Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Executions

Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Executions // source: https://www.securityfocus.com/bid/42737/info Bloodshed Dev-C++ is prone to a vulnerability that lets attackers execute arbitrary code. This issue affects 'make.exe' and 'minw32-make.exe'. An attacker can exploit...

Microsoft Outlook AttachMethods Remote Code Execution (MS10-045; CVE-2010-0266)

Microsoft Outlook is an e-mail application and a personal information manager. A remote code execution vulnerability has been reported in the way that Microsoft Office Outlook tries to verify attachments in a specially crafted e-mail message. The vulnerability is due to an error in Microsoft Offi...

Double-clicking a link can unexpectedly run a program from the Internet – Opera Security Advisories

Double-clicking a link can unexpectedly run a program from the Internet – Opera Security Advisories OPCOM Team | June 29, 2010 Severity Moderately severe Description When a user clicks a link on a Web page that points to an executable file, Opera will show a download dialog to allow the user to...

CVE-2010-2336

index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter...

CVE-2010-2199

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to...

Design/Logic Flaw

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

CVE-2010-2198

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

CVE-2010-2059

lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1...

CVE-2010-2198

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

CVE-2005-4889

lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid or 2 setgid file, a related issue to CVE-2010-2059...

CVE-2010-2199

CVE-2010-2199 concerns lib/fsm.c in RPM 4.8.0 and earlier, which does not properly reset executable file metadata during upgrade or removal. This can allow local users to bypass access restrictions by creating a hard link to a vulnerable file that has a POSIX ACL (related to CVE-2010-2059). The p...

CVE-2010-2059

CVE-2010-2059 affects RPM package manager: lib/fsm.c in RPM 4.8.0 and, per the description, unspecified 4.7.x and 4.6.x, and RPM before 4.4.3, may fail to reset executable file metadata during upgrade, potentially allowing local users to gain privileges by creating a hard link to a vulnerable (se...

CVE-2010-2199

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to...

CVE-2005-4889

The CVE-2005-4889 issue affects RPM before 4.4.3, where lib/fsm.c fails to reset executable file metadata during removal, potentially allowing local users to gain privileges by creating a hard link to a vulnerable (setuid/setgid) file. This is related to CVE-2010-2059. Impact is local privilege e...

CVE-2005-4889

lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid or 2 setgid file, a related issue to CVE-2010-2059...

SuSE9 Security Update : clamav (YOU Patch Number 12610)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...

sudo protection bypass

when a pseudocommand is enabled, it's possible to created an executable file with the same name, it will be executed by relative name with escalated privileges...

Mandriva Update for sudo MDVSA-2010:049 (sudo)

Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2010:049 sudo Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Linux Security Advisory : sudo (MDVSA-2010:049)

A vulnerability has been found and corrected in sudo : sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain...

CVE-2010-0426

CVE-2010-0426 affects sudo 1.6.x < 1.6.9p21 and 1.7.x