Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading...

CVE-2011-0038

The CVE-2011-0038 issue is an untrusted search path/ insecure DLL loading vulnerability in Microsoft Internet Explorer 8 (IE8) related to IESHIMS.DLL. Multiple connected advisories (MS11-003/MS11-003; CPAI-2011-053) describe remote code execution when a user is enticed to place a malicious DLL on...

Adobe Acrobat < 10.0.1 / 9.4.2 / 8.2.5 Multiple Vulnerabilities (APSB11-03)

The version of Adobe Acrobat installed on the remote host is earlier than 10.0.1 / 9.4.2 / 8.2.5. Such versions are reportedly affected by multiple vulnerabilities : - Multiple input validation vulnerability exist that could lead to code execution. CVE-2010-4091, CVE-2011-0586, CVE-2011-0587,...

Microsoft Internet Explorer Multiple Vulnerabilities (2482017)

This host is missing a critical security update according to Microsoft Bulletin MS11-003. OpenVAS Vulnerability Test $Id: secpodms11-003.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2482017 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

Flash Player < 10.2.152.26 Multiple Vulnerabilities (APSB11-02)

The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.152.26. Such versions are potentially affected by multiple vulnerabilities : - An integer overflow exists that could lead to code execution. CVE-2011-0558 - Multiple memory corruption vulnerabilities exist that cou...

Adobe Reader < 10.0.1 / 9.4.2 / 8.2.6 Multiple Vulnerabilities (APSB11-03)

The version of Adobe Reader installed on the remote host is earlier than 10.0.1 / 9.4.2 / 8.2.6. Such versions are reportedly affected by multiple vulnerabilities : - Multiple input validation vulnerability exist that could lead to code execution. CVE-2010-4091, CVE-2011-0586, CVE-2011-0587,...

Microsoft Internet Explorer DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic...

Google Chrome Multiple Vulnerabilities (Feb 2011) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cain &amp; Abel 2.7.3 - &#039;dagc.dll&#039; DLL Loading Arbitrary Code Execution

// source: https://www.securityfocus.com/bid/46239/info Cain & Abel is prone to an arbitrary-code-execution vulnerability. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially...

CVE-2011-0777

Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading...

CVE-2011-0777

Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading...

Design/Logic Flaw

Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading...

CVE-2011-0777

Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading...

CVE-2011-0777

CVE-2011-0777 affects Chromium/Google Chrome before 9.0.597.84. A use-after-free in image loading can allow remote attackers to cause a denial of service and possibly other impact. Several connected sources (e.g., Debian DSA 2166-1 and OpenVAS entries) corroborate the vuln in Chromium/Chrome arou...

CVE-2011-0777

Removed by vendor...

Google Chrome < 9.0.597.84 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 9.0.597.84. It therefore is reportedly affected by multiple vulnerabilities : - A use-after-free issue exists in image loading. Issue 55381 - An unspecified issue exists relating to cross-origin drag and drop. Issue 59081 -...

Opera may insecurely load executable files

Overview Opera may use unsafe methods for determining how to load executables .exe. Opera loads certain executables .exe when opening the folder where downloaded contents are stored. Opera contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reporte...

JVN#94695018: Lunascape may insecurely load dynamic libraries

Lunascape is a web browser. Lunascape loads certain DLL's when HTML files are opened. Lunascape contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution...

ASPR #2011-01-11-1: Remote Binary Planting in Multiple F-Secure Products

=====BEGIN-ACROS-REPORT===== PUBLIC ======================================================================= ACROS Security Problem Report 2011-01-11-1 ------------------------------------------------------------------------- ASPR 2011-01-11-1: Remote Binary Planting in Multiple F-Secure Products...

Microsoft Windows backup manager insecure DLL loading

insecure DLL loading on .wbcat file opening...