CVE-2002-0718

CVE-2002-0718 affects Microsoft Content Management Server (MCMS) 2001. The vulnerability lies in the Web authoring function, allowing an attacker to authenticate and upload executable content by modifying the upload location (Program Execution via MCMS Authoring Function). Related data in the con...

CVE-2002-0718

Web authoring command in Microsoft Content Management Server MCMS 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."...

SAP DB weak permissions

777 permissions are used for executables...

CVE-2002-1548

Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."...

DEBIAN-CVE-2003-0102

Buffer overflow in tryelf in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header elfhdr.eshentsize...

Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass

source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being an executable type. MailSweeper...

Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II

Tuesday, February 25, 2003 We are delighted to learn that the original self-executing html file, from June 1 2002 is now fixed with the most current of the many patches for the Internet Explorer series of browsers. See: http://online.securityfocus.com/archive/1/275126 Regrettably. The following...

Microsoft Internet Explorer 56 - Self Executing HTML File

Microsoft Internet Explorer 56 - Self Executing HTML File source: https://www.securityfocus.com/bid/6961/info Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explor...

Microsoft Internet Explorer 5/6 - Self Executing HTML File

source: https://www.securityfocus.com/bid/6961/info Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explorer will open and parse the file. When the script that poin...

HPUX 10.20/11 Wall Message - Local Buffer Overflow

source: https://www.securityfocus.com/bid/6800/info It has been reported that the HPUX wall executable may be prone to a buffer overflow condition. This buffer overflow is alleged to be triggered when an excessive amount of data is redirected into wall as a message intended to be broadcast. It ma...

CVE-2002-2063

AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames...

PT-2002-2566 · Microsoft · Windows Media Player

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Player WMP version 6.3 Description: The issue allows local users to gain privileges by deleting or modifying executables due to world-writable permissions. Recommendations: For Microsoft Windows Media Player WMP versio...

CVE-2002-1349

Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arbitrary code via a long input string to TCP port 110 POP3...

Norton antivirus privelege escalation

Можно запустить помощь winhlp32.exe в контексте локальной системы...

Program execution via AIM

If user clicks on link to local executable it will be launched...

CVE-2002-1139

The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target...

Microsoft Internet Explorer (MSIE) Content-Disposition vulnerabilities

Overview Microsoft Internet Explorer IE may handle executable content automatically, opening it with another application on the client host that may, in turn, instruct the operating system to execute the file. Description IE does not properly verify the Content-Disposition and Content-Type header...

Netris 0.3/0.4/0.5 - Remote Memory Corruption

// source: https://www.securityfocus.com/bid/5680/info Netris is prone to a remotely exploitable memory corruption issue. Netris is prone to a remotely exploitable memory corruption issue. An attacker may exploit this to execute arbitrary code with the privileges of the user invoking the vulnerab...

SAME LADY, DIFFERENT DRESS: Internet Explorer 6

Monday, August 12, 2002 Yet another silent delivery and installation of an executable on the target computer using Internet Exlorer 6. This can be achieved by reversing the following: http://online.securityfocus.com/bid/5350 And: HTM. In order to to achieve the required results as outlined in the...

CVE-2002-0718

Web authoring command in Microsoft Content Management Server MCMS 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."...