Inside a Malicious PDF Attack

PDFs are widely used business file format, which makes them a common target for malware attacks. On the surface, PDFs are secure, but because they have so many “features,” hackers have learned how to hide attacks deep under the surface. By using a number of utilities, we are able to reverse...

EMC Networker weak permissions

Weak permissions for executable file...

OpenText FirstClass Client v 11.005 Code Execution

Exploit Title: OpenText FirstClass Client Delayed Code Executiion Date: Discovered 11/16/2010, Contacted OpenText 2/1/11 and 2/7/11, Released 4/11/2011 Author: Kyle Ossinger www.k0ss.net Email: email protected Software Link:...

CVE-2011-0458

CVE-2011-0458 is a local privilege escalation in Google Picasa up to version 3.7 where the vulnerability stems from an untrusted search path in the Locate on Disk feature. An attacker could place a Trojan horse executable in the current working directory to gain privileges when Picasa loads libra...

CVE-2011-0452

Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

Design/Logic Flaw

Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

CVE-2011-0452

Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

CVE-2011-0450

The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file...

Code injection

The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file...

Unrestricted file upload

Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm...

CVE-2010-3923

AttacheCase is vulnerable to an untrusted search path leading to privilege escalation via a Trojan horse executable in the current working directory, affecting AttacheCase before v2.70. Multiple sources (NVD entry CVE-2010-3923, Red Hat advisory, JVN entries) confirm the flaw and the fix is to up...

SuSE 11 Security Update : clamav (SAT Patch Number 2298)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...

Threat Outbreak Alert: Fake Western Union Money Transfer Transaction Email Messages on October 20, 2014

Medium Alert ID: 21930 First Published: 2010 December 1 13:41 GMT Last Updated: 2014 October 22 11:48 GMT Version: 20 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an attachment with information about a Western Union money transfer...

Design/Logic Flaw

Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3...

Design/Logic Flaw

Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory...

CVE-2010-3159

CVE-2010-3159 affects Explzh up to version 5.67, where an unsafe file search path may cause loading of unintended executables (.exe) when extracting files. This could allow an attacker to execute arbitrary code with the application’s privileges. Root cause: insecure executable loading due to how ...

CVE-2010-3160

Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory...

CVE-2010-2369

Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory...

Code injection

Cisco Secure Desktop CSD, when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file...

New Email Worm Turns Back the Clock on Virus Attacks

There appears to be an actual email worm in circulation right now, using the tried-and-true infection method of sending malicious emails to all of the names in a user’s email address book. As of Friday afternoon, the malicious files had been deleted from the remote server in the UK that was servi...