20 matches found
CVE-2024-29962 Insecure file permission setting that makes files world-readable
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...
CVE-2021-28568
Adobe Genuine Services version 7.1 and earlier is affected by an Insecure file permission vulnerability during installation process. A local authenticated attacker could leverage this vulnerability to achieve privilege escalation in the context of the current user...
CVE-2021-28568
Adobe Genuine Services before version 7.1 suffered an insecure file permission during installation that could allow a locally authenticated user to escalate privileges. The issue is a local privilege escalation via an access-control/file-permission flaw within the installation process. Adobe’s ad...
CVE-2021-20490
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791...
Denial of service
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791...
CVE-2021-20490
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791...
SprintWork 2.3.1 Local Privilege Escalation
Exploit Title: SprintWork 2.3.1 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/spx/exe/SprintWork-Setup.exe Version: 2.3.1 Tested On: Windows 10 32-bit Vulnerability Overview: SprintWork v2.3.1 x8...
Design/Logic Flaw
IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963...
IBM Spectrum Protect Plus CVE-2019-4652 Insecure File Permission Vulnerability
Description IBM Spectrum Protect Plus is prone to insecure file-permission vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. IBM Spectrum Protect Plus versions 10.1.0 through 10.1....
Adobe Download Manager CVE-2019-8071 Insecure File Permission Vulnerability
Description Adobe Download Manager is prone to an insecure file-permission vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions with elevated privileges; this may aid in launching further attacks. Adobe Download Manager 2.0.0.3...
Photo Nettoyeur 1.4.5 Insecure File Permission
i?-------------------------------------------------------- Exploit Title: Photo Nettoyeur 1.4.5 - Insecure File Permission Exploit Author : ZwX Exploit Date: 2018-09-28 Vendor Homepage : http://www.marseillesoft.com/ Link Software : http://www.marseillesoft.com/telecharger/ Tested on OS: Windows ...
Binance v1.5.0 - Insecure File Permission Vulnerability
Document Title: =============== Binance v1.5.0 - Insecure File Permission Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2135 Release Date: ============= 2018-07-16 Vulnerability Laboratory ID VL-ID: ====================================...
PYSEC-2018-84
JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. The default configuration and sample files of JSNAPy automation tool versions prior to 1.3.0 are created world writable. This insecure file and directory permission allows...
MagicSpam 2.0.13 - Insecure File Permission Vulnerability
Document Title: =============== MagicSpam 2.0.13 - Insecure File Permission Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2113 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5693 CVE-ID: ======= CVE-2018-5693 Release Date:...
Teradata Virtual Machine Community Edition 15.10 Insecure File Permission Vulnerability
Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure file permission vulnerability. Title: Teradata Virtual Machine Community Edition v15.10 has insecure file permission Author: Larry W. Cashdollar, @larry0 Date: 2016-10-01 Download Site:...
OpenStack Keystone不安全文件权限漏洞(CVE-2013-1977)
BUGTRAQ ID: 59310 CVECAN ID: CVE-2013-1977 OpenStack Keystone为OpenStack系列计划提供身份、令牌、目录和策略服务的项目。 Keystone.conf管理方式上存在安全漏洞,本地攻击者可利用此漏洞获取LDAP密码配置和admintoken。 0 openstack Keystone 厂商补丁: openstack --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://lists.openstack.org/pipermail/openstack-announce/...
Symantec pcAnywhere 12.x不安全文件权限漏洞
BUGTRAQ ID: 51593 CVE ID: CVE-2011-3479 Symantec PCAnywhere是全球最畅销的用于管理服务器和提供管理人员支持的远程控制解决方案。 pcAnywhere对产品安装文件采用全局可写权限,可使本地用户通过修改文件获取权限。 0 Symantec pcAnywhere 12.x 厂商补丁: Symantec -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.symantec.com/business/securityresponse/...
Intel® Math Kernel Library Insecure File Permission Local Privilege Escalation
Summary: The Intel® Math Kernel Library Intel® MKL is a library of highly optimized, extensively threaded math routines for science, engineering, and financial applications that require maximum performance. An updated version of the software is available for Intel® MKL users to mitigate this...
iDefense Security Advisory 12.14.05: Trend Micro PC-Cillin Internet Security Insecure File Permission Vulnerability
Trend Micro PC-Cillin Internet Security Insecure File Permission Vulnerability iDefense Security Advisory 12.14.05 www.idefense.com/application/poi/display?id=351&type=vulnerabilities December 14, 2005 I. BACKGROUND Trend Micro PC-Cillin Internet Security is antivirus protection software for home...
[Full-disclosure] iDEFENSE Security Advisory 04.18.05: McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability
McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability iDEFENSE Security Advisory 04.18.05 http://www.idefense.com/application/poi/display?type=vulnerabilities April 18, 2005 I. BACKGROUND McAfee Internet Security Suite 2005 is a product used to protect a personal computer fro...