shortcut software vulnerabilities
vulnerabilities.aspcode.net
Searching shortcut software vulnerabilities
Opera 7.50 and earlier allows remote web sites
Opera
|
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.
Microsoft Windows Internet Explorer 5.5 and 6.0
attackers
|
arbitrary
|
Microsoft
|
Internet
|
shortcut
|
embedded
|
Explorer
|
objects
|
execute
|
Windows
|
script
|
Helper
|
allows
|
remote
|
Shell
|
code
|
uses
|
via
|
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
ArGoSoft FTP Server before 1.4.2.7 allows remot
ArGoSoft
|
Server
|
before
|
FTP
|
ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520.
ArGoSoft FTP Server before 1.4.2.8 allows remot
ArGoSoft
|
Server
|
before
|
FTP
|
ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519.
Windows Shell for Microsoft Windows 2000 SP4, X
Microsoft
|
Windows
|
Shell
|
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122.
Windows Shell for Microsoft Windows 2000 SP4, X
Microsoft
|
Windows
|
Shell
|
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.
Multiple design errors in Microsoft Internet Ex
Microsoft
|
Internet
|
Multiple
|
Explorer
|
design
|
errors
|
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Download Dialog Box Manipulation Vulnerability."
The Find feature in Palm OS Treo smart phones o
information
|
attackers
|
sensitive
|
operates
|
password
|
physical
|
despite
|
feature
|
allows
|
access
|
obtain
|
phones
|
system
|
smart
|
which
|
Find
|
lock
|
Treo
|
Palm
|
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Software vulnerabilities results 1 to 9 of 9
Page:
1