Searching replace software vulnerabilities

A Windows NT user has inappropriate rights or p

inappropriate | Unsolicited | Workstation | Environment | privileges | Permanent | Ownership | Generate | Pagefile | Priority | Shutdown | Security | Increase | Profile | Process | Replace | Windows | Restore | Driver | Memory | rights | Remote | Single | System | Change | Object | Backup | Create | Debug | Token | Input | Audit | Quota | user | Take | Time | Load | Lock | Name | Act | has | Add |

A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.


The FSserial, FlagShip_c, and FlagShip_p progra

world-writeable | FlagShip_p | FlagShip_c | installed | programs | FSserial | FlagShip | replace | package | Trojan | horses | allows | local | which | users | them |

The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses.


OpenLDAP 1.2.11 and earlier improperly installs

OpenLDAP |

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.


Trustix installs the httpsd program for Apache-

world-writeable | permissions | Apache-SSL | installs | replace | Trustix | program | Trojan | httpsd | allows | horse | which | local | users |

Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.


dexconf in XFree86 Xserver 4.1.0-2 creates the

permissions | directory | /dev/dri | insecure | creates | XFree86 | dexconf | Xserver | 410-2 |

dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.


Windows File Protection (WFP) in Windows 2000 a

Protection | Windows | File |

Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.


Unknown vulnerability in the regex_replace modi

regex_replace | vulnerability | modifier | Unknown |

Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code.


The find_replen function in jsstr.c in the the

find_replen | Javascript | function | Mozilla | engine | jsstrc | Suite |

The find_replen function in jsstr.c in the the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.


Firefox before 1.0.3, Mozilla Suite before 1.7.

Firefox | before |

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2."


zboard.php in Zeroboard version 4.1pl2 to 4.1pl

preg_replace | attackers | arbitrary | zboardphp | Zeroboard | improper | function | quoting | execute | version | allows | remote | using | 41pl2 | 41pl5 | code | via | PHP |

zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attackers to execute arbitrary PHP code via improper quoting when using the preg_replace function.


usercp_register.php in phpBB 2.0.17 allows remo

usercp_registerphp | phpBB |

usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.


Integer overflow in the do_replace function in

"virtualization | copy_from_user | CAP_NET_ADMIN | solutions" | do_replace | netfilter | overflow | function | 2616-rc3 | Integer | allows | buffer | rights | before | OpenVZ | using | cause | local | users | Linux | such |

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.


Multiple directory traversal vulnerabilities in

vulnerabilities | iCalendar | traversal | directory | Multiple | PHP |

Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, 2.1, and 2.2 allow remote attackers to include arbitrary files via the (1) getdate and possibly other parameters used in the replace_files function in search.php and (2) $file variable as used in the parse function in functions/template.php.


The spellchecker (spellcheck.php) in DokuWiki 2

spellchecker |

The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with the /e (executable) modifier.


The domecode function in inc/functions_post.php

inc/functions_postphp | MyBulletinBoard | domecode | function |

The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier.


Multiple unspecified vulnerabilities in IBM DB2

vulnerabilities | unspecified | Universal | Database | Multiple | IBM | DB2 |

Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.


Incomplete blacklist vulnerability in Kailash N

vulnerability | boastMachine | Incomplete | blacklist | Kailash | Nadh |

Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to bypass SQL injection protection mechanisms by using commas, quote characters, pound sign (#) characters, "UNION," and "SELECT," which are not filtered by the product, which only checks for "insert," "delete," "update," and "replace."


Integer overflow in the str_replace function in

str_replace | function | overflow | Integer | before | PHP |

Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably the same issue as CVE-2007-0906.6.


Integer overflow in the str_replace function in

str_replace | function | overflow | Integer | PHP |

Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."


Multiple unspecified vulnerabilities in Gallery

vulnerabilities | unspecified | Multiple | Gallery | before |

Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.


Software vulnerabilities results 1 to 20 of 28     
Page: 12