15 matches found
EUVD-2018-16919
Malware in sbrugna...
bpf: Remove tst_run from lwt_seg6local_prog_ops.
...
CVE-2010-1239
Foxit Reader before 3.2.1.0401 allows remote attackers to 1 execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and 2 execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836...
SUSE CVE-2010-1240
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...
SUSE CVE-2018-5133
If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes a search. This...
CVE-2013-5582
Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AAv3.2.exe file...
Authentication flaw
Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrupt the client's network...
CVE-2018-5133
If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes a search. This...
CVE-2018-5133
If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes a search. This...
VulnCheck KEV: CVE-2010-1240
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a...
Multiple PDF products Launch Action Command Code Execution (APSB10-15) - Ver2 (CVE-2010-1240)
Portable Document Format PDF is an open file format created by Adobe Systems. A vulnerability has been discovered in Adobe Reader. The vulnerability is due to an error in the Adobe Reader that fails to restrict the contents of one text field in the Launch File warning dialog, which makes it easie...
Open redirect
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...
CVE-2010-1240
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...
firefox break 0day high-risk vulnerabilities: Cross Browser Scripting-vulnerability warning-the black bar safety net
firefox break high-risk vulnerabilities, perform local program. At the same time using IE and firefox users, please note that bug fixes it! Monyer published temporary workaround: put the following code into the Run box, run, or saved as. bat double-click to run, or in cmd run: reg delete...
Apache 2.0 - Encoded Backslash Directory Traversal
Apache 2.0 - Encoded Backslash Directory Traversal source: https://www.securityfocus.com/bid/5434/info A directory traversal vulnerability exists in Apache versions 2.0.39 and earlier on non-Unix platforms potentially including Apache compiled with CYGWIN. Platforms that may be affected by this...