to th...
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2436673)
This host is missing a critical security update according to Microsoft Bulletin MS10-098. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
WSN Links SQL Injection Vulnerability
Exploit for php platform in category web applications ===================================== WSN Links SQL Injection Vulnerability ===================================== I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injectio...
Remote file inclusion
DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly resolve pathnames in certain circumstances involving an application's save panel, which allows user-assisted remote attackers to trigger unintended remote file copying via a crafted share name...
CVE-2010-0537
DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly resolve pathnames in certain circumstances involving an application's save panel, which allows user-assisted remote attackers to trigger unintended remote file copying via a crafted share name...
CVE-2010-0537
CVE-2010-0537 affects DesktopServices in Mac OS X 10.6 up to 10.6.2. A path-resolution flaw during an application’s save panel could allow a user‑assisted remote attacker to trigger unintended remote file copying via a crafted share name. The Red Hat advisory reiterates the same description. Appl...
Healing hands as easily crack encrypted PDF file-vulnerability warning-the black bar safety net
PDF is a common E-BOOK format, but some PDF files for some reason encrypted, the e-book The print and copy functions shut off, thus using up more trouble, in fact we as long as the PDF file Reader software Acrobat Reader a slight bit of modification, you can cancel the print and copy restrictions...
[Backports-security-announce] Security Update for devscripts
Adam D. Barratt uploaded new packages for devscripts which fixed the following security problems: Debian BTS 507482 When copying files from a remote host for signing, the temporary directory created was named based on the process ID rather than using mktemp. Debian BTS 508111 A call to mktemp use...
Default configuration
The default configuration of Adobe Flash Media Server FMS 3.0 does not enable SWF Verification for 1 RTMPE and 2 RTMPTE sessions, which makes it easier for remote attackers to make copies of video content via stream-capture software...
CVE-2008-4113
The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...
security flaw
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated ...
Untrusted Application or Applet May Move or Copy Arbitrary Files
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier does not properly enforce access restrictions for untrusted 1 applications and 2 applets, which allows user-assisted remote attacke...
Race condition
Multiple race conditions in 1 certain rules and 2 argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb...
CVE-2007-1862
The recallheaders function in modmemcache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information...
CVE-2007-1830
Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote attackers to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch", and possibly related to copying...
DEBIAN-CVE-2006-3812
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links...
vulnerabilities: CVE-2006-{3113,3677,3801-3812}
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links...
Kept in purdah who did not know: FU_Rootkit-vulnerability warning-the black bar safety net
I in 2 0 0 4 year 1 1 period of black anti-posted on the gadgets clever to delete the Guest/Administrator accounts on this article, there are a lot of friends asking about tools is how to write, in fact this tool inside most of the code is my copy FURootkit over. Since friends like, these days I'...
PHP-Nuke <= 5.2 Arbitrary File Upload Vulnerability
PHP-Nuke is prone to an arbitrary file upload vulnerability in admin.php. SPDX-FileCopyrightText: 2001 SecurITeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...
Low: Red Hat Security Advisory: dump security update
Updated dump packages that address two security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team. Dump examines files in a file system, determines which ones need to be backed up, and copies...