CVE-2009-2265

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009,...

CVE-2009-2265

Removed by vendor...

Windows 7 retains Windows Explorer security risk

From InformationWeek Thomas Claburn Windows 7 RC is now available, but Microsoft’s new operating system could use a bit more tinkering to improve security. Specifically, Windows Explorer provides a way to hide a file’s extension. Virus writers use this feature to disguise executable files as...

Hacking tricks of a few over-active Defense method-vulnerability warning-the black bar safety net

Generally the Trojan is added from the start is antivirus software active defense, or 3 6 0 intercept,a few days ago in an online found several registry since the start of the method,the effect is also good,can be considered currently active Defense of a large Dead Space,even of micro-point turne...

CVE-2008-5002

Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control ChilkatCrypt2.dll 4.3.2.1 in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating...

Google Chrome Automatic File Download

Google's Chrome BETA allows files e.g. executable files to be automatically downloaded to the user's computer without any user prompt. To check the flaw, open a URL that points to an executable file. nerex...

Novell ZENworks Endpoint Security Management security client privilege escalation

Application launch with SYSTEM privileges by relative path, temporary executable files creatin in user-controlled directory...

CVE-2002-2401

NTVDM.EXE in Windows 2000/NT/XP fails to verify user execution permissions for 16‑bit executables, allowing local users to bypass the loader and run arbitrary programs. Root cause: missing permission verification on 16‑bit file execution. Mitigation/remediation details are not provided in the con...

CVE-2002-2401

NT Virtual DOS Machine NTVDM.EXE in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs...

Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files

VISIT ORIGINAL ADVISORY FOR MORE DETAILS http://myimei.com/security/2007-09-01/olate-download-342-useruploadphp-upload-executable-files.html VISIT ORIGINAL ADVISORY FOR MORE DETAILS/ ——-Summary—— Software: Olate Download Sowtware's Web Site: http://www.olate.co.uk/ Versions: 3.4.2 Class: Remote...

Checkpoint ZoneAlarm multiple privilege escalations

Vsdatant.sys driver multiple IOCTLs buffer overflows. Weak permissions for executable files...

Not dead shellcode-exploit warning-the black bar safety net

HEE HEE,today the computer some of the things transferred to the mobile hard disk,find yourself previously voted over the few manuscript,crude see an article but there are a few articles or a little heat,simply submit to the evil eight,hope can be a friend in need some help...rookie write the dis...

CVE-2007-3021

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition SAV CE 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via...

GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow

source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrary code outside of a restricted environment, which may...

GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow

GDB 6.6 - ProcessCoffSymbol UPX File Buffer Overflow source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrar...

Code injection

Direct static code injection vulnerability in admin/save.php in Stephen Craton aka WiredPHP Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, which are included and executed...

Hewlett-Packard Network Node Manager 7.50 Remote Console weak files permissions

Vendor: Hewlett-Packard Application: Network Node Manager 7.50 Remote Console under Microsoft Windows XP SP2. Vulnerability: Local Vulnerability Level: High Author: 3APA3A , Impact: privilege escalation of any unprivileged user to Local System or another user's account. Intro: NNM Remote Console ...

FreeBSD : dokuwiki -- multiple vulnerabilities (fcba5764-506a-11db-a5ae-00508d6a62df)

Secunia reports : rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the 'TARGETFN' parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via director...

CVE-2006-4675

Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...

CVE-2006-4675

Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...