4272 matches found
Apple Mac OS X IOKit IntelAccelerator Null Pointer Reference Local Code Execution Vulnerability
Apple Mac OS X is a BSD-based operating system of a commercial nature. A null pointer reference local code execution vulnerability exists in Apple Mac OS X IOKit IntelAccelerator. An attacker can exploit this vulnerability to execute arbitrary code and elevate privileges because the program fails...
Multiple Local Buffer Overflow Vulnerabilities in GE Proficy HMI/SCADA-CIMPLICITY
GE Intelligent Platforms' Proficy HMI/SCADA-iFIX is the world's leading industrial automation software solution that provides process visualization, data acquisition and data monitoring of manufacturing operations. Multiple local buffer overflow vulnerabilities exist in GE Proficy...
USN-2479-1 rpm vulnerabilities
Florian Weimer discovered that RPM incorrectly handled temporary files. A local attacker could use this issue to execute arbitrary code. CVE-2013-6435 Florian Weimer discovered that RPM incorrectly handled certain CPIO headers. If a user or automated system were tricked into installing a maliciou...
CVE-2014-8394
Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 FxManagedCommands3.089.tx or 2 TDMgd3.089.dll file in the current working directory...
CVE-2014-8398
Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 igfxcmrt32.dll, 2 ipl.dll, 3 MSPStyleLib.dll, 4 uFioUtil.dll, 5 uhDSPlay.dll, 6 uipl.dll, 7 uvipl.dll, 8 VC1DecDll.dll, or 9...
CVE-2014-8396
Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed...
HawtJNI: predictable temporary file name leading to local arbitrary code execution
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...
HUAWEI MobiConnect has multiple vulnerabilities
HUAWEI MobiConnect is a software developed by Huawei. An arbitrary code execution and elevation of privilege vulnerability exists in HUAWEI MobiConnect, which allows local attackers to exploit the vulnerability to execute arbitrary code with elevated privileges due to the program failing to...
UBUNTU-CVE-2014-7300
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging...
CVE-2014-9273
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write...
DEBIAN-CVE-2014-8106
Heap-based buffer overflow in the Cirrus VGA emulator hw/display/cirrusvga.c in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320...
HawtJNI: predictable temporary file name leading to local arbitrary code execution
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...
libXfont: integer overflow of allocations in font metadata file parsing
A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server...
CVE-2014-8359
Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory...
PT-2017-6326
Name of the Vulnerable Software and Affected Versions util-linux versions prior to 2.26rc-1 Description The issue allows local users to execute arbitrary code. Recommendations For versions prior to 2.26rc-1, update to version 2.26rc-1 or later to resolve the issue...
DEBIAN-CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
DEBIAN-CVE-2013-1874
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory...
HawtJNI: predictable temporary file name leading to local arbitrary code execution
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...
VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
No description provided by source. / 0day Discovered by: InTeL Auther: InTeL Attack Vector: SEH overwrite Type: Local Tested on Win2k SP4 English Software: VCDGear v3.56 build 050213 Website: www.vcdgear.com Description: VCDGear is a program designed to allow a user to extract MPEG streams from C...