8 matches found
EUVD-2002-0473
Malware in sbrugna...
EUVD-2002-0474
Malware in sbrugna...
FreeBSD : codeigniter -- multiple vulnerabilities (c21f4e61-6570-11e5-9909-002590263bf5)
The CodeIgniter changelog reports : Security: Added HTTP 'Host' header character validation to prevent cache poisoning attacks when baseurl auto-detection is used. Security: Added FSCommand and seekSegmentTime to the 'evil attributes' list in CISecurity::xssclean. %NASLMINLEVEL 70300 C Tenable...
codeigniter -- multiple vulnerabilities
The CodeIgniter changelog reports: Security: Added HTTP "Host" header character validation to prevent cache poisoning attacks when baseurl auto-detection is used. Security: Added FSCommand and seekSegmentTime to the "evil attributes" list in CISecurity::xssclean...
CVE-2002-0476
Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand...
CVE-2002-0477
Standalone Macromedia Flash Player 5.0 prior to 5,0,30,2 is vulnerable to remote code execution via a SWF file that uses the exec FSCommand. Root cause: the SWF can trigger arbitrary program execution on the host. Impact is remote code execution with the affected component being the Flash Player ...
CVE-2002-0476
Macromedia Flash Player 5.0 (Standalone) is affected by CVE-2002-0476. A .SWF file containing the undocumented “save” FSCommand can cause the player to save arbitrary files and programs on the host. The documents here do not provide details on exploit practicality, affected versions beyond Flash ...
More SWF vulnerabilities?
Vulnerable systems: unpatched "standalone Flash players" Macromedia Shockwave Flash player versions before January 2002? Fix: "In response to the discovery of the virus, in January Macromedia released an update to its standalone Flash player that causes the player to ignore the "exec" action."...