833 matches found
Microsoft Office Groove Insecure Library Loading
Added: 03/28/2011 CVE: CVE-2010-3146 BID: 42695 OSVDB: 67484 Background Microsoft Office Groove is a collaboration-based software application that allows teams and organizations to work together regardless of physical or network location. Problem Microsoft Office Groove has a vulnerability due to...
Microsoft Office Groove Insecure Library Loading
Added: 03/28/2011 CVE: CVE-2010-3146 BID: 42695 OSVDB: 67484 Background Microsoft Office Groove is a collaboration-based software application that allows teams and organizations to work together regardless of physical or network location. Problem Microsoft Office Groove has a vulnerability due to...
Microsoft Remote Desktop Connection Insecure Library Injection
Added: 03/14/2011 CVE: CVE-2011-0029 BID: 46678 OSVDB: 71014 Background The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer. Problem A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens...
Design/Logic Flaw
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan horse DLL in the current working directory, as...
Design/Logic Flaw
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure...
CVE-2011-0029
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure...
CVE-2011-0032
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan horse DLL in the current working directory, as...
Microsoft Windows multiple security vulnerabilities
Unsafe library loading, code execution with .dvr-ms files...
Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading (MS11-003; CVE-2011-0038)
Microsoft Internet Explorer IE is a web browser application that is capable of rendering both static and dynamic web content. A remote code execution vulnerability has been reported in the way that Microsoft Internet Explorer 8 handles the loading of DLL files. The vulnerability is due to the way...
Mega Menager 3.4.0.9 DLL Hijacking
============ Advisory 02/03/2011 ============= / PoC Title: Mega Menager BOOL WINAPI DllMain HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved switch fdwReason case DLLPROCESSATTACH: exploit; case DLLTHREADATTACH: case DLLTHREADDETACH: case DLLPROCESSDETACH: break; return TRUE; int exploit...
Adobe Acrobat Reader PDF Embedded in HTML Library Loading (CVE-2011-0562)
Adobe Reader and Acrobat is a family of computer programs developed by Adobe Systems, designed to view, create, manipulate and manage files in Adobe's core technology, the Portable Document Format PDF, a format that has become the de facto standard in the electronic document exchange. A remote co...
rgmanager: insecure library loading vulnerability
The 1 SAPDatabase and 2 SAPInstance scripts in OCF Resource Agents aka resource-agents or cluster-agents 1.0.3 in Linux-HA place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
Design/Logic Flaw
Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading...
CVE-2011-0038
The CVE-2011-0038 issue is an untrusted search path/ insecure DLL loading vulnerability in Microsoft Internet Explorer 8 (IE8) related to IESHIMS.DLL. Multiple connected advisories (MS11-003/MS11-003; CPAI-2011-053) describe remote code execution when a user is enticed to place a malicious DLL on...
Flash Player < 10.2.152.26 Multiple Vulnerabilities (APSB11-02)
The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.152.26. Such versions are potentially affected by multiple vulnerabilities : - An integer overflow exists that could lead to code execution. CVE-2011-0558 - Multiple memory corruption vulnerabilities exist that cou...
Microsoft Internet Explorer Multiple Vulnerabilities (2482017)
This host is missing a critical security update according to Microsoft Bulletin MS11-003. OpenVAS Vulnerability Test $Id: secpodms11-003.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2482017 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...
Adobe Reader < 10.0.1 / 9.4.2 / 8.2.6 Multiple Vulnerabilities (APSB11-03)
The version of Adobe Reader installed on the remote host is earlier than 10.0.1 / 9.4.2 / 8.2.6. Such versions are reportedly affected by multiple vulnerabilities : - Multiple input validation vulnerability exist that could lead to code execution. CVE-2010-4091, CVE-2011-0586, CVE-2011-0587,...
Adobe Acrobat < 10.0.1 / 9.4.2 / 8.2.5 Multiple Vulnerabilities (APSB11-03)
The version of Adobe Acrobat installed on the remote host is earlier than 10.0.1 / 9.4.2 / 8.2.5. Such versions are reportedly affected by multiple vulnerabilities : - Multiple input validation vulnerability exist that could lead to code execution. CVE-2010-4091, CVE-2011-0586, CVE-2011-0587,...
Microsoft Windows Backup Manager Insecure Library Loading (MS11-001; CVE-2010-3145)
The Windows Backup Manager sdclt.exe allows users to restore a computer's system files to an earlier point in time. A remote attacker could convince a user to open a legitimate Windows Backup Catalog file .wbcat that is located in the same network directory as a specially crafted DLL file. Then,...
Adobe Photoshop CS5 Insecure Library Loading Code Execution (APSB10-30; CVE-2010-3127)
Adobe Photoshop CS5 is a graphics editing program that features a 3D engine. A library-loading vulnerability has been identified in Adobe Photoshop CS5. This vulnerability is due to the application insecurely loading certain librairies from the current working directory, which could allow attacke...