Mozilla unsafe library loading flaw

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan hor...

Adobe Reader < 9.4.1 Multiple Vulnerabilities (APSB10-28)

The version of Adobe Reader installed on the remote host is earlier than 9.4.1. Such versions are reportedly affected by multiple vulnerabilities : - A memory corruption vulnerability exists that could lead to code execution. Note that this issue does not affect Adobe Reader 8.x. CVE-2010-3654 - ...

Adobe Acrobat 9.x < 9.4.1 Multiple Vulnerabilities (APSB10-28)

The version of Adobe Acrobat 9.x installed on the remote host is earlier than 9.4.1. Such versions are reportedly affected by multiple vulnerabilities : - A memory corruption vulnerability exists that could lead to code execution. Note that this issue does not affect Adobe Acrobat 8.x...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3141 and CVE-2010-3142...

Nevercenter Silo 2.1.1 DLL Hijacking

/ Nevercenter Silo 2.1.1 Insecure Library Loading Vulnerability Vendor: Nevercenter Ltd. Co. Product web page: http://www.nevercenter.com Affected version: 2.1.1 Summary: Silo 2 is a focused 3D modeling application with the ability to effortlessly switch between organically sculpting high-polygon...

Silo 2.1.1 - wintab32.dll DLL Loading Arbitrary Code Execution

Silo 2.1.1 - wintab32.dll DLL Loading Arbitrary Code Execution // source: https://www.securityfocus.com/bid/44726/info Silo is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to...

Nevercenter Silo 2.1.1 Insecure Library Loading Vulnerability

Summary Silo 2 is a focused 3D modeling application with the ability to effortlessly switch between organically sculpting high-polygon models and precisely controlling hard-edged surfaces. It can be used for anything from creating 3D characters for video games and movies to quickly exploring 3D...

Silo 2.1.1 - &#039;wintab32.dll&#039; DLL Loading Arbitrary Code Execution

// source: https://www.securityfocus.com/bid/44726/info Silo is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a...

Flash Player < 9.0.289 / 10.1.102.64 Multiple Vulnerabilities (APSB10-26)

The remote Windows host contains a version of Adobe Flash Player 9.x before 9.0.289 or 10.x earlier than 10.1.102.64. Such versions are potentially affected by multiple vulnerabilities : - A memory corruption vulnerability exists that could lead to code execution. Note that there are reports that...

Audacity &lt;= 1.3 Beta Multiple Local Vulnerabilities

Audacity = 1.3 Beta Multiple Local Vulnerabilities Name Audacity Vendor http://audacity.sourceforge.net Versions Affected = 1.3 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-29 X. INDEX I. ABOUT THE...

JVN#27868039: GVim may insecurely load dynamic libraries

GVim is a text editor. GVim loads certain DLL's when TXT files are opened. GVim contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update the...

Audacity 1.3 Beta DLL Hijacking

Audacity = 1.3 Beta Multiple Local Vulnerabilities Name Audacity Vendor http://audacity.sourceforge.net Versions Affected = 1.3 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-29 X. INDEX I. ABOUT THE...

ACDSee Photo Manager Insecure Library Loading Vulnerability

A vulnerability has been discovered in ACDSee Photo Manager,which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • dwmapi.dll This can be exploited...

Winamp < 5.59 build 3033 Multiple Vulnerabilities

The remote host is running Winamp, a media player for Windows. The version of Winamp installed on the remote host is earlier than 5.59 build 3033. Such versions are potentially affected by multiple vulnerabilities : - Winamp loads libraries in an insecure manner. CVE-2010-3137 - An integer overfl...

Orbit Downloader Insecure Library Loading Vulnerability

A vulnerability has been discovered in Orbit Downloader ,which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • schannel.dll This can be exploited ...

WinMerge Insecure Library Loading Vulnerability

A vulnerability has been discovered in WinMerge,which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • mfc71enu.dll • mfc71loc.dll This can be...

Secunia PSI Insecure Library Loading Vulnerability

A vulnerability has been discovered in Secunia PSI,which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • Schannel.dll This can be exploited to loa...

Internet Download Manager Insecure Library Loading Vulnerability

A vulnerability has been discovered in Internet Download Manager ,which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • Schannel.dll This can be...

Nessus Client Insecure Library Loading Vulnerability

A vulnerability has been discovered in Nessus Client ,which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • Wintab32.dll This can be exploited to...

Winamp < 5.59 Build 3033 Multiple Vulnerabilities

Binary data 5689.prm...