162 matches found
Installer of Baidu IME may insecurely load Dynamic Link Libraries
Overview Installer of Baidu IME contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#82120115: Installer of Douro Kouji Kanseizutou Check Program may insecurely load Dynamic Link Libraries
Installer of Kouji Kanseizutou Check Program provided by National Institute for Land and Infrastructure Management contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user...
JVN#23389212: Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice may insecurely load Dynamic Link Libraries
Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the...
Installer of SaAT Personal may insecurely load Dynamic Link Libraries
Overview The installer of SaAT Personal provided by NetMove Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. DigiGnome reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...
Reason Core Security v1.2.0.1 - Path Privilege Escalation
Document Title: =============== Reason Core Security v1.2.0.1 - Path Privilege Escalation References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2003 Release Date: ============= 2016-11-14 Vulnerability Laboratory ID VL-ID: ====================================...
Intel(R) HD Graphics 10.18.10.4358 Privilege Escalation
===================================================== Exploit Title : IntelR HD Graphics - Unquoted Service Path Privilege Escalation Date Discovered : 2016-10-14 Affected Products: Intel Atom Product: IntelR HD Graphics - Software 10.18.10.4358 Exploitation Technique: Local Severity Level: Mediu...
Intel(R) HD Graphics 10 - Path Privilege Escalation
Document Title: =============== IntelR HD Graphics 10 - Path Privilege Escalation References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1981 Release Date: ============= 2016-11-02 Vulnerability Laboratory ID VL-ID: ==================================== 1981...
The installer of e-Tax Software may insecurely load Dynamic Link Libraries
Overview The installer of e-Tax Software provided by National Tax Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the...
Restore Fails for Database with Consecutive Backslash Characters in File Path
Challenge Veeam Explorer for Microsoft SQL Server reports the error: Inconsistent database metadata. See the log for details. Cause One or more database file paths contained multiple consecutive backslash characters when the SQL server was backed up. Solution Clarifying Issue This issue cannot be...
CVE-2016-0947
CVE-2016-0947 is an untrusted search path vulnerability in Adobe Download Manager as used by Adobe Reader and Acrobat . Affected products include Windows and macOS versions: after older builds, specifically before 11.0.14 and before 15.006.30119 (Acrobat/Acrobat Reader DC Classic) and before 15.0...
CVE-2015-3145
The sanitizecookiepath function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service out-of-bounds write and crash or possibly have other unspecified impact via a cookie path containing only a double-quote...
Foxit Reader 7.0.6.1126 Privilege Escalation
Foxit Reader 7.0.6.1126 Unquoted Service Path Elevation Of Privilege Vendor: Foxit Software Incorporated Product web page: http://www.foxitsoftware.com Affected version: 7.0.6.1126 and 6.1 Summary: Foxit Reader is a small, lightning fast, and feature rich PDF viewer which allows you to create...
Nortel Networks Optivity NETarchitect 2.0 PATH Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/907/info NETarchitect is an application for simplifying the task of designing and deploying complex switched network system configurations, produced by Nortel Networks and usually shipped with the Optivity Network...
Mandriva Update for lsb-release MDVA-2011:004 (lsb-release)
Check for the Version of lsb-release OpenVAS Vulnerability Test Mandriva Update for lsb-release MDVA-2011:004 lsb-release Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora 13 : gromacs-4.5.2-2.fc13 (2010-17256)
Fix upgrade path issue caused by branching of libs. Upgrade to 4.5.2, fixing CVE-2010-4001 and a bunch of other bugs. See full release notes at http://www.gromacs.org/AboutGromacs/ReleaseNotes/Versions4.5.x . Note that Tenable Network Security has extracted the preceding description block directl...
Sleipnir and Grani may insecurely load dynamic libraries
Overview Sleipnir and Grani may use unsafe methods for determining how to load DLLs. Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurel...
CVE-2008-2613
Unspecified vulnerability in the Database Scheduler component in Oracle Database 10.2.0.4 and 11.1.0.6 has unknown impact and local attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this is an...
PT-2006-7152 · Rad · Radupload
Name of the Vulnerable Software and Affected Versions: Rad Upload version 3.02 Description: A remote file inclusion issue exists due to the handling of the save path parameter in the upload.php file. This could potentially allow remote attackers to execute arbitrary PHP code by providing a URL in...
Microsoft Windows NT2000 - cmd.exe CD Buffer Overflow (PoC)
Microsoft Windows NT2000 - cmd.exe CD Buffer Overflow PoC source: https://www.securityfocus.com/bid/6829/info The Windows NT and 2000 command prompt cmd.exe does not properly handle paths containing more than 256 characters. If the cd change directory command is used to change to a subdirectory...
Kaspersky Antivirus DoS
Title: Kaspersky Antivirus DoS Author: ZARAZA Affected: Kaspersky Antivirus 4.0.9.0 Server and Workstation version on Windows NT 4.0 and Windows 2000. Vendor: Kaspersky Lab Date: January, 30 2003 Risk: Average Exploitable: Yes Remote: Yes for server versions Vendor Notified: January, 30 2003 I...