CVE-2003-1265

Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages...

SILLY BEHAVIOR Part II : Internet Explorer 5.5 - 6.0

Thursday, May 1, 2003 The following represents a trivial yet elaborate method of injecting arbitrary html into the "My Computer" zone on win98 using the Internet Explorer series of browsers. The manufacturer, commonly known as "Microsoft" has a done a splendid job of battening down the hatches wi...

CVE-2003-0198

CVE-2003-0198 affects Mac OS X versions prior to 10.2.5, where guest users can modify permissions of the DropBox folder and read unauthorized files. The CVSS v2 base metrics indicate a 6.4 score (Medium) with network attack vector, low attack complexity, no authentication, and partial impacts on ...

CVE-2003-0198

Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files...

DEBIAN-CVE-2003-0140

Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service crash and possibly execute arbitrary code via a crafted folder...

Dr.Web 4.x - Virus Scanner Folder Name Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/7022/info A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names. An attacker is able to exploit this vulnerability by creating a malicious folder...

Dr.Web 4.x - Virus Scanner Folder Name Buffer Overflow (PoC)

Dr.Web 4.x - Virus Scanner Folder Name Buffer Overflow PoC source: https://www.securityfocus.com/bid/7022/info A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names. An attacker is able to...

CVE-2002-1740

Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name NewFolder parameter...

zerooexploit.txt

According to the vendor's web page , Zeroo is a "simple, small, portable, fast HTTP server". The server is available for Windows, and Linux operating systems. A folder traversal flaw in the server may allow attackers to compromise sensitive information stored on the server's volume. !/usr/bin/per...

Zeroo Folder Traversal Vulnerability

According to the vendor's web page http://lonerunner.cfxweb.net, Zeroo is a "simple, small, portable, fast HTTP server". The server is available for Windows, and Linux operating systems. A folder traversal flaw in the server may allow attackers to compromise sensitive information stored on the...

CVE-2002-1184

The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access Everyone:F and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan hor...

Microsoft Security Bulletin MS02-064: Windows 2000 Default Permissions Could Allow Trojan Horse Program (Q327522)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Windows 2000 Default Permissions Could Allow Trojan Horse Program Q327522 Date: 30 October 2002 Software: Windows 2000 Impact: Trojan Horse program execution Max Risk: Moderate...

CVE-2002-0980

The CVE-2002-0980 entry describes a vulnerability in the Web Folder component of Internet Explorer 5.5/6.0 whereby an error message is written to a known temp location. An attacker can inject arbitrary code into that error message and cause execution by referencing the error message file via an m...

Internet Explorer/Mozilla/Opera local zone script execution via FTP folders

It's possible to script on local securty zone if FTP folder presentation is enabled...

Windows Apache directory traversal

It's possible to leave web rot folder by using backslash...

SILLY BEHAVIOR : Internet Explorer 5.5 - 6.0

Wednesday, August 14, 2002 The following represents a trivial yet elaborate method of injecting arbitrary html into the "My Computer" zone on win98 using the Internet Explorer series of browsers. Internet Explorer enjoys a unique component called the "Web Folder" component. This is a selectable...

KPMG-2002020: Resin view_source.jsp Arbitrary File Reading

-------------------------------------------------------------------- Title: Resin viewsource.jsp Arbitrary File Reading BUG-ID: 2002020 Released: 17th Jun 2002 -------------------------------------------------------------------- Problem: ======== In a default installation of Resin server, the...

Unauthorized access to PowerChute shared folder

During programm installation Program FilesPwrchute shared with full access allowing to trojan program executables...

MDaemon WorldClient 5.0.x - Folder Creation Buffer Overflow

MDaemon WorldClient 5.0.x - Folder Creation Buffer Overflow source: https://www.securityfocus.com/bid/4689/info MDaemon is an integrated mail transport agent, webmail, and mail anti-virus package. It is available for Microsoft Windows operating systems. It may be possible for a remote user to tak...

Code execution in Macromedia Shockwave Flash

"Save" command may be used to place malware file anywhere on user's computer including Startup folder...