Input validation

Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan horse DLL in the current working directory, as...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading...

CVE-2011-1980

CVE-2011-1980 affects Microsoft Office 2003 SP3 and Office 2007 SP2, with an Untrusted Search Path vulnerability that allows local privilege escalation via loading a Trojan horse DLL from the current working directory when a .doc/.xls/.ppt file is present. The root cause is insecure library loadi...

CVE-2011-1980

Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading...

PT-2011-3531 · Microsoft · Display Panning Cpl Extension +11

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: T...

Firefox sensor.dll Insecure Library Loading

Added: 09/13/2011 CVE: CVE-2011-2980 BID: 49217 OSVDB: 74583 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A library loading vulnerability in Mozilla Firefox and Thunderbird allows arbitrary command execution when a user...

Firefox sensor.dll Insecure Library Loading

Added: 09/13/2011 CVE: CVE-2011-2980 BID: 49217 OSVDB: 74583 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A library loading vulnerability in Mozilla Firefox and Thunderbird allows arbitrary command execution when a user...

Microsoft Windows Multiple Components Insecure Library Loading (MS11-071; CVE-2011-1991)

A remote code execution vulnerability has been reported in the way that certain Windows components handle the loading of DLL files. A remote attacker could exploit this vulnerability to execute arbitrary code in an affected system...

Microsoft PowerPoint .dll Insecure Library Loading (MS11-073; CVE-2011-1980)

The vulnerability is due to insecure library loading issue in Microsoft PowerPoint. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted PowerPoint file. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system...

Multiple Products .DLL Insecure Library Loading (CVE-2011-0029; CVE-2011-1980)

A remote code execution vulnerability exists in the way that certain products handle the loading of DLL files. Certain applications improperly restrict the path used for loading external libraries. A remote attacker could exploit this vulnerability by manipulating a user to open a legitimate file...

kernel: netns vs proto registration ordering

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

kernel: netns vs proto registration ordering

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

Opera Extended Validation Information Disclosure Vulnerabilities (Windows)

The host is installed with Opera and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gboperaextentedvalidationinfodiscvulnwin.nasl 7015 2017-08-28 11:51:24Z teissa $ Opera Extended Validation Information Disclosure Vulnerabilities Windows Authors: Rachana Shetty...

CVE-2011-3342

Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors related to 1 NAME, 2 PLYR, 3 CHTS, or 4 AIPL aka AI config chunk loading from a savegame...

JVN#58019849: GTK+ may insecurely load dynamic libraries

GTK+ is a toolkit for developing applications with GUIs. GTK+ contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact In an application that uses GTK+, arbitrary code may be executed with the privilege of that application. Solution Solution for...

ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-08-18-2 ------------------------------------------------------------------------- ASPR 2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird...

ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-08-18-1 ------------------------------------------------------------------------- ASPR 2011-08-18-1: Remote Binary Planting in Mozilla Firefox...

Fedora Update for gdk-pixbuf2 FEDORA-2011-8667

Check for the Version of gdk-pixbuf2 OpenVAS Vulnerability Test Fedora Update for gdk-pixbuf2 FEDORA-2011-8667 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

[SECURITY] Fedora 14 Update: gdk-pixbuf2-2.22.0-2.fc14

gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter...

Internet Explorer Telnet URI Insecure Loading

Added: 08/16/2011 CVE: CVE-2011-1961 BID: 49027 OSVDB: 74494 Background A Uniform Resource Identifier URI allows a user to identify a name or a resource on the Internet while specifying the delivery protocol. Problem Unpatched versions of Internet Explorer versions 6 through 9 do not specify the...