Смотрите также связанные темы
14.08.2018 CVE-2008-3699
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
10.09.2018 CVE-2008-4018
swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.
03.10.2018 CVE-2008-4440
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on a temporary file.
23.10.2018 CVE-2008-4728
Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.
31.12.2018 Insecure Temporary File Usage Vulnerability in Sun SNMP Management Agent
An insecure temporary file vulnerability in the Sun Simple Network Management Protocol (SNMP) Management Agent may allow a local unprivileged user to overwrite any system file or gain root privileges.
27.01.2018 CVE-2009-0313
winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file.
22.06.2018 CVE-2009-2169
Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.
09.12.2018 2009-12-08 - [slackware-security] kernel (SSA:2009-342-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kernel (SSA:2009-342-01) New Linux kernel packages are available for Slackware 13.0 and -current to address a security issue. A kernel bug discovered by David Ford may allow remote attackers to crash the kernel by sending an oversized IP packet. While the impact on ordinary servers is still unclear (the problem was noticed while running openvasd), we are issuing these kernel packages as a preemptive measure. For more information, see: http://cve.mitre.o...
16.12.2018 CVE-2009-4325
The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "check for null pointers."
03.03.2018 CVE-2010-0156
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.
|
