Searching shared software vulnerabilities

By design, Maximizer Enterprise 4 calendar and

Enterprise | arbitrary | Maximizer | calendar | program | address | design | modify | shared | allows | being | other | users | book |

By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared.


Operating systems with shared memory implementa

implementations | Operating | conduct | systems | service | bypass | limits | shared | memory | denial | based | allow | code | user | BSD |

Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.


The Lucent Closed Network protocol can allow re

transmitted | attackers | networks | protocol | 'Network | Network | secret | access | shared | remote | Closed | Lucent | clear | Name' | which | allow | used | SSID | they | join | have | can | not |

The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join the network, is transmitted in the clear.


Buffer overflow in digest calculation function

implementations | calculation | arbitrary | attackers | overflow | possibly | function | multiple | execute | service | secret | shared | Buffer | allows | RADIUS | digest | denial | remote | cause | data | code | via |

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.


The System V (SYS5) shared memory implementatio

System |

The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory.


Vulnerability in the MIT-SHM extension of the X

Vulnerability | extension | MIT-SHM | server | Linux |

Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.


PowerChute plus 5.0.2 creates a "Pwrchute" dire

PowerChute | plus |

PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory.


Next Generation POSIX Threading (NGPT) 1.9.0 us

Generation | Threading | POSIX | Next |

Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods.


Unknown vulnerability in Apple File Service (AF

vulnerability | Service | Unknown | Apple | File |

Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files.


IBM DB2 7.1 and 8.1 allow the bin user to gain

privileges | libraries | modifying | programs | setuid | shared | allow | used | user | gain | root | IBM | DB2 | bin |

IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.


login_radius on OpenBSD 3.2, 3.5, and possibly

authentication | login_radius | attackers | response | spoofing | possibly | versions | replies | OpenBSD | allows | server | bypass | remote | secret | shared | packet | RADIUS | verify | which | other | does | not |

login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies.


PostgreSQL (pgsql) 7.4.x, 7.2.x, and other vers

PostgreSQL |

PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.


SafeNet SoftRemote VPN Client stores the VPN pa

SoftRemote | password | SafeNet | stores | Client | VPN |

SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.


VMware before 4.5.2.8848-r5 searches for gdk-pi

world-writable | gdk-pixbuf | 4528848-r5 | arbitrary | libraries | temporary | directory | includes | rrdharan | searches | execute | before | allows | shared | VMware | users | local | using | which | code | path |

VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code.


Qt before 3.3.4 searches the BUILD_PREFIX direc

before |

Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.


Firefox, when opening Microsoft Word documents,

applications | permissions | arbitrary | attackers | documents | Microsoft | properly | sections | Firefox | opening | allows | Office | remote | shared | write | which | data | open | Word | does | set | not |

Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | inclusion | Multiple | remote | file | PHP |

Multiple PHP remote file inclusion vulnerabilities in (1) shared/header.php and (2) shared/help.php in OpenBiblio before 0.5.2 allow remote attackers to execute arbitrary PHP code via unspecified vectors.


Cisco Clean Access (CCA) 3.6.x through 3.6.4.2

Access | Clean | Cisco |

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access.


Format string vulnerability in the write_html f

calendar/gui/e-cal-component-memo-previewc | vulnerability | write_html | Evolution | function | Shared | Format | string | Memo |

Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo.


Directory traversal vulnerability in the Shared

vulnerability | Workstation | Directory | traversal | feature | Folders | before | Shared | VMware |

Directory traversal vulnerability in the Shared Folders feature for VMware Workstation before 5.5.4, when a folder is shared, allows users on the guest system to write to arbitrary files on the host system via the "Backdoor I/O Port" interface.


Software vulnerabilities results 1 to 20 of 81     
Page: 12345