13 matches found
Ricoh Printer Drivers - Local Privilege Escalation Exploit
/ This proof of concept code monitors file changes on Ricoh's driver DLL files and overwrites a DLL file before the library is loaded CVE-2019-19363. Written by Pentagrid AG, 2019. Cf. https://pentagrid.ch/en/blog/local-privilege-escalation-in-ricoh-printer-drivers-for-windows-cve-2019-19363/...
Stack overflow
Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 through 15.3, when the Venus Spy Trap VST feature is enabled, allows local users to cause a denial of service service...
CVE-2007-3873
Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 through 15.3, when the Venus Spy Trap VST feature is enabled, allows local users to cause a denial of service service...
CVE-2007-3873
Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 through 15.3, when the Venus Spy Trap VST feature is enabled, allows local users to cause a denial of service service...
Design/Logic Flaw
The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST READ access and using ReadDirectoryChangesW to monitor changes of files that d...
CVE-2007-0843
The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST READ access and using ReadDirectoryChangesW to monitor changes of files that d...
CVE-2007-0843
CVE-2007-0843 concerns the ReadDirectoryChangesW API on Windows 2000/XP/2003/Vista. The vulnerability arises because ReadDirectoryChangesW does not check the caller’s permissions for child directories, allowing a user with LIST access to a parent folder to monitor and infer information about file...
CVE-2007-0843
The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST READ access and using ReadDirectoryChangesW to monitor changes of files that d...
Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak
Title: Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak Author: 3APA3A, Affected: Microsoft Windows 2000,XP,2003,Vista Exploitable: Yes Type: Remote from local network, authentication required NULL session was not tested. Class: Information leak CVE: Intro: It's very...
Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak
Title: Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak Author: 3APA3A, http://securityvulns.com Affected: Microsoft Windows 2000,XP,2003,Vista Exploitable: Yes Type: Remote from local network, authentication required NULL session was not tested. Class: Information leak...
Microsoft Windows ReadDirectoryChangesW information leak
ReadDirectoryChangesW API function doesn't check user's privileges for subtree folders, making it's possible for unprivileged user to gather information about sensitive files...
Microsoft Windows XP2003 - ReadDirectoryChangesW Information Disclosure
Microsoft Windows XP2003 - ReadDirectoryChangesW Information Disclosure // source: https://www.securityfocus.com/bid/22664/info Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker may leverage this issue to gain access to potentially sensitive information...
Microsoft Windows XP/2003 - ReadDirectoryChangesW Information Disclosure
// source: https://www.securityfocus.com/bid/22664/info Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker may leverage this issue to gain access to potentially sensitive information about user permissions and accessed files. Information gained may aid in...