9 matches found
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Audacity vulnerability (USN-7211-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7211-1 advisory. Mike Salvatore discovered that Audacity incorrectly handled default permissions of temporary files created by the application. An attacker...
PT-2022-10609 · Unknown · Ansible-Runner
Name of the Vulnerable Software and Affected Versions: ansible-runner version 2.0.0 Description: A flaw was found in ansible-runner where the default temporary files configuration is written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading...
Adobe Premiere Elements Elevation of Privilege Vulnerability
Adobe Premiere Elements is a video editing software. An elevation of privilege vulnerability exists in Adobe Premiere Elements 5.2 and earlier versions. The vulnerability originates from the creation of temporary files in a directory with incorrect permissions. An attacker can exploit the...
The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process allows a perpetrator to execute arbitrary code with SYSTEM privileges.
The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process for Windows involves the creation of temporary files with insecure permissions. Exploiting this vulnerability allows a hacker to execute arbitrary code with SYSTEM privileges...
The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process allows a perpetrator to execute arbitrary code with SYSTEM privileges.
The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process for Windows involves the creation of temporary files with insecure permissions. Exploiting this vulnerability allows a hacker to execute arbitrary code with SYSTEM privileges...
CVE-2021-23331
This affects all versions of package com.squareup:connect. The method prepareDownloadFilecreates creates a temporary file with the permissions bits of -rw-r--r-- on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file...
Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-88)
Multiple flaws were discovered in the CORBA Common Object Request Broker Architecture implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. CVE-2012-1711 , CVE-2012-1719 It was discovered that the...
RHEL 6 : java-1.7.0-openjdk (RHSA-2012:1009)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1009 advisory. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in...
GLSA-200410-17 : OpenOffice.org: Temporary files disclosure
The remote host is affected by the vulnerability described in GLSA-200410-17 OpenOffice.org: Temporary files disclosure On start-up, OpenOffice.org 1.1.2 creates a temporary directory with insecure permissions. When a document is saved, a compressed copy of it can be found in that directory. Impa...