27 matches found
EUVD-2011-1150
Malware in sbrugna...
CVE-2011-1136
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file...
CVE-2018-9468
In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-3116
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions...
CVE-2022-26019
Improper access control vulnerability in pfSense CE and pfSense Plus pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01 allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result ...
Netgate pfSense CE 路径遍历漏洞
Netgate pfSense CE is a free and open source FreeBSD-based firewall and router software. A security vulnerability exists in Netgate pfSense CE, where an attacker with the right to change the NTP GPS settings could rewrite existing files on the file system, resulting in arbitrary command execution...
Arbitrary File Rewrite
spring-integration-zip is vulnerable to an arbitrary file rewrite aka a zip slip vulnerability. An incomplete fix of CVE-2018-1263 allows an attacker to send a malicious zip archive bzip2, tar, xz, war, cpio, 7z with path traversal filenames, leading to writing of files outside of the target...
Arbitrary File Rewrite
The cpio packages is vulnerable to Arbitrary File Rewrite. Improper input validation when writing tar header fields leads to unexpect tar generation...
DEBIAN-CVE-2011-1136
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file...
CVE-2011-1136
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file...
CVE-2011-1136
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file...
CVE-2011-1136
CVE-2011-1136 affects tesseract versions 2.03 and 2.04. The issue enables a local attacker to rewrite an arbitrary user file by guessing a process ID and creating a link to the user’s file, indicating a local-privilege-like impact with integrity risk. The connected documents corroborate the descr...
Adobe ColdFusion Arbitrary File Rewrite Vulnerability
Adobe ColdFusion is the United States of America Audobee Adobe a dynamic Web server products, which runs the CFML ColdFusion Markup Language is a programming language for Web applications. An arbitrary file rewrite vulnerability exists in Adobe ColdFusion. An attacker could overwrite arbitrary...
Microsoft Windows - CiSetFileCache TOCTOU Incomplete Fix Exploit
Exploit for windows platform in category dos / poc Windows: CiSetFileCache TOCTOU CVE-2017-11830 Incomplete Fix Platform: Windows 10 1709 including Win10S Class: Security Feature Bypass Summary: The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signin...
Multiple Apple products libarchive component rewrite vulnerability
Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; watchOS is a smartwatch operating system. libarchive is a multi-format archive and compression library component. A security vulnerability exists in the libarchive compone...
OracleVM 3.1 : xen (OVMSA-2013-0001)
The remote OracleVM system is missing necessary patches to address critical security updates : - VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVTVERIFYBUS here doesn't make sense native Linux also uses SVTVERIFYSIDSQ here instead. CVE-2012-5634 - When xe...
MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)
No description provided by source. html title MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification /title body OBJECT id=target classid=clsid:d4fe6227-1288-11d0-9097-00aa004254a0 /OBJECT script language=vbscript //next script is converted to UTF16...
iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 01.12.09 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2009 I. BACKGROUND Oracle Database Server is a family of database products that range from personal databases to enterprise solutions. Further informati...
MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)
No description provided by source. html title MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification /title body OBJECT id="target" classid="clsid:d4fe6227-1288-11d0-9097-00aa004254a0" /OBJECT script language="vbscript" //next script is converted to UTF16...
Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
Microsoft Internet Explorer 7 - Arbitrary File Rewrite MS07-027 MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification //next script is converted to UTF16 target.SessionDescription="MS07-027 mdsauth.dll Proof of Concept exploit" target.SessionAuthor="Andr...