Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading (MS11-003; CVE-2011-0038)

Microsoft Internet Explorer IE is a web browser application that is capable of rendering both static and dynamic web content. A remote code execution vulnerability has been reported in the way that Microsoft Internet Explorer 8 handles the loading of DLL files. The vulnerability is due to the way...

Microsoft Groove 2007 mso.dll Insecure Library Loading (MS11-016; CVE-2010-3146)

Microsoft Office Groove 2007 is a collaboration software program for working on a broad range of project activities, from simple document collaboration to custom solutions integrated with business processes. A remote code execution vulnerability has been reported in the way that Microsoft Groove...

Microsoft Media Player ehtrace.dll Insecure Library Loading (MS11-015; CVE-2011-0032)

DirectShow is a DirectX low-level Application Programming Interface API used by Windows programs for multimedia support. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation, and rendering. A remote code execution vulnerability has been reported in...

vTiger CRM 5.0.4 - Local File Inclusion

!/usr/bin/python INFORMATION: Exploit Title: Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit Google Dork: "The honest Open Source CRM" "vtiger CRM 5.0.4" Date: 5/3/2011 CVE: CVE-2009-3249 Windows link: http://bit.ly/fiOYCL Linux link: http://bit.ly/hluzLf Tested on: Windows XP/Linux Ubuntu...

Mega Menager 3.4.0.9 DLL Hijacking

============ Advisory 02/03/2011 ============= / PoC Title: Mega Menager BOOL WINAPI DllMain HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved switch fdwReason case DLLPROCESSATTACH: exploit; case DLLTHREADATTACH: case DLLTHREADDETACH: case DLLPROCESSDETACH: break; return TRUE; int exploit...

Microsoft Windows application policy bypass

It's possible to bypass application restriction policy by directly loading code into suspended process' memory via e.g. Microsoft Word macro...

Lunascape may insecurely load executable files

Overview Lunascape may use unsafe methods for determining how to load executables .exe. Lunascape is a web browser. Lunascape loads certain executables when using the "script" function. Lunascape contain an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki...

JVN#38362957: Lunascape may insecurely load executable files

Lunascape is a web browser. Lunascape loads certain executables when using the "script" function. Lunascape contain an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Upda...

Adobe Flash Player nvapi.dll Insecure Library Loading (APSB11-02; CVE-2011-0575)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A remote code execution vulnerability has been reported in the way Adobe Flash Player handles the loading of DLL files. The vulnerability is caused by the Adobe Flash Player that uses the Windows...

Adobe Acrobat Reader PDF Embedded in HTML Library Loading (CVE-2011-0562)

Adobe Reader and Acrobat is a family of computer programs developed by Adobe Systems, designed to view, create, manipulate and manage files in Adobe's core technology, the Portable Document Format PDF, a format that has become the de facto standard in the electronic document exchange. A remote co...

Adobe Reader d3dref9.dll Insecure Library Loading (APSB11-03; CVE-2011-0588)

Adobe Reader and Acrobat is a family of computer programs developed by Adobe Systems, designed to view, create, manipulate and manage files in Adobe's core technology, the Portable Document Format PDF, a format that has become the de facto standard in the electronic document exchange. A remote co...

rgmanager: insecure library loading vulnerability

The 1 SAPDatabase and 2 SAPInstance scripts in OCF Resource Agents aka resource-agents or cluster-agents 1.0.3 in Linux-HA place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

ASPR #2011-02-11-2: Remote Binary Planting in Adobe Flash Player

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-02-11-2 ------------------------------------------------------------------------- ASPR 2011-02-11-2: Remote Binary Planting in Adobe Flash Player...

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruptions, unsafe DLL loading...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading...

CVE-2011-0038

The CVE-2011-0038 issue is an untrusted search path/ insecure DLL loading vulnerability in Microsoft Internet Explorer 8 (IE8) related to IESHIMS.DLL. Multiple connected advisories (MS11-003/MS11-003; CPAI-2011-053) describe remote code execution when a user is enticed to place a malicious DLL on...

Adobe Acrobat < 10.0.1 / 9.4.2 / 8.2.5 Multiple Vulnerabilities (APSB11-03)

The version of Adobe Acrobat installed on the remote host is earlier than 10.0.1 / 9.4.2 / 8.2.5. Such versions are reportedly affected by multiple vulnerabilities : - Multiple input validation vulnerability exist that could lead to code execution. CVE-2010-4091, CVE-2011-0586, CVE-2011-0587,...

Microsoft Internet Explorer Multiple Vulnerabilities (2482017)

This host is missing a critical security update according to Microsoft Bulletin MS11-003. OpenVAS Vulnerability Test $Id: secpodms11-003.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2482017 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

Flash Player < 10.2.152.26 Multiple Vulnerabilities (APSB11-02)

The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.152.26. Such versions are potentially affected by multiple vulnerabilities : - An integer overflow exists that could lead to code execution. CVE-2011-0558 - Multiple memory corruption vulnerabilities exist that cou...

Adobe Reader < 10.0.1 / 9.4.2 / 8.2.6 Multiple Vulnerabilities (APSB11-03)

The version of Adobe Reader installed on the remote host is earlier than 10.0.1 / 9.4.2 / 8.2.6. Such versions are reportedly affected by multiple vulnerabilities : - Multiple input validation vulnerability exist that could lead to code execution. CVE-2010-4091, CVE-2011-0586, CVE-2011-0587,...