saving software vulnerabilities
vulnerabilities.aspcode.net
Searching saving software vulnerabilities
The Log Viewer function in the Check Point Fire
FireWall-1
|
existence
|
function
|
through
|
Solaris
|
saving
|
allows
|
Viewer
|
'log'
|
files
|
Point
|
Check
|
which
|
does
|
30b
|
GUI
|
SP2
|
not
|
Log
|
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
Pirch and RusPirch, when auto-log is enabled, a
attackers
|
auto-log
|
RusPirch
|
service
|
enabled
|
denial
|
allows
|
remote
|
Pirch
|
cause
|
Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (crash) via a nickname containing an MS-DOS device name such as AUX, which is inserted into a filename for saving queries.
KDE 3.2.x and 3.3.0 through 3.3.2, when saving
32x
|
KDE
|
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
Firefox before 1.0.2 allows remote attackers to
Firefox
|
before
|
Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.
Smc.exe in My Firewall Plus 5.0 build 1117, and
Firewall
|
Smcexe
|
build
|
Plus
|
Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
Mailsite Express allows remote attackers to upl
extensions
|
executable
|
attaching
|
directory
|
accessing
|
attackers
|
"compose
|
Mailsite
|
feature
|
execute
|
sending
|
message
|
Express
|
upload
|
remote
|
saving
|
before
|
allows
|
cache
|
using
|
page"
|
files
|
such
|
then
|
file
|
ASP
|
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
crawl before 4.0.0 does not securely call progr
before
|
crawl
|
crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges.
GUI display truncation vulnerability in Mozilla
vulnerability
|
Thunderbird
|
truncation
|
Mozilla
|
display
|
GUI
|
GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by Thunderbird, along with an inconsistent Content-Type header, which could be used to trick a user into downloading dangerous content by dragging or saving the attachment.
Genius VideoCAM NB Driver does not drop privile
privileges
|
arbitrary
|
VideoCAM
|
opening
|
allows
|
saving
|
Genius
|
Driver
|
dialog
|
"save
|
users
|
local
|
files
|
which
|
does
|
drop
|
gain
|
as"
|
via
|
not
|
Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to gain privileges by opening arbitrary files via the "save as" dialog.
Mozilla Firefox 1.x before 1.5 and 1.0.x before
Firefox
|
Mozilla
|
before
|
10x
|
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.
perlpodder before 0.5 allows remote attackers t
metacharacters
|
perlpodder
|
attackers
|
arbitrary
|
executed
|
podcast
|
execute
|
before
|
remote
|
allows
|
saving
|
shell
|
which
|
code
|
file
|
log
|
via
|
URL
|
perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548.
Multiple stack-based buffer overflows in Lhaz b
stack-based
|
overflows
|
Multiple
|
before
|
buffer
|
Lhaz
|
Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute arbitrary code via a long filename in (1) an LHZ archive, when saving the filename during extraction; and (2) an LHZ archive with an invalid CRC checksum, when constructing an error message.
Yahoo! Messenger for WAP permits saving message
user-assisted
|
JavaScript
|
arbitrary
|
Messenger
|
attackers
|
messages
|
contain
|
permits
|
service
|
online
|
inject
|
script
|
allows
|
saving
|
remote
|
which
|
Yahoo
|
HTML
|
WAP
|
URL
|
web
|
via
|
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote attackers to inject arbitrary web script or HTML via a URL at the online service.
SSL VPN Client in Cisco Secure Desktop before 3
Desktop
|
Secure
|
Client
|
before
|
Cisco
|
SSL
|
VPN
|
SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving files outside of the vault, which is not cleared after the VPN connection terminates and allows local users to read unencrypted data.
PreviewAction in XWiki 0.9.543 through 0.9.1252
PreviewAction
|
XWiki
|
PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rights to execute arbitrary code by selecting a document whose author has programming rights, modifying this document to contain a script, and previewing without saving the document.
The editprofile3 function in cgi-bin/cgi-lib/us
cgi-bin/cgi-lib/userpl
|
editprofile3
|
web-apporg
|
function
|
before
|
WebAPP
|
The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors.
Apple Safari for Windows 3.0.3 and earlier does
Windows
|
Safari
|
Apple
|
Apple Safari for Windows 3.0.3 and earlier does not prompt the user before downloading a file, which allows remote attackers to download arbitrary files to the desktop of a client system via certain HTML, as demonstrated by a filename in the DATA attribute of an OBJECT element. NOTE: it could be argued that this is not a vulnerability because a dangerous file is not actually launched, but as of 2007, it is generally accepted that web browsers should prompt users before saving dangerous content.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the save function in Obedit 3.03 allows user-assisted remote attackers to inject arbitrary web script or HTML via unknown vectors, as demonstrated by a SCRIPT element in an unspecified context when saving a document. NOTE: because the details of the attack are uncertain, it is unclear whether this crosses privilege boundaries.
Software vulnerabilities results 1 to 19 of 19
Page:
1