5 matches found
EUVD-2026-26665
An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened...
PT-2013-1117 · Red Hat +3 · Red Hat Jboss Brms +5
Name of the Vulnerable Software and Affected Versions: Apache Commons FileUpload versions affected versions not specified Red Hat JBoss BRMS version 5.3.1 Red Hat JBoss Portal versions 4.3 CP07, 5.2.2, and 6.0.0 Red Hat JBoss Web Server version 1.0.2 Description: The issue affects the DiskFileIte...
commons-fileupload: Arbitrary file upload via deserialization
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...
commons-fileupload: Arbitrary file upload via deserialization
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...
DEBIAN-CVE-2012-2241
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...