execute software vulnerabilities
vulnerabilities.aspcode.net
Searching execute software vulnerabilities
pcnfsd (aka rpc.pcnfsd) allows local users to c
pcnfsd
|
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
IRIX and AIX automountd services (autofsd) allo
automountd
|
services
|
IRIX
|
AIX
|
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
In older versions of Sendmail, an attacker coul
character
|
attacker
|
commands
|
versions
|
Sendmail
|
execute
|
older
|
could
|
root
|
pipe
|
use
|
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
Guessable magic cookies in X Windows allows rem
attackers
|
Guessable
|
commands
|
execute
|
through
|
cookies
|
Windows
|
allows
|
remote
|
xterm
|
magic
|
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
abuse.console in Red Hat 2.1 uses relative path
abuseconsole
|
pathnames
|
arbitrary
|
commands
|
relative
|
program
|
execute
|
points
|
allows
|
Trojan
|
users
|
horse
|
local
|
undrv
|
which
|
path
|
uses
|
find
|
Red
|
Hat
|
via
|
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
O'Reilly WebSite Pro 2.3.7 installs the uploade
O'Reilly
|
WebSite
|
Pro
|
O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe.
DirectoryServices in MacOS X trusts the PATH en
DirectoryServices
|
environment
|
containing
|
directory
|
modifying
|
malicious
|
arbitrary
|
commands
|
variable
|
command
|
program
|
execute
|
trusts
|
locate
|
allows
|
point
|
touch
|
MacOS
|
which
|
users
|
local
|
PATH
|
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.
x11.c in xonix 1.4 and earlier uses the current
arbitrary
|
directory
|
malicious
|
modifying
|
execute
|
program
|
current
|
earlier
|
working
|
allows
|
users
|
point
|
xonix
|
local
|
rmail
|
which
|
find
|
x11c
|
path
|
code
|
uses
|
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
The "Show in Finder" button in the Safari web b
Finder"
|
browser
|
Safari
|
button
|
"Show
|
Mac
|
web
|
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code.
gzexe in gzip 1.3.3 and earlier will execute an
gzexe
|
gzip
|
gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
Extproc in Oracle 9i and 10g does not require a
authentication
|
arbitrary
|
function
|
commands
|
library
|
execute
|
Extproc
|
require
|
allows
|
Oracle
|
local
|
users
|
which
|
load
|
user
|
does
|
10g
|
not
|
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
Microsoft Windows Internet Explorer 5.5 and 6.0
attackers
|
arbitrary
|
Microsoft
|
Internet
|
shortcut
|
embedded
|
Explorer
|
objects
|
execute
|
Windows
|
script
|
Helper
|
allows
|
remote
|
Shell
|
code
|
uses
|
via
|
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
man2web allows remote attackers to execute arbi
arbitrary
|
attackers
|
arguments
|
commands
|
execute
|
man2web
|
allows
|
remote
|
via
|
man2web allows remote attackers to execute arbitrary commands via -P arguments.
Exponent CMS 0.96.3 and later versions performs
Exponent
|
CMS
|
Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote attackers to execute arbitrary code.
Unspecified vulnerability in PEAR installer 1.4
vulnerability
|
Unspecified
|
installer
|
PEAR
|
Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
The Execute function in iMBCContents ActiveX Co
iMBCContents
|
function
|
Control
|
ActiveX
|
Execute
|
before
|
The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler.
The Touch Control ActiveX control 2.0.0.55 allo
ActiveX
|
Control
|
Touch
|
The Touch Control ActiveX control 2.0.0.55 allows remote attackers to read and possibly execute arbitrary files via a "file///" URI in the sPath parameter to the Execute function.
The terminal_helper_execute function in termina
terminal_helper_execute
|
terminal/terminalc
|
Terminal
|
function
|
Xfce
|
The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.
The win32std extension in PHP 5.2.3 does not fo
extension
|
win32std
|
PHP
|
The win32std extension in PHP 5.2.3 does not follow safe_mode and disable_functions restrictions, which allows remote attackers to execute arbitrary commands via the win_shell_execute function.
A certain ActiveX control in BaiduBar.dll in Ba
BaiduBardll
|
containing
|
arbitrary
|
inclusion
|
involving
|
attackers
|
execute"
|
possibly
|
download
|
execute
|
request
|
ActiveX
|
control
|
certain
|
Search
|
remote
|
allows
|
Baidu
|
file
|
code
|
link
|
Soba
|
via
|
Bar
|
A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.
Software vulnerabilities results 1 to 20 of 8679
Page:
1
2
3
4
5
...
434
►