35 matches found
EUVD-2007-4944
Malware in sbrugna...
EUVD-2007-4943
Malware in sbrugna...
EUVD-2010-5212
Malware in sbrugna...
EUVD-2007-4945
Malware in sbrugna...
CVE-2010-5253
Untrusted search path vulnerability in WinImage 8.50 allows local users to gain privileges via a Trojan horse wnaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .imz file. NOTE: some of these details are obtained from third party information...
WinImage DLL Hijacking
Hi @ll, the executable installer winima90.exe and previous versions available from loads and executes CRTdll.dll, UXTheme.dll, RichEd32.dll and WindowsCodecs.dll from its "application directory". Self-extracting executables created with WinImage load and execute CRTdll.dll, UXTheme.dll and MPR.dl...
WinImage 8.0/8.10 - File Handling Traversal Arbitrary File Overwrite
No description provided by source. source: http://www.securityfocus.com/bid/25687/info WinImage is prone to a denial-of-service vulnerability and a directory-traversal vulnerability because the application fails to adequately sanitize user-supplied input. Attackers can exploit these issues to cau...
WinImage 8.0/8.10 - Malformed .IMG File BPB_BytsPerSec Field DoS
No description provided by source. source: http://www.securityfocus.com/bid/25687/info WinImage is prone to a denial-of-service vulnerability and a directory-traversal vulnerability because the application fails to adequately sanitize user-supplied input. Attackers can exploit these issues to cau...
CVE-2010-5253
Untrusted search path vulnerability in WinImage 8.50 allows local users to gain privileges via a Trojan horse wnaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .imz file. NOTE: some of these details are obtained from third party information...
Design/Logic Flaw
Untrusted search path vulnerability in WinImage 8.50 allows local users to gain privileges via a Trojan horse wnaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .imz file. NOTE: some of these details are obtained from third party information...
CVE-2010-5253
Untrusted search path vulnerability in WinImage 8.50 allows local users to gain privileges via a Trojan horse wnaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .imz file. NOTE: some of these details are obtained from third party information...
CVE-2010-5253
CVE-2010-5253 affects WinImage 8.50. A local untrusted search path vulnerability arises from a Trojan horse wnaspi32.dll placed in the current working directory, demonstrated via a directory containing an .imz file. The description notes third-party sources for some details. No exploitation statu...
WinImage 8.10 vulnerabilities
Team Vexillium Security Advisory http://vexillium.org/ Name : WinImage 8.10 Multiple Vulnerabilities Class : Denial of Service and Directory Traversal Threat level : LOW DoS, MED Dir. traversal vuln Discovered : 2007-08-31 Published : 2007-09-15 Credit : j00ru//vx Vulnerable : WinImage 8.10,...
Directory traversal
Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a caref...
CVE-2007-4964
WinImage 8.10 and earlier allows remote attackers to cause a denial of service infinite loop via an invalid BPBBytsPerSec field in the header of a .IMG file...
Directory traversal
Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. dot dot in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder...
Code injection
WinImage 8.10 and earlier allows remote attackers to cause a denial of service infinite loop via an invalid BPBBytsPerSec field in the header of a .IMG file...
CVE-2007-4963
Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a caref...
CVE-2007-4962
Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. dot dot in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder...
CVE-2007-4963
Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a caref...