Searching updater software vulnerabilities

Helix GNOME Updater helix-update 0.5 and earlie

/etc/configd/cshcshrc | /etc/configd/bashrc | /etc/rcconfig | configuration | helix-update | directories | properly | earlier | Updater | system | allows | create | empty | files | users | Helix | GNOME | which | local | does | /tmp | such | not |

Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.


ColdFusion 6.1 Updater 1 places Java .class fil

/WEB-INF/cfclasses | information | ColdFusion | sensitive | attackers | directory | Updater | places | allows | remote | obtain | files | under | which | class | Java | root | web |

ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information.


Unspecified vulnerability in the IIS connector

vulnerability | Unspecified | ColdFusion | Enterprise | Microsoft | connector | attackers | involving | service | request | vectors | Updater | denial | allows | remote | Adobe | using | cause | file | root | JRun | via | web | IIS |

Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root.


Untrusted search path vulnerability in the wrap

vulnerability | Untrusted | wrapper | scripts | search | path |

Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.


Software vulnerabilities results 1 to 5 of 5     
Page: 1