369 matches found
CVE-2011-2010
The Microsoft Office Input Method Editor IME for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the...
Input validation
Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan horse DLL in the current working directory, as...
PT-2011-3531 · Microsoft · Display Panning Cpl Extension +11
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: T...
Sogou input method 0DAY-vulnerability warning-the black bar safety net
Vulnerability process description: When windows is loaded sogou input method later, log in to the system, lock the computercltr+alt+del it. Switch to sogou input method, input the phonetic alphabet appears sogou input method toolbar, click on search, it will call iexplorer.exe the. Next you can b...
Mandriva Update for gtk MDVA-2010:048 (gtk)
Check for the Version of gtk OpenVAS Vulnerability Test Mandriva Update for gtk MDVA-2010:048 gtk Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Mandriva Update for gtk MDVA-2010:048 (gtk)
Check for the Version of gtk OpenVAS Vulnerability Test Mandriva Update for gtk MDVA-2010:048 gtk Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
0day sogou input method loopholes to gain system permissions-bug warning-the black bar safety net
Unintentionally found a very serious vulnerability, and the year 3 3 8 9 input loophole similar. However, temporary does not affect the not system is not loaded sogou input method, not login system. If the remote server installed sogou, the login system is loaded after the search dogs, but not...
0day vulnerability Sogou input method to obtain system privileges
0day vulnerability Sogou input method to obtain system privileges Vulnerability: Do not intend to found a very serious vulnerability, and the year 3389 input loophole similar.However, no system was not being loaded does not affect input method logged in system. If the remote server installed ,...
搜狗输入法绕过锁屏保护漏洞
搜狗输入法是在中国广泛使用的拼音输入法。 当用户登录到Windows系统并加载了搜狗输入法后,锁屏(cltr+alt+del)再切换到该输入法,在输入法的工具栏中输入任意内容后点击“搜索”就会调用iexplorer.exe。如果登录账号属于管理员组,就可以直接在IE地址栏中进入system32目录并运行cmd。 SOGOU.COM 搜狗输入法 4.3 - Microsoft Windows 7 ultimate 厂商补丁: SOGOU.COM --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...
CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...
CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...
DEBIAN-CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...
Input validation
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...
CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...
CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...
Apple Safari 3.1之前版本多个安全漏洞
BUGTRAQ ID: 28290 CVECAN ID: CVE-2008-1011,CVE-2008-1010,CVE-2008-1009,CVE-2008-1008,CVE-2008-1007,CVE-2008-1006,CVE-2008-1005,CVE-2008-1004,CVE-2008-1003,CVE-2008-1002,CVE-2008-1001,CVE-2008-0050 Safari是苹果家族操作系统默认所捆绑的WEB浏览器。 Safari的3.1版修复了多个安全漏洞,具体如下: CVE-2008-0050 恶意的HTTPS代理服务器可能在502 Bad...
CVE-2008-1005
WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password...
Design/Logic Flaw
WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password...
CVE-2008-1005
CVE-2008-1005 affects Apple Safari (WebCore) prior to 3.1. The issue is that the password field is not properly masked during reverse conversion with the Kotoeri input method, allowing physically proximate attackers to read the password. The related connected material confirms Safari 3.1 addresse...