CVE-2006-0700

imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions...

Design/Logic Flaw

imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions...

CVE-2006-0700

The CVE-2006-0700 entry concerns imageVue 16.1, where a remote attacker can retrieve folder permission settings by directly requesting dir.php, which returns an XML listing folders and their permissions. Affected component: dir.php handler in imageVue 16.1 (XML response reveals folder permissions...

CVE-2006-0700

imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions...

Microsoft Power Point Temporary Internet Files folder access

Script within HTML can access Temporary Internet Files folder directly...

CVE-2006-0004

Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to access objects in the Temporary Internet Files Folder TIFF...

CVE-2006-0004

CVE-2006-0004 is a information-disclosure vulnerability in Microsoft PowerPoint 2000 (Office 2000 SP3) arising from the interaction with Internet Explorer when PowerPoint renders HTML, allowing remote attackers to access objects in the Temporary Internet Files Folder (TIFF) by name. The issue aff...

CVE-2006-0004

Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to access objects in the Temporary Internet Files Folder TIFF...

Microsoft PowerPoint may disclose information in the Temporary Internet Files Folder

Overview Microsoft PowerPoint contains an information disclosure vulnerability. As a result, sensitive information may be exposed to untrusted parties. Description Microsoft PowerPoint fails to properly restrict access to objects in the Temporary Internet Files Folder TIFF. This vulnerability is...

Microsoft Internet Explorer Drag-and-Drop code execution

By spoofing target window in race period it's possible to install malware in special folder. Vulnerability may be exploited for trojaning user's machine, but requires interaction...

imageVue16.1.txt

ImageVue is an online Flash gallery for viewing images. For more information about ImageVue visit http://www.imagevuex.com Credits: me Vulnerable Systems: imageVue16.1 In ImageVue one can upload images to the Gallery. The upload-script however isn't checking credentials nor does it check file...

ImageVue 0.16.1 - dir.php Folder Permission Disclosure

ImageVue 0.16.1 - dir.php Folder Permission Disclosure source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection...

ImageVue 0.16.1 - 'dir.php' Folder Permission Disclosure

source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection. Successful exploitation could allow attackers to upload an...

CVE-2005-4681

CVE-2005-4681 involves the mIRC client (versions 5.91–6.16). A buffer overflow in the DCC Get Folder Dialog when entering a long string allows local users to execute arbitrary code. The vendor disputes this as a vulnerability, suggesting it may be a local bug and possibly only exploitable by the ...

CVE-2005-4681

Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerabilit...

CVE-2006-0255

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the SrGUI.exe program...

Directory traversal

Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote authenticated users to rename the folders of other users via a .. dot dot in the RENAME command...

CVE-2006-0127

Rockliffe MailSite IMAP (pre-6.1.22.1) suffers a directory-traversal in the RENAME command that enables remote authenticated users to rename other users’ folders. Affects the IMAP service; impact includes partial integrity (I: Partial, A: None, C: None) with no confidentiality/availability impact...

The reproduction of the former vulnerability--Qin bamboo musical program the negligent-vulnerability warning-the black bar safety net

A few days ago, downloaded a set of“Qin bamboo music network v3. 0 static generation”version, when tested, turned out to see former sun-the power upload vulnerability. Once Upon a time, the power upload vulnerability put in front of me, but even missed. Today, the former vulnerability in the Qin...

CVE-2005-4681

Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerabilit...