7 matches found
EUVD-2001-0633
Malware in sbrugna...
CVE-2010-3365
Mistelix 0.31 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2018-19352
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely...
CVE-2018-19352
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely...
CVE-2010-3381
The 1 tangerine and 2 tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3386
usttrace in LTTng Userspace Tracer aka UST 0.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2006-5969
CVE-2006-5969 affects fvwm up to 2.5.18 (and earlier variants) with a CRLF injection in the evalFolderLine path used by fvwm-menu-directory. The issue allows local attackers to run arbitrary commands by crafting directory names that trigger the shell, as described for a variant of CVE-2003-1308. ...