CA BrightStor ARCServe Backup LGServer Arbitrary File Upload (CVE-2007-5005; CVE-2008-1329)

Computer Associates BrightStor ARCserve Backup for Laptops and Desktops provides backup and data recovery for remote, mobile and desktop computers. In general, a backup system is comprised of a server and multiple clients, also known as agents. The server establishes, organizes, and controls all ...

Unrestricted file upload

Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in smilies/...

CVE-2009-2516

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer dereference during chain...

PT-2009-4923 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from insufficient validation of data sent from user mode, allowing local users to gain privileges via a crafted PE .exe file. This could lead to a NULL pointe...

Millenium MP3 Studio 2.0 Stack Overflow

Vulnerability : .mpf File Local Stack Overflow Exploit SEH + Product : Millenium MP3 Studio + Versions affected : v2.0 + Download : http://www.software112.com/products/mp3-millennium+download.html + Method : seh + Tested on : Windows XP SP2/SP3 En + Written by : dellnull dellnullatgmaildotcom +...

Google Apps mailto uri handler cross-browser remote command execution

No description provided by source. google apps googleapps.url.mailto:// uri handler cross-browser remote command execution exploit Internet Explorer by nine:situations:group::pyrokinesis site: http://retrogod.altervista.org/ software site: http://pack.google.com/intl/it/packinstaller.html tested...

Adobe Photoshop Elements weak service permissions

Weak permissions for AdobeActiveFileMonitor8.0 service allow executable file spoofing...

Unrestricted file upload

Unrestricted file upload vulnerability in RADactive I-Load before 2008.2.5.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, and then sending a request for a predictable filename during a short time window...

CVE-2009-3447

Unrestricted file upload vulnerability in RADactive I-Load before 2008.2.5.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, and then sending a request for a predictable filename during a short time window...

Stack overflow

Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project .psh file, related to the 1 celln.imagesm.image and 2 celln.sound.file fields...

Proland Software Protector Plus antivirus weak permissions

Executable files have Everyone:Full Control permissions...

CVE-2008-7209

Unrestricted file upload vulnerability in the add2 action in aupload.php in OneCMS 2.4, and possibly earlier, allows remote attackers to execute arbitrary code by uploading a file with an executable extension and using a safe content type such as image/gif, then accessing it via a direct request ...

Code injection

The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions Everyone:Full Control, which allows local users to gain privileges by replacing the executable with a Trojan horse program...

CVE-2009-3108

The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions Everyone:Full Control, which allows local users to gain privileges by replacing the executable with a Trojan horse program...

Unrestricted file upload

Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/...

USN-810-3: NSS regression

USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS e.g. Firefox to have an executable stack. This reduced the effectiveness of some defensive security protections. This update...

Altap Salamander 2.5 PE Viewer Buffer Overflow

This module exploits a buffer overflow in Altap Salamander 'Altap Salamander 2.5 PE Viewer Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Altap Salamander MSFLICENSE, 'Author' = 'aushack' , 'References' = 'CVE', '2007-3314' , 'BID', '24557' , 'OSVDB', '37579' ,...

Unrestricted file upload

Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in a certain path. NOTE:...

CVE-2008-7029

Unrestricted file upload vulnerability in usercp.php in AlilG Application AliBoard Beta allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in uploads/avatars/...

CVE-2008-7052

Unrestricted file upload vulnerability in profile.php in Pre Projects Pre Real Estate Listings allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in reimages/...