JVN#27868039: GVim may insecurely load dynamic libraries

GVim is a text editor. GVim loads certain DLL's when TXT files are opened. GVim contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update the...

Sleipnir and Grani may insecurely load dynamic libraries

Overview Sleipnir and Grani may use unsafe methods for determining how to load DLLs. Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurel...

JVN#50610528: Sleipnir and Grani may insecurely load dynamic libraries

Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the...

JVN#48097065: TeraPad may insecurely load dynamic libraries

TeraPad is a text editor. TeraPad loads certain DLL's when TXT files are opened. TeraPad contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update...

Lhaplus may insecurely load dynamic libraries

Overview Lhaplus may use unsafe methods for determining how to load DLLs. Lhaplus is a file compression/extraction software supporting multiple file formats. Lhaplus loads certain DLL's when files are extracted. Lhaplus contains an issue with the DLL search path, which may lead to insecurely...

JVN#82752978: Lhaplus may insecurely load dynamic libraries

Lhaplus is a file compression/extraction software supporting multiple file formats. Lhaplus loads certain DLL's when files are extracted. Lhaplus contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with...

Qt Creator code execution

Dynamic libraries are loaded with relative path...

US-CERT Technical Cyber Security Alert TA10-238A -- Microsoft Windows Insecurely Loads Dynamic Libraries

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-238A Microsoft Windows Insecurely Loads Dynamic Libraries Original release date: August 26, 2010 Last revised: -- Source: US-CERT Systems Affected Any application running on the Microsoft...

Novell Privileged User Manager code execution

It's possible to load dynamic libraries including ones from network shares by user's request...

Apple MacOS X Xcode OpenBase SQL privilege escalation

On executing tar from suid root application TAROPTIONS environment variable is not unset, making it possible to execute any application with root privileges. External application are executed with relative path. Dynamic libraries are loaded with relative path. Symbolic links problem...

Design/Logic Flaw

The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle...

CVE-2006-1442

The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle...

CVE-2006-1442

The CVE-2006-1442 issue affects Apple Mac OS X (CoreFoundation) where the bundle API loads dynamic libraries even if not requested by the client, enabling potential execution of arbitrary code from an untrusted bundle. Affected versions specified in the record are Mac OS X 10.3.9 and 10.4.6. The ...

CVE-2006-1442

The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle...

SUSE Linux privilege escalation

Multiple packages are erroneously compiled in a way dynamic libraries are loaded from current directory...

NView / XNView multimedia viewer / browser privilege escalation

Dynamic libraries from current directory are loaded on startup...

VMWare virtual machine privilege escalation

Dynamic libraries are searched in world writable directory...