8056 matches found
MS10-100: Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)
The Consent User Interface UI component of the remote Windows host does not properly process a registry key that has been set to a specific value. An attacker who can log on locally to the affected system and has the 'Impersonate a client after authentication' user right SeImpersonatePrivilege ca...
Microsoft Windows multiple security vulnerabilities
OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS...
Consent User Interface Privilege Escalation Vulnerability (2442962)
This host is missing a critical security update according to Microsoft Bulletin MS10-100. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows Consent User Interface Registry Key Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in Consent User Interface. An attacker can exploit this issue to execute arbitrary code with 'LocalSystem' privileges. Successful exploits will result in the complete compromise of affected computers...
UBUNTU-CVE-2010-4208
Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf...
Joomla Biblioteca 1.0 Beta SQL Injection
Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities Name Biblioteca Vendor http://www.cielostellato.info Versions Affected 1.0 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-08-21 X. IND...
Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections
Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities Name Biblioteca Vendor http://www.cielostellato.info Versions Affected 1.0 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net...
Onpub web content management Multiple Vulnerabilty
Exploit for php platform in category web applications ================================================== Onpub web content management Multiple Vulnerabilty ================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\...
Mozilla nsTreeSelection dangling pointer remote code execution vulnerability
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-fre...
Pulling Back the Curtain on Rogue AV Tech Support
We’ve blogged a few times about rogue AV, explaining how search engines have been abused using Black Hat Search Engine Optimization techniques to redirect web surfers to rogue AV websites. Recently, we’ve noticed that the rogue AVs being spread are all equipped with an “Online Support” button. Se...
Fedora Update for gv FEDORA-2010-10642
Check for the Version of gv OpenVAS Vulnerability Test Fedora Update for gv FEDORA-2010-10642 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...
CVE-2010-1757
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document...
CMS control panel v2.0 Edit File Vulnerability
Exploit for php platform in category web applications ============================================== CMS control panel v2.0 Edit File Vulnerability ============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /...
iRealty PHP Real Estate Script SQL Injection
Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: iRealty PHP Real Estate Script PHP Script SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.worksforweb.com Greetz to:Sid3^effects, MaYur, M4n0j and to all ICW members DESCRIPTION: iRealty Real Estate Script is a...
Newt: User-assisted execution of arbitrary code
Background Newt is a library for displaying text mode user interfaces. Description Miroslav Lichvar reported that Newt is prone to a heap-based buffer overflow in textbox.c. Impact A remote attacker could entice a user to enter a specially crafted string into a text dialog box rendered by Newt,...
CVE-2010-1985
Multiple cross-site scripting XSS vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...
Solaris 9 (sparc) : 144323-01
SunOS 5.9: Resource Management User Interface Patch. Date this patch was last updated by Sun : May/03/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc...
Design/Logic Flaw
Unspecified vulnerability in the User Interface Components in Oracle Collaboration Suite 10.1.2.4 allows remote attackers to affect integrity via unknown vectors...
firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...
firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...