EUVD-2012-5231

Malware in sbrugna...

Microsoft Windows: Service: Problem Reports and Solutions Control Panel Support

The service SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.109268";...

abrt: does not validate contents of uploaded problem reports

It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other...

abrt: does not validate contents of uploaded problem reports

It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other...

CVE-2012-5308

Cross-site request forgery CSRF vulnerability in servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 allows remote attackers to hijack the authentication of arbitrary users for requests that create problem reports via a getReportProblem upload action...

CVE-2012-5308

Cross-site request forgery CSRF vulnerability in servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 allows remote attackers to hijack the authentication of arbitrary users for requests that create problem reports via a getReportProblem upload action...

CVE-2012-5308

The CVE-2012-5308 entry concerns IBM Lotus Notes Traveler (servlet/traveler) with a CSRF vulnerability that, through to version 8.5.3.3 Interim Fix 1, allows remote attackers to hijack the authentication of arbitrary users via requests that create problem reports using a getReportProblem upload a...