Lucene search
+L

2903 matches found

cve
cve
added 2009/11/24 5:0 p.m.55 views

CVE-2009-3577

Autodesk 3DS Max applications (versions 6–9 and 2008–2010) are affected by a vulnerability in MaxScript application callbacks that allows remote code execution when a crafted .max file embeds a MAXScript statement invoking DOSCommand. Root cause: unsanitized data binding of MaxScript to callbacks...

9.3CVSS7.5AI score0.05086EPSS
Exploits6References4Affected Software1
seebug
seebug
added 2009/11/24 12:0 a.m.28 views

Autodesk 3ds Max应用回调远程代码执行漏洞

BUGTRAQ ID: 36634 CVE ID: CVE-2009-3577 Autodesk 3D Max是在视频游戏、电影、多媒体和web内容开发中广泛应用的建模和动画软件包。 Autodesk 3D Max提供了内嵌的脚本语言MaxScript。3D Max允许用户将MaxScript绑定到应用回调上,如果用户受骗打开了嵌入有MaxScript应用回调的.max文件,就会导致执行任意代码。 Autodesk 3DS Max 9 Autodesk 3DS Max 8 Autodesk 3DS Max 7 Autodesk 3DS Max 6 Autodesk 3DS Max 201...

9.3CVSS6.4AI score0.05086EPSS
Exploits6
zdt
zdt
added 2009/11/23 12:0 a.m.63 views

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

Exploit for unknown platform in category local exploits ================================================================== Autodesk 3DS Max Application Callbacks Arbitrary Command Execution ================================================================== Title: Autodesk 3DS Max Application...

6.8AI score0.05086EPSS
Exploits6
seebug
seebug
added 2009/11/23 12:0 a.m.51 views

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk 3DS Max Application Callbacks Arbitrary Command Execution 1. Advisory Information Title: Autodesk 3DS Max Application...

9.3CVSS6.5AI score0.05086EPSS
Exploits6
exploitdb
exploitdb
added 2009/11/23 12:0 a.m.57 views

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution. CVE-2009-3577. Local exploit for windows platform -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk 3DS Max Application Callbacks Arbitrary...

9.3CVSS0.7AI score0.05086EPSS
Exploits6
coresecurity
coresecurity
added 2009/11/23 12:0 a.m.38 views

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

Advisory ID Internal CORE-2009-0909 Core Security - CoreLabs Autodesk 3DS Max Application Callbacks Arbitrary Command Execution 1. Advisory Information Title: Autodesk 3DS Max Application Callbacks Arbitrary Command Execution Advisory Id: CORE-2009-0909 Advisory...

9.3CVSS7.1AI score0.05086EPSS
Exploits6
ptsecurity
ptsecurity
added 2009/11/23 12:0 a.m.5 views

PT-2009-6201 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.2.12 PHP versions 5.3.x prior to 5.3.1 Description: The issue allows remote attackers to cause a denial of service due to resource exhaustion by creating multiple temporary files when handling a multipart/form-data POS...

10CVSS6.1AI score0.12041EPSS
Exploits12References65
checkpoint_advisories
checkpoint_advisories
added 2009/11/15 12:0 a.m.24 views

CVS Max-dotdot Protocol Command Integer Overflow (CVE-2004-0417)

Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...

5CVSS7.5AI score0.03069EPSS
Exploits0
exploitpack
exploitpack
added 2009/10/23 12:0 a.m.13 views

Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution

Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution source: https://www.securityfocus.com/bid/36634/info Autodesk 3ds Max is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application. This issue affects the following: 3ds...

1.1AI score
Exploits0
exploitdb
exploitdb
added 2009/10/23 12:0 a.m.23 views

Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution

source: https://www.securityfocus.com/bid/36634/info Autodesk 3ds Max is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application. This issue affects the following: 3ds Max 6 through 9 3ds Max 2008 through 2010 Other versions may also be...

7.4AI score
Exploits0
openvas
openvas
added 2009/10/11 12:0 a.m.35 views

SLES11: Security update for MySQL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libmysqlclient15 libmysqlclientr15 mysql mysql-Max mysql-client More details may also be found by searching for the SuSE Enterprise Server 11 patch database...

8.5CVSS0.1AI score0.10586EPSS
Exploits3References2
openvas
openvas
added 2009/10/11 12:0 a.m.27 views

SLES11: Security update for MySQL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libmysqlclient15 libmysqlclientr15 mysql mysql-Max mysql-client More details may also be found by searching for the SuSE Enterprise Server 11 patch database...

8.5CVSS9.5AI score0.10586EPSS
Exploits3References3
openvas
openvas
added 2009/10/10 12:0 a.m.27 views

SLES9: Security update for MySQL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: mysql-devel mysql mysql-Max For more information, please visit the referenced security advisories. More details may also be found by searching for keyword...

4.6CVSS6.5AI score0.02328EPSS
Exploits0
metasploit
metasploit
added 2009/09/14 6:46 p.m.24 views

pSnuffle Packet Sniffer

This module sniffs passwords like dsniff did in the past This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework dsniff was helping me very often. Too bad that it doesn't work correctly anymore. Psnuffle should bring password...

7.3AI score
Exploits0
atlassian
atlassian
added 2009/08/26 1:55 p.m.20 views

Add a password lockout feature

Confluence does not prevent someone from making a script that tries every possible password combination for a Confluence account. There should be an option to set a max attempts and then lock out the user from the system. This is obviously a security problem as Confluence within most companies us...

1AI score
Exploits0Affected Software1
nessus
nessus
added 2009/08/03 12:0 a.m.99 views

PCI DSS compliance : options settings

This plugin reports the values of a few important scan settings if PCI DSS compliance checks are enabled. These scan settings are preset based on the scan template you have selected, but in some cases may be overriden. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...

5.5AI score
Exploits0
xssed
xssed
added 2009/07/25 12:0 a.m.14 views

Unfixed XSS vulnerability at www.thesixthaxis.com

Security researcher Max Dietz, has submitted on 25/07/2009 a cross-site-scripting XSS vulnerability affecting www.thesixthaxis.com, which at the time of submission ranked 33891 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/06/2010. It is...

Exploits0References1
zdt
zdt
added 2009/07/24 12:0 a.m.32 views

Pixaria Gallery 2.3.5 (file) Remote File Disclosure Exploit

Exploit for unknown platform in category web applications =========================================================== Pixaria Gallery 2.3.5 file Remote File Disclosure Exploit =========================================================== ?php iniset"maxexecutiontime",0; printr' || || | || o,7 || . ...

7.1AI score
Exploits0
redhat
redhat
added 2009/05/18 2:57 p.m.5 views

kernel: nfsv4 client can be crashed by stating a long filename

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...

4.9CVSS6.1AI score0.00411EPSS
Exploits0References4
zdt
zdt
added 2009/05/18 12:0 a.m.34 views

Jieqi CMS <= 1.5 Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================== Jieqi CMS Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 ?php printr'...

7.1AI score
Exploits0
Rows per page
Query Builder