CVE-2010-3159

CVE-2010-3159 affects Explzh up to version 5.67, where an unsafe file search path may cause loading of unintended executables (.exe) when extracting files. This could allow an attacker to execute arbitrary code with the application’s privileges. Root cause: insecure executable loading due to how ...

CVE-2010-2369

Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory...

Code injection

Cisco Secure Desktop CSD, when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file...

New Email Worm Turns Back the Clock on Virus Attacks

There appears to be an actual email worm in circulation right now, using the tried-and-true infection method of sending malicious emails to all of the names in a user’s email address book. As of Friday afternoon, the malicious files had been deleted from the remote server in the UK that was servi...

Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Executions

Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Executions // source: https://www.securityfocus.com/bid/42737/info Bloodshed Dev-C++ is prone to a vulnerability that lets attackers execute arbitrary code. This issue affects 'make.exe' and 'minw32-make.exe'. An attacker can exploit...

Microsoft Outlook AttachMethods Remote Code Execution (MS10-045; CVE-2010-0266)

Microsoft Outlook is an e-mail application and a personal information manager. A remote code execution vulnerability has been reported in the way that Microsoft Office Outlook tries to verify attachments in a specially crafted e-mail message. The vulnerability is due to an error in Microsoft Offi...

Double-clicking a link can unexpectedly run a program from the Internet – Opera Security Advisories

Double-clicking a link can unexpectedly run a program from the Internet – Opera Security Advisories OPCOM Team | June 29, 2010 Severity Moderately severe Description When a user clicks a link on a Web page that points to an executable file, Opera will show a download dialog to allow the user to...

CVE-2010-2336

index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter...

CVE-2010-2199

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to...

Design/Logic Flaw

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

CVE-2010-2198

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

CVE-2010-2059

lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1...

CVE-2010-2198

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

CVE-2005-4889

lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid or 2 setgid file, a related issue to CVE-2010-2059...

CVE-2005-4889

The CVE-2005-4889 issue affects RPM before 4.4.3, where lib/fsm.c fails to reset executable file metadata during removal, potentially allowing local users to gain privileges by creating a hard link to a vulnerable (setuid/setgid) file. This is related to CVE-2010-2059. Impact is local privilege e...

CVE-2010-2199

CVE-2010-2199 concerns lib/fsm.c in RPM 4.8.0 and earlier, which does not properly reset executable file metadata during upgrade or removal. This can allow local users to bypass access restrictions by creating a hard link to a vulnerable file that has a POSIX ACL (related to CVE-2010-2059). The p...

CVE-2010-2059

CVE-2010-2059 affects RPM package manager: lib/fsm.c in RPM 4.8.0 and, per the description, unspecified 4.7.x and 4.6.x, and RPM before 4.4.3, may fail to reset executable file metadata during upgrade, potentially allowing local users to gain privileges by creating a hard link to a vulnerable (se...

CVE-2005-4889

lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid or 2 setgid file, a related issue to CVE-2010-2059...

CVE-2010-2199

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to...

SuSE9 Security Update : clamav (YOU Patch Number 12610)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...