CVE-2011-4337

Static code injection vulnerability in translate.php in Support Incident Tracker aka SiT! 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable...

Code injection

Static code injection vulnerability in translate.php in Support Incident Tracker aka SiT! 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable...

Unrestricted file upload

Unrestricted file upload vulnerability in incidentattachments.php in Support Incident Tracker aka SiT! 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in unspecified directory, a...

CVE-2011-5069

Unrestricted file upload vulnerability in incidentattachments.php in Support Incident Tracker aka SiT! 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in unspecified directory, a...

Buffer overflow

Buffer overflow in the xfsreadlink function in fs/xfs/xfsvnodeops.c in XFS in the Linux kernel 2.6, when CONFIGXFSDEBUG is disabled, allows local users to cause a denial of service memory corruption and crash and possibly execute arbitrary code via an XFS image containing a symbolic link with a...

Design/Logic Flaw

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file...

Immunity Canvas: MS12_005

Name| ms12005 ---|--- CVE| CVE-2012-0013 Exploit Pack| CANVAS Description| MS12-005: MS Office 2007-2010 Shell Object Packager file extension bypass Notes| Repeatability: Infinite Notes: The issue we exploit here was fixed silently alongside the ClickOnce issues in the MS12-005 patch but allows f...

CVE-2012-0009

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file...

Microsoft Windows Object Packager Insecure Executable Launching (MS12-002; CVE-2012-0009)

A remote code execution has ben reported in Microsoft Windows...

Unrestricted file upload

Multiple unrestricted file upload vulnerabilities in the WP Symposium plugin before 11.12.24 for WordPress allow remote attackers to execute arbitrary code by uploading a file with an executable extension using 1 uploadify/uploadadminavatar.php or 2 uploadify/uploadprofileavatar.php, then accessi...

Unrestricted file upload

Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory...

CVE-2011-3666

Based on the Connected documents, CVE-2011-3666 is tied to Mozilla Firefox and Thunderbird on Mac OS X where a fix for CVE-2011-2372 was incorrectly applied, allowing a user-assisted bypass related to executable handling of .jar-like files via crafted web content. The Nessus/OpenSSH-related advis...

Unix Command Shell, Bind TCP (via Ruby) IPv6

Continually listen for a connection and spawn a command shell via Ruby This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 142 include Msf::Payload::Single include...

CVE-2011-4266

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a...

Design/Logic Flaw

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a...

CVE-2011-4266

CVE-2011-4266 affects FFFTP prior to version 1.98d, via an untrusted search path that lets local users gain privileges using a Trojan horse executable in the same directory read to load an extensionless file (demonstrated with README.exe). The vulnerability is rooted in unsafe loading of executab...

CVE-2011-4266

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a...

FFFTP may insecurely load executable files

Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Fumihiko Sano reported this vulnerability to IPA. JPCERT/CC...

JVN#94002296: FFFTP may insecurely load executable files

FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest versio...

Трояним эльфов

Трояним эльфов Задача: Вставить в elf-файл возможность, при указании пароля, запуска произвольных команд. Размер и функционал исходного elf-файла остаются неизменными. Часть 1. Трояним /bin/su из BackTrack 5 R1 x86 образ VMWare BT5R1-GNOME-VM-32.7z 1. ELF и его анатомия в контексте используемой...