18 matches found
EUVD-2004-1395
Malware in sbrugna...
EUVD-2006-4788
Malware in sbrugna...
CVE-2006-4866
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument...
Roxio Toast 7 DejaVu Component PATH Variable Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19596/info Roxio Toast is prone to a local privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. As a result, local users may set their own search path for external applications tha...
CVE-2006-4866
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument...
CVE-2006-4866
CVE-2006-4866: Buffer overflow in Apple OS X kextload (used by TDIXSupport in Roxio Toast Titanium) can allow a local user to execute arbitrary code via a long extension argument. Exploitation is local with low complexity and no authentication; CVSS notes partial impact to confidentiality, integr...
CVE-2006-4801
Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavumanual.rb, which are executed with raised privileges...
CVE-2006-4801
CVE-2006-4801 describes a race condition in Deja Vu, used in Roxio Toast Titanium 7 (and possibly other products), where temporary files (including dejavu_manual.rb) are executed with elevated privileges, allowing local users to execute arbitrary code. The details specify a local-privilege-elevat...
Roxio Toast 7 privilege escalation
External applications are launched with relative path...
[Full-disclosure] [NETRAGARD-20060822 SECURITY ADVISORY] [ APPLE COMPUTER CORPORATION KEXTLOAD VULNERABILITY + ROXIO TOAST TITANUM 7 HELPER APP - LOCAL ROOT COMROMISE]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netragard, L.L.C Advisory Strategic Reconnaissance Team ------------------------------------------------ http://www.netragard.com -- "We make I.T. Safe." About Netragard - ---------------------------------------------------------------------- Netragar...
ROXIO_RACE_NETRAGARD-20060624.txt
Netragard, L.L.C Advisory 09/11/2006 Strategic Reconnaissance Team ------------------------------------------------ http://www.netragard.com -- "We make I.T. Safe." About Netragard ---------------------------------------------------------------------- Netragard is a unique I.T. Security company...
[Full-disclosure] [NETRAGARD-20060624 SECURITY ADVISORY] [ ROXIO TOAST 7 TITANIUM LOCAL ROOT COMPROMISE - DEJA VU RACE CONDITION]
Netragard, L.L.C Advisory 09/11/2006 Strategic Reconnaissance Team ------------------------------------------------ http://www.netragard.com -- "We make I.T. Safe." About Netragard ---------------------------------------------------------------------- Netragard is a unique I.T. Security company...
Roxio Toast 7 - DejaVu Component PATH Variable Privilege Escalation
Roxio Toast 7 - DejaVu Component PATH Variable Privilege Escalation source: https://www.securityfocus.com/bid/19596/info Roxio Toast is prone to a local privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. As a result, local users may set their own search...
[Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netragard, L.L.C. -- Vulnerability Research and Exploitation Team www.netragard.com Advisory Information - ---------------------------------------------------------------------- Contact: : Adriel T. Desautels Advisory ID : NETRAGARD-20060624 Product...
Roxio Toast 7 - DejaVu Component PATH Variable Privilege Escalation
source: https://www.securityfocus.com/bid/19596/info Roxio Toast is prone to a local privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. As a result, local users may set their own search path for external applications that are called by setuid programs th...
CVE-2004-1398
CVE-2004-1398 describes a format string vulnerability in prelink.c within kextload on Apple OS X, used by TDIXSupport in Roxio Toast Titanium and possibly other products. The underlying issue arises from format string specifiers in the extension argument, enabling local users to execute arbitrary...
Roxio Toast format string bug
TDIXSupport suid application format string bug...
Possible local root vulnerability in Roxio Toast on Mac OS X
Possible local root vulnerability in Roxio Toast on Mac OS X By fintler [email protected] Summary: There is a format string bug in the binary /Library/Application Support/Roxio/TDIXSupport. It is installed suid root by default and may be exploited by finding the offset and overwriting the stack...