23 matches found
EUVD-2005-1170
Malware in sbrugna...
EUVD-2005-1188
Malware in sbrugna...
EUVD-2005-1171
Malware in sbrugna...
EUVD-2005-1189
Malware in sbrugna...
CVE-2005-1167
Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information...
CVE-2005-1168
DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows remote attackers to overwrite arbitrary files via the bstrSavePath argument...
CVE-2005-1185
Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe...
CVE-2005-1186
Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting XSS attacks...
CVE-2005-1186
Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting XSS attacks...
CVE-2005-1185
CVE-2005-1185 describes an unquoted Windows search path vulnerability in MusicMatch Jukebox versions up to 10.00.2047. Local users can gain privileges by placing a malicious C:\program.exe that is executed by MMFWLaunch.exe when it runs launch.exe. Affected software/function: MusicMatch Jukebox (...
CVE-2005-1186
The CVE-2005-1186 entry affects Musicmatch Jukebox 10.00.2047 and earlier. The root cause is that the software adds the musicmatch.com domain to the Internet Explorer Trusted Sites zone, which can enable unauthorized activities within a domain and is demonstrated via cross-site scripting (XSS) at...
CVE-2005-1185
Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe...
CVE-2005-1168
DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows remote attackers to overwrite arbitrary files via the bstrSavePath argument...
CVE-2005-1168
CVE-2005-1168 affects MusicMatch (DiagCollectionControl.dll) in version 10.00.2047 and earlier. The vulnerability allows remote attackers to overwrite arbitrary files via the bstrSavePath argument, exposing a network-exploitable path with no authentication and compromising integrity (per NVD: AV:...
CVE-2005-1167
Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information...
CVE-2005-1167
Technical details about CVE-2005-1167 are not publicly provided in the supplied documents. The materials only note that Musicmatch 10.00.2047 and earlier store logs in Program Files; no affected versions, exploit info, or fixes are listed. Monitor for updates.
Multiple Musicmatch Jukebox bugs
Unauthorized files access, information leak...
Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch
Hyperdose Security Advisory Name: Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch Systems Affected: Musicmatch v10.00.2047 or earlier according to Yahoo v9.00.5059 and earlier are also affected Severity: Moderate Author: Robert Fly - [email protected] Advisory URL:...
Improper log file storage in Musicmatch software
Hyperdose Security Advisory Name: Improper Log file storage in Musicmatch software Systems Affected: Musicmatch v10.00.2047 or earlier according to Yahoo v9.00.5059 and earlier are also affected Severity: Moderate Author: Robert Fly - [email protected] Advisory URL:...
Arbitrary file overwrite possible by Musicmatch ActiveX control
Hyperdose Security Advisory Name: Arbitrary file overwrite in Musicmatch Systems Affected: Musicmatch v10.00.2047 or earlier according to Yahoo v9.00.5059 and earlier are also affected Severity: Important Author: Robert Fly - [email protected] Advisory URL:...