6679 matches found
Code injection
The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file...
Unrestricted file upload
Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm...
The wrong executable may be used to display a downloaded file in its folder – Opera Security Advisories
The wrong executable may be used to display a downloaded file in its folder – Opera Security Advisories OPCOM Team | January 28, 2011 Severity Low Affected versions This issue affects Opera for Microsoft Windows. Description Opera’s downloads manager allows users to select a file, and open the...
The wrong executable may be used to display a downloaded file in its folder
Opera's downloads manager allows users to select a file, and open the folder containing that file. This file will be opened using the operating system's file system viewer. In some cases, Opera will use the wrong executable when trying to show the folder view, and that executable may execute code...
Opera < 11.01 Multiple Vulnerabilities
The version of Opera installed on the remote Windows host is earlier than 11.01. Such versions are potentially affected by the following issues : - The Cascading Style Sheets CSS Extensions for XML implementation recognizes links to javascript: URLs in the -o-link property, which could be abused ...
Opera < 11.01 Multiple Vulnerabilities
Binary data 5747.prm...
Unrestricted file upload
Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...
CVE-2010-4353
Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...
CVE-2010-4353
Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...
White House E-Card Scam Part of Larger Zeus-Related Attack !
The simplistic spam campaign that hit around Christmas and purported to be a holiday greeting from the White House not only included a piece of Zeus-related malware that searches hard drives for documents and uploads them to a remote server, but also appears to be connected to a similar attack fr...
White House E-Card Scam Part of Larger Zeus-Related Attack
The simplistic spam campaign that hit around Christmas and purported to be a holiday greeting from the White House not only included a piece of Zeus-related malware that searches hard drives for documents and uploads them to a remote server, but also appears to be connected to a similar attack fr...
Design/Logic Flaw
Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...
CVE-2010-3923
AttacheCase is vulnerable to an untrusted search path leading to privilege escalation via a Trojan horse executable in the current working directory, affecting AttacheCase before v2.70. Multiple sources (NVD entry CVE-2010-3923, Red Hat advisory, JVN entries) confirm the flaw and the fix is to up...
AttacheCase may insecurely load executable files
Overview AttacheCase may use unsafe methods for determining how to load executables .exe. AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search pat...
JVN#02175694: AttacheCase may insecurely load executable files
AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code wi...
Altap Salamander 2.5 PE Viewer - Local Buffer Overflow (Metasploit)
$Id: altapsalamanderpdb.rb 11353 2010-12-16 20:11:01Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
MS10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption
This module exploits a memory corruption vulnerability within Microsoft's HTML engine mshtml. When parsing an HTML page containing a specially crafted CSS tag, memory corruption occurs that can lead arbitrary code execution. It seems like Microsoft code inadvertently increments a vtable pointer t...
stuxnet-detect NSE Script
Detects whether a host is infected with the Stuxnet worm . An executable version of the Stuxnet infection will be downloaded if a format for the filename is given on the command line. See also: smb-vuln-ms10-061.nse Script Arguments stuxnet-detect.save Path to save Stuxnet executable under, with ...
The Little Black Book Of Computer Virus by Mark Ludwig
The Little Black Book Of Computer Virus by Mark Ludwig His Little Black Book of Computer Viruses fully describes a sophisticated MS-DOS executable virus --- Download Link : Please say thanks.. Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we po...
Alleged Mega-D Botnet Controller Pleads Not Guilty
The man accused of running the Mega-D spam-spewing botnet has pleaded not guilty to charges that he was using the botnet to send millions of spam messages a day, some of them laden with malware. Oleg Nikolaenko was arraigned in U.S. District Court in Wisconsin on Friday on charges that he violate...