24 matches found
Photodex ProShow Producer multiple security vulnerabilities
Buffer overflow on .pxs / .pxt files parsing. Privilege escalations via weak executable permissions and incorrect DLL paths...
Code injection
The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions Everyone:Full Control, which allows local users to gain privileges by replacing the executable with a Trojan horse program...
CVE-2009-3108
The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions Everyone:Full Control, which allows local users to gain privileges by replacing the executable with a Trojan horse program...
Group-writable executable in OpenLDAP
OpenLDAP installs the ud binary in $binpath with mode 775 and default group i.e. either you primary gid or the directories gid. Of course the consequences depend on which group this actually is. This was checked with 1.2.11 latest stable, but probably also exists in earlier versions, since the...