Lucene search
K

3051 matches found

0day.today
0day.today
added 2005/01/11 12:0 a.m.20 views

MS Windows Improper Token Validation Local Exploit (working)

Exploit for unknown platform in category local exploits ============================================================ MS Windows Improper Token Validation Local Exploit working ============================================================ / Removed include "stdafx.h" / str0ke / include include defi...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2005/01/11 12:0 a.m.43 views

Microsoft Windows - Improper Token Validation Privilege Escalation

/ Removed include "stdafx.h" / str0ke / include include define INFOBUFFERSIZE MAXCOMPUTERNAMELENGTH + 1 define PATHSIZE INFOBUFFERSIZE + MAXPATH + 4 typedef UINT WINAPI PFnMsiInstallProductLPCSTR szPackagePath, LPCSTR szCommandLine; int mainint argc, char argv HANDLE hToken,hThread; HMODULE hMsi ...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2004/12/22 5:0 a.m.19 views

CVE-2004-1149

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions ACLs, which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe...

6.6AI score0.0041EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/12/15 12:0 a.m.49 views

Microsoft Security Bulletin MS04-044 Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

Microsoft Security Bulletin MS04-044 Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege 885835 Issued: December 14, 2004 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Elevation of Privilege Maximum...

7.2CVSS0.9AI score0.03629EPSS
Exploits1
securityvulns
securityvulns
added 2004/12/02 12:0 a.m.72 views

Microsoft Security Bulletin MS04-040 Cumulative Security Update for Internet Explorer (889293)

Microsoft Security Bulletin MS04-040 Cumulative Security Update for Internet Explorer 889293 Issued: December 1, 2004 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...

10CVSS0.6AI score0.67061EPSS
Exploits4
securityvulns
securityvulns
added 2004/02/03 12:0 a.m.81 views

Microsoft Security Bulletin MS04-004

Microsoft Security Bulletin MS04-004 Cumulative Security Update for Internet Explorer 832894 Issued: February 2, 2004 Version: 1.0 Summary Who should read this document: Customers who are using Microsoft® Internet Explorer Impact of vulnerability: Remote Code Execution Maximum Severity Rating:...

10CVSS8.3AI score0.39211EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2004/01/15 12:0 a.m.18 views

Free Community Detection

Free Community is installed on the remote host. This is an adware program that monitors web traffic, and replaces banner advertisements with advertisements of its choosing. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12014; scriptversion"1.15";...

5.5AI score
Exploits0References1
NVD
NVD
added 2003/07/24 4:0 a.m.20 views

CVE-2003-0359

nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code...

4.6CVSS6.2AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2003/06/16 4:0 a.m.16 views

CVE-2003-0365

ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs...

4.6CVSS6.6AI score0.00312EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/05/29 12:0 a.m.227 views

ICQLite executable trojaning

bugtraq@, Title: ICQ Lite executable trojaning Affected: ICQLite 2003a Vendor: ICQ Inc Vendor URL: http://www.icq.com Risk: Average Exploitable: Yes Remote: No Date: May, 29 2003 Advisory URL: http://www.security.nnov.ru/advisories/icqlite.asp I. Intro: ICQ Lite is popular internet messenger...

1.3AI score
Exploits0
exploitpack
exploitpack
added 2003/04/23 12:0 a.m.14 views

SAP Database 7.37.4 - SDBINST Race Condition

SAP Database 7.37.4 - SDBINST Race Condition source: https://www.securityfocus.com/bid/7421/info SAP Database SDBINST has been reported prone to a race condition vulnerability. It has been reported that the SAP Database install tool SDBINST may perform operations non-atomically when installing th...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/11/18 12:0 a.m.9 views

TFTPD32 2.50 - Arbitrary File DownloadUpload

TFTPD32 2.50 - Arbitrary File DownloadUpload source: https://www.securityfocus.com/bid/6198/info A vulnerability has been discovered in Tftpd32 which allows a remote attacker to download and upload arbitrary system files. The ability to upload system files may allow an attacker to replaced key...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/09/27 12:0 a.m.54 views

3Com® HomeConnect® Cable Modem Denial of Service

INFO: ====================================================== object class Failure to Handle Exceptional Conditions remote Yes local No vulnerable: 3Com® HomeConnect® Cable Modem External with USB 3CR29223 -- DISCONTINUED Not Tested: 3CR29223-A -- DISCONTINUED DISCUSSION:...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2001/01/10 12:0 a.m.41 views

Advisory: PGP 7.0 signature verification vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Product: Pretty Good Privacy Severity: Medium to high Impact: Users with write access to signed exported key blocks may replace them with arbitrary keys without any warning being issued upon import of those keys Local: Yes Remote: No though...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2000/08/12 12:0 a.m.29 views

VariCAD 7.0 premission vulnerability

Content-Type: premission/vulnerability Date : 10/08/2000 18:34 Sender : Narrow [email protected] Subject : VariCAD 7.0 premission vulnerability X-System : Red Hat 6.0 X-Status : Narrow-ADV-07 DESCRIPTION VariCAD is a CAD for mechanical engineering for both 2D and 3D. VariCAD 7.0 is shipped with Re...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2000/05/25 12:0 a.m.20 views

Omnis Studio 2.4 - Weak Database Field Encryption

Omnis Studio 2.4 - Weak Database Field Encryption source: https://www.securityfocus.com/bid/1255/info Omnis Studio 2.4 is a development tool for creating database applications. The tool gives developers the option to encrypt database entries. However, the encryption scheme used is weak and easily...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/05/05 12:0 a.m.44 views

Проблемы с eToken

При наличии физического доступа к устройству возможно подменить PIN/ключ доступа путем перепрошивки EPROM...

0.6AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/03/22 5:0 a.m.18 views

CVE-1999-0998

Cisco Cache Engine allows an attacker to replace content in the cache...

6.5AI score0.01306EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2000/02/25 12:0 a.m.35 views

ssh-xauth.txt

The default SSH configuration for SSH1 and SSH2 allow for remote controlling of X sessions through X forwarding. All children of the SSH connection are able to tunnel X11 sessions through the X tunnel to the client X11 session. This is accomplished by running xauth upon logging in. If xauth is...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2000/01/01 12:0 a.m.6 views

KB4599861: Setup Dynamic Update for Windows 10, version 2004 and 20H2: February 2, 2021

KB4599861: Setup Dynamic Update for Windows 10, version 2004 and 20H2: February 2, 2021 Summary This update makes improvements to Setup binaries or any files that Setup uses for feature updates in Windows 10, version 2004 and 20H2. How to get this update This update is available through Windows...

6.9AI score
Exploits0
Rows per page
Query Builder