LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation

LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation var sofa = "..\..\..\..\..\..\..\..\..\Documents and Settings\All Users\Start Menu\Programs\Startup\thedoctorisin.hta"; var king = "Oh noz, Look what DrIDE did... var x=new ActiveXObject"WScript.Shell";...

LiquidXML Studio 2010 ActiveX Remote 0-day

Exploit for windows platform in category local exploits var sofa = "..\..\..\..\..\..\..\..\..\Documents and Settings\All Users\Start Menu\Programs\Startup\thedoctorisin.hta"; var king = "Oh noz, Look what DrIDE did... var x=new ActiveXObject"WScript.Shell"; x.Exec"CALC.EXE"; ";...

LiquidXML Studio 2012 Active-X File Creation

var sofa = "..\..\..\..\..\..\..\..\..\Documents and Settings\All Users\Start Menu\Programs\Startup\thedoctorisin.hta"; var king = "Oh noz, Look what DrIDE did... var x=new ActiveXObject"WScript.Shell"; x.Exec"CALC.EXE"; "; target.OpenFilesofa,1; target.AppendStringking; LiquidXML...

File Attachment persistent XSS

There is a persistent XSS vulnerability in the attachment download functionality of Confluence. By uploading a malicious executable file type like SVG scalable vector graphics with embedded JavaScript, it’s possible for an attacker to execute arbitrary code under the context of the logged in user...

Design/Logic Flaw

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory...

Smartfren Connex EC 1261-2 UI OUC - Local Privilege Escalation

========================================================================== Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability ==========================================================================...

Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits ========================================================================== Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability ==========================================================================...

New PDF Attack Targets Aviation Defense Industry

FireEye reported today it had detected a new critical PDF attack targeting the aviation defense industry. Malware Page exploits a stack-based buffer overflow vulnerability in Adobe Acrobat and Adobe Reader. An attacker would be able to execute code remotely via a crafted argument to the getIcon...

CVE-2012-3974

Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory...

CVE-2012-3974

Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory...

Code injection

Tunnelblick 3.3beta20 and earlier relies on argv0 to determine the name of an appropriate 1 kernel module pathname or 2 executable file pathname, which allows local users to gain privileges via an execl system call...

CVE-2012-3485

CVE-2012-3485 affects Tunnelblick 3.3beta20 and earlier. The root cause is that the launcher relies on argv[0] to determine the name of an appropriate kernel module or executable pathname, enabling a local attacker to gain privileges via an execl system call. Public references and connected docum...

Scientific Linux Security Update : kernel on SL3.x i386/x86_64

A flaw was found in the handling of process death signals. This allowed a local user to send arbitrary signals to the suid-process executed by that user. A successful exploitation of this flaw depends on the structure of the suid-program and its signal handling. CVE-2007-3848, Important A flaw wa...

CVE-2012-1894

Microsoft Office for Mac 2011 uses world-writable permissions for the "Applications/Microsoft Office 2011/" directory and certain other directories, which allows local users to gain privileges by placing a Trojan horse executable file in one of these directories, aka "Office for Mac Improper Fold...

Threat Outbreak Alert: Fake DHL Express Tracking Notification Email Messages on February 3, 2014

Medium Alert ID: 26262 First Published: 2012 June 27 20:46 GMT Last Updated: 2014 February 4 13:56 GMT Version: 26 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a DHL Express tracking notification for the recipient. The text in the...

Linux 3.x.x Executable File Read Exploit

Exploit for linux platform in category local exploits Exploit Title: Linux 3.x.x Executable File Read Exploit Date: 6/26/12 Author: Blade Version: 3.x.x Category:: Local Root Exploit Tested on: Linux, Ubuntu Demo site: 3 vulnerable site, this will speed up check !/bin/sh 3.x.x local root exp By:...

CVE-2012-2040

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe...

CVE-2012-2273

Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service system crash via a crafted 32-bit Portable Executable PE file with a kernel ImageBase value...

CVE-2012-2123

The capbprmsetcreds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities aka fcaps for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted applicatio...

ALFTP Insecure Executable File Loading Vulnerability

This host is installed with ALFTP and is prone to insecure executable file loading vulnerability. OpenVAS Vulnerability Test $Id: secpodalftpinsecureexecfileloadvuln.nasl 6018 2017-04-24 09:02:24Z teissa $ ALFTP Insecure Executable File Loading Vulnerability Authors: Madhuri D Copyright: Copyrigh...