MacOS X ZIP archives code execution

It's possible to set files associations with MACOSX folder...

CVE-2006-0762

WinAbility Folder Guard 4.11 allows local users to gain unauthorized access to certain capabilities of the application by renaming or moving the password file FGuard.FGP, which disables the password requirement...

CVE-2006-0762

WinAbility Folder Guard 4.11 allows local users to gain unauthorized access to certain capabilities of the application by renaming or moving the password file FGuard.FGP, which disables the password requirement...

CVE-2006-0762

CVE-2006-0762 affects WinAbility Folder Guard 4.11. The vulnerability enables local users to bypass password protection by renaming or moving the password file (FGuard.FGP), thereby disabling the password requirement and gaining unauthorized access to certain application capabilities. The underly...

NeoMail Session ID Weakness neomail-prefs.pl Arbitrary Mail-folder Manipulation

The remote host is running NeoMail, an open source webmail application written in Perl. The installed version of this software fails to validate the 'sessionid' parameter in the 'neomail-prefs.pl' script as a valid session identifier. An unauthenticated attacker may be able to exploit this issue ...

CVE-2006-0700

imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions...

Design/Logic Flaw

imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions...

CVE-2006-0700

The CVE-2006-0700 entry concerns imageVue 16.1, where a remote attacker can retrieve folder permission settings by directly requesting dir.php, which returns an XML listing folders and their permissions. Affected component: dir.php handler in imageVue 16.1 (XML response reveals folder permissions...

CVE-2006-0700

imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions...

Microsoft Power Point Temporary Internet Files folder access

Script within HTML can access Temporary Internet Files folder directly...

CVE-2006-0004

Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to access objects in the Temporary Internet Files Folder TIFF...

CVE-2006-0004

CVE-2006-0004 is a information-disclosure vulnerability in Microsoft PowerPoint 2000 (Office 2000 SP3) arising from the interaction with Internet Explorer when PowerPoint renders HTML, allowing remote attackers to access objects in the Temporary Internet Files Folder (TIFF) by name. The issue aff...

CVE-2006-0004

Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to access objects in the Temporary Internet Files Folder TIFF...

Microsoft PowerPoint may disclose information in the Temporary Internet Files Folder

Overview Microsoft PowerPoint contains an information disclosure vulnerability. As a result, sensitive information may be exposed to untrusted parties. Description Microsoft PowerPoint fails to properly restrict access to objects in the Temporary Internet Files Folder TIFF. This vulnerability is...

Microsoft Internet Explorer Drag-and-Drop code execution

By spoofing target window in race period it's possible to install malware in special folder. Vulnerability may be exploited for trojaning user's machine, but requires interaction...

imageVue16.1.txt

ImageVue is an online Flash gallery for viewing images. For more information about ImageVue visit http://www.imagevuex.com Credits: me Vulnerable Systems: imageVue16.1 In ImageVue one can upload images to the Gallery. The upload-script however isn't checking credentials nor does it check file...

ImageVue 0.16.1 - dir.php Folder Permission Disclosure

ImageVue 0.16.1 - dir.php Folder Permission Disclosure source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection...

ImageVue 0.16.1 - 'dir.php' Folder Permission Disclosure

source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection. Successful exploitation could allow attackers to upload an...

CVE-2005-4681

CVE-2005-4681 involves the mIRC client (versions 5.91–6.16). A buffer overflow in the DCC Get Folder Dialog when entering a long string allows local users to execute arbitrary code. The vendor disputes this as a vulnerability, suggesting it may be a local bug and possibly only exploitable by the ...

CVE-2005-4681

Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerabilit...