446 matches found
CVE-2014-0568
The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack...
CVE-2014-0568
CVE-2014-0568 impacts Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows. The root cause is a NtSetInformationFile hook that enables an NTFS junction attack to bypass sandboxing and execute native code with elevated privileges. Mitigation/patch: upgrade to affected pr...
NTFSLinksView - View NTFS symbolic links and junction points
Starting from Windows Vista, Microsoft uses symbolic links and junction points of NTFS file system in order to make changes in the folders structure of Windows and keep the compatibility of applications written for older versions of Windows. This utility simply shows you a list of all symbolic...
AdMan Standalone Ad Server Cross Site Scripting / SQL Injection
=========================================================== AdMan Standalone Ad Server SQLi AND XSS Vulnerability =========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ ...
imageracer-sql.txt
Aria-Security Team Image Racer SearchResults.asp SQL Injection Vendor: http://www.junctionquest.com/Software.asp Example: http://www.TARGET.com/SearchResults.asp?SearchWord=SQL COMMAND&WordSearchCrit=Yes&image.x=0&image.y=0 Example : -1 'union select username,password from admin where FIND IT YOU...
NAePolicy.txt
Summary: Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 patch 3 http://www.nai.com/ Details: The ePolicy Orchestrator Agent web server which runs on TCP port 8081 by default and serves the McAfee Agent Activity Log can be used to view files that exist on the same...