Смотрите также связанные темы
14.08.2018 CVE-2008-3699
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
10.09.2018 CVE-2008-4018
swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.
03.10.2018 CVE-2008-4440
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on a temporary file.
23.10.2018 CVE-2008-4728
Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.
31.12.2018 Insecure Temporary File Usage Vulnerability in Sun SNMP Management Agent
An insecure temporary file vulnerability in the Sun Simple Network Management Protocol (SNMP) Management Agent may allow a local unprivileged user to overwrite any system file or gain root privileges.
27.01.2018 CVE-2009-0313
winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file.
14.02.2018 AIX at information disclosure vulnerability
A local attacker may exploit this error to read any file on the system because the command is setuid root.
28.04.2018 HPSBMA02424 SSRT080125 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1SUPPORT COMMUNICATION - SECURITY BULLETINDocument ID: c01723303Version: 1HPSBMA02424 SSRT080125 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary CodeNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.Release Date: 2009-04-27Last Updated: 2009-04-27Potential Security Impact: Remote execution of arbitrary codeSource: Hewlett-Packard Company, HP Software Security Response TeamVULNERABILITY SUMMARYA potential vulnerability has been identified with HP OpenView Network Node Man...
22.06.2018 CVE-2009-2169
Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.
03.03.2018 CVE-2010-0156
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.
|
