2 matches found
Symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations in dbdeployer
Impact Users unpacking a tarball through dbdeployer may use a maliciously packaged tarball that contains symlinks to files external to the target. In such scenario, an attacker could induce dbdeployer to write into a system file, thus altering the computer defences. Mitigating factors For the...
Microsoft Security Bulletin (MS00-028)
Microsoft Security Bulletin MS00-028 - -------------------------------------- Procedure Available to Eliminate "Server-Side Image Map Components" Vulnerability Originally Posted: April 21, 2000 Summary ======= A procedure is available to eliminate a security vulnerability affecting several web...