Vulnerability in Opera’s use of kfmclient – Opera Security Advisories

Vulnerability in Opera’s use of kfmclient – Opera Security Advisories OPCOM Team | February 9, 2007 Severity: Moderate Since version 7.50, Opera for Linux has offered theuser a new way to open files which Opera can not openitself: “Open with kfmclient”. This feature can beexploited to run malicio...

Buffer overflow

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

CVE-2007-0851

CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...

CVE-2007-0851

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

CVE-2007-0819

HP Network Node Manager NNM Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the H...

HP Tru64 Alpha OSF1 5.1 - ps Information Leak

HP Tru64 Alpha OSF1 5.1 - ps Information Leak !/bin/ksh osf1tru64ps.ksh exploit Tested on OSF1 V5.1 1885 alpha ps executable - information leak Author: Andrea "bunker" Purificato http://rawlab.mindcreations.com the "ps" command also /usr/ucb/ps on HP OSF1 v5.1 Alpha, developed without an eye to...

HP Tru64 Alpha OSF1 5.1 - 'ps' Information Leak

!/bin/ksh osf1tru64ps.ksh exploit Tested on OSF1 V5.1 1885 alpha ps executable - information leak Author: Andrea "bunker" Purificato http://rawlab.mindcreations.com the "ps" command also /usr/ucb/ps on HP OSF1 v5.1 Alpha, developed without an eye to security, allows unprivileged users to see valu...

Hewlett-Packard Network Node Manager 7.50 Remote Console weak files permissions

Vendor: Hewlett-Packard Application: Network Node Manager 7.50 Remote Console under Microsoft Windows XP SP2. Vulnerability: Local Vulnerability Level: High Author: 3APA3A , Impact: privilege escalation of any unprivileged user to Local System or another user's account. Intro: NNM Remote Console ...

CVE-2007-0505

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue...

CVE-2007-0505

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue...

Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerability in procedure DBMSLOGREPUTIL.GETOBJECTNAME DB08 AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server versions 9iR1...

CVE-2007-0236

Double free vulnerability in the ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service kernel panic and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow...

SOL6806 - ClamAV UPX heap overflow Vulnerability - CVE-2006-4018

The FirePass controller can be configured to provide anti-virus scanning of files uploaded through Portal Access through the ClamAV open source software. A vulnerability in ClamAV 0.88.4 and earlier versions could allow a remote attacker to crash the scanner process or execute code remotely using...

Hewlett Packard multiple printers privilege escalation

Local user have full access to printer service "PML Driver HPZ12" thorugh service manager, making it possible to configure any executable to be run with local system privileges...

QQ漏洞（远程可执行）Tencent QQ VQQPlayer.ocx

No description provided by source. ---------------------------------------------------------------------------------------- / ----------------------------------------------------------------------- Tencent QQ VQQPlayer.ocx all version 0day Author: axis Date: 2006-12-27 Mail: [email protected]...

Rediff Bol Downloader (ActiveX Control) Execute Local File Exploit

No description provided by source. !-- Rediff Bol Downloader ActiveX Allows Downloading and Spawning Arbitary Files Affected Program : Rediff Bol Download ActiveX ActiveX OCX Control that downloads the Rediff Bol Messenger setup and spawns it. Related URL : http://messenger.rediff.com/newbol/...

Gene6 FTP Server本地权限提升漏洞

Gene6 FTP Server是一款非常流行的Microsoft Windows平台的FTP Server。 默认安装后，本地的非特权用户可以修改Gene6 FTP Server的设置，例如添加新的SITE命令。由于Gene6 FTP Server是以SYSTEM权限运行的，因此攻击者可以轻易的提升权限。 Gene6 G6 FTP Server http://marc.theaimsgroup.com 1. 以非特权用户的身份登陆。 2. 打开Gene6 FTP Server控制台，添加FTP用户帐号，如“test” 3. 对FTP...

Clam AntiVirus fails to properly handle crafted Portable Executable (PE) files

Overview A vulnerability in the way Clam AntiVirus processes Portable Executable PE files may lead to execution of arbitrary code. Description Clam AntiVirus is a GPL virus scanner that has built-in support for for a number of file types including PE. According to iDefense Public Advisory:...

Solaris 8/9 passwd circ() Local Root Exploit

No description provided by source. / $Id: raptorpasswd.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorpasswd.c - passwd circ local, Solaris/SPARC 8/9 Copyright c 2004 Marco Ivaldi [email protected] Unknown vulnerability in passwd1 in Solaris 8.0 and 9.0 allows local users to gain privileges...

Tru64 5 (su) Env Local Stack Overflow Exploit

No description provided by source. / Copyright c 2000 ADM / / All Rights Reserved / / THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF ADM / / The copyright notice above does not evidence any / / actual or intended publication of such source code. / / / / Title: Tru64 5 su / / Tested under: Tru64 5...