18 matches found
EUVD-2008-1570
Malware in sbrugna...
EUVD-2005-1761
Malware in sbrugna...
Tenable Identity Exposure Secure Relay Operating System Command Injection Vulnerability
Tenable Identity Exposure Secure Relay is a schema for transferring Active Directory data from the network to Tenable Identity Exposure using Transport Layer Security TLS from Tenable USA. A security vulnerability exists in Tenable Identity Exposure Secure Relay versions prior to 3.59.4, which...
HPE Moonshot Provisioning Manager Local Arbitrary File Modification Vulnerability
HPE Moonshot Provisioning Manager is an application for managing HPE Moonshot systems from Hewlett Packard Enterprise HPE. A local arbitrary file modification vulnerability exists in HPE Moonshot Provisioning Manager versions prior to 1.24, which can be exploited by a local attacker to modify...
CVE-2018-7073
A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24...
CVE-2016-2877
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file...
KLA10077 WLF vulnerability in Apple iTunes
A permissions vulnerability was found in Apple iTunes. By exploiting this vulnerability malicious users can modify local files. This vulnerability can be exploited locally via standard file system operations. Original advisories Apple bulletin Related products Apple-iTunes CVE list CVE-2014-1347...
CVE-2001-1593
The tempnameensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spyuser function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file...
Information disclosure
The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information...
CVE-2010-4338
ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine...
CVE-2010-4338
ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine...
Code injection
policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket...
CVE-2005-3111
The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack...
CVE-2005-1759
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751...
CVE-2001-1409
Vulnerability CVE-2001-1409 affects XFree86 Xserver 4.1.0-2 where dexconf creates /dev/dri with insecure permissions (666). This allows local users to replace or create files on the root filesystem. Red Hat advisories RHSA-2003:064/065/067 reference updated XFree86 packages and fixes; the issue i...
CVE-2002-0334
xtell xtelld 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file...
CVE-2000-0067
CyberCash Merchant Connection Kit MCK allows local users to modify files via a symlink attack...
CVE-1999-0857
FreeBSD gdc program allows local users to modify files via a symlink attack...