CVE-2007-0732

Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to the Mach task port."...

CVE-2007-0732

CVE-2007-0732 affects Apple Mac OS X 10.4–10.4.9, via the CoreServices/CarbonCore subsystem. The vulnerability is a local privileges escalation caused by an unspecified flaw that allows a local user to obtain a send right to the Mach task port, enabling elevation of privileges. Affected component...

Internet cafe management software reproduction of vulnerability-vulnerability warning-the black bar safety net

Internet cafe management software is again exposed with the accounting loopholes, and this vulnerability than six months ago that the more concealed, by the operation, can achieve one hour of money for unlimited Internet access. Reported material said, in the stone floor of the bridge all the...

Code injection

snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, as demonstrated by changing an administrative password via the changeup task, and by uploading PHP code via the imagefile parameter...

USN-395-1: Linux kernel vulnerabilities

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has only be fixed for Ubuntu 6.10; the corresponding fix for Ubuntu 5.10 and 6.06 will foll...

iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability

Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability iDefense Security Advisory 12.01.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 01, 2006 I. BACKGROUND Novell Inc's ZENworks is a set of tools used to automate IT management and business processes across...

MS Windows XP Task Scheduler (.job) Universal Exploit (MS04-022)

No description provided by source. / HOD-ms04022-task-expl.c: MS04-022 Microsoft Windows XP Task Scheduler .job Universal Exploit Exploit version 0.1 coded by .:: houseofdabus ::. at inbox dot ru ------------------------------------------------------------------- Tested on: - Internet Explorer 6....

CVE-2006-4392

The Mach kernel, as used in operating systems including 1 Mac OS X 10.4 through 10.4.7 and 2 OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task addre...

Mac OS X <= 10.4.7 Mach Exception Handling Local Root Exploit

Exploit for macOS platform in category local exploits ============================================================= Mac OS X include include include extern booleant excservermachmsgheadert , machmsgheade...

Apple Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation

/ excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are invalidated, to make sure unauthorized processes do not retain control o...

Simple manual to create the ultimate Trojan horse—talk for some back door of the simple modifications-vulnerability warning-the black bar safety net

First talk about the Radmin That Radmin was a good thing, I also recently discovered this stuff benefits, such as not to be killed, management is very convenient, speed is also very fast, simple configuration...... Anyway, I see a lot of the Administrator's selection of this. Although is a good...

Windows Task Scheduler buffer overflow

Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...

Windows Task Scheduler buffer overflow

Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...

Windows Task Scheduler buffer overflow

Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...

Windows Task Scheduler buffer overflow

Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...

CVE-2006-4092

Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended Internet Explorer environment, which allows local users to perform unauthorized actions by visiting a web site that executes a JavaScript window.blur loop to remove focus from the browser window, then...

CVE-2006-4092

Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended Internet Explorer environment, which allows local users to perform unauthorized actions by visiting a web site that executes a JavaScript window.blur loop to remove focus from the browser window, then...

Simpliciti Locked Browser Jail Breakout Vulnerability

Simpliciti Locked Browser Jail Breakout Vulnerability ESRL Discovery Date: March 20, 2006 Discovery By: Adam Baldwin [email protected] Versions Effected: All versions Background: Simpliciti Locked Browser is a product that provides "no-programming required PC lockdown..." functionality f...

CVE-2006-3958

Multiple unspecified cross-site scripting XSS vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via 1 the Search Tasks system, or authenticated users via 2 the Edit Task system, 3 the back-end Category Editor system, and 4 "Pages that display task...

CVE-2006-3958

Multiple unspecified cross-site scripting XSS vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via 1 the Search Tasks system, or authenticated users via 2 the Edit Task system, 3 the back-end Category Editor system, and 4 "Pages that display task...