writing software vulnerabilities
vulnerabilities.aspcode.net
Searching writing software vulnerabilities
WFTPD and WFTPD Pro 2.41 allows remote attacker
WFTPD
|
Pro
|
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE).
Apache before 1.3.24, when writing to the log f
before
|
Apache
|
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
The code for writing reg files in Samba before
writing
|
before
|
Samba
|
files
|
code
|
reg
|
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
The syssgi SGI_IOPROBE system call in IRIX 6.5.
SGI_IOPROBE
|
system
|
syssgi
|
IRIX
|
call
|
The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.
The Javascript engine in Safari 1.2 and earlier
Javascript
|
attackers
|
earlier
|
service
|
denial
|
remote
|
Safari
|
engine
|
allows
|
cause
|
The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array.
Prevx Home 1.0 allows local users with adminstr
\device\physicalmemory
|
ServiceTable
|
adminstrator
|
privileges
|
prevention
|
intrusion
|
restores
|
directly
|
original
|
kernel's
|
features
|
running
|
writing
|
allows
|
bypass
|
Prevx
|
users
|
which
|
local
|
Home
|
SDT
|
Prevx Home 1.0 allows local users with adminstrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable.
lppasswd in CUPS 1.1.22 does not remove the pas
lppasswd
|
CUPS
|
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
SalesLogix 6.1 uses client-specified pathnames
client-specified
|
authenticated
|
SalesLogix
|
arbitrary
|
pathnames
|
certain
|
execute
|
writing
|
remote
|
create
|
users
|
which
|
files
|
allow
|
might
|
code
|
uses
|
via
|
SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables.
Kerio Personal Firewall 4.0 (KPF4) allows local
Firewall
|
Personal
|
Kerio
|
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable.
Extcompose in metamail does not verify the outp
Extcompose
|
arbitrary
|
overwrite
|
metamail
|
writing
|
symlink
|
allows
|
before
|
verify
|
attack
|
output
|
files
|
users
|
which
|
local
|
does
|
file
|
not
|
via
|
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
The Javascript engine in Opera 7.23 allows remo
Javascript
|
engine
|
Opera
|
The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array.
Buffer overflow in elogd.c in elog before 2.5.7
overflow
|
before
|
elogdc
|
Buffer
|
elog
|
Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log file.
The ftdi_sio driver (usb/serial/ftdi_sio.c) in
ftdi_sio
|
driver
|
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.
The jail rc.d script in FreeBSD 5.3 up to 6.2 d
/var/log/consolelog
|
mount/unmount
|
unmounted
|
pathnames
|
overwrite
|
arbitrary
|
start-up
|
symlink
|
systems
|
mounted
|
outside
|
writing
|
FreeBSD
|
script
|
allows
|
during
|
attack
|
verify
|
users
|
files
|
which
|
local
|
jail
|
file
|
root
|
does
|
not
|
rcd
|
via
|
The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/console.log during a jail start-up, or when file systems are mounted or unmounted, which allows local root users to overwrite arbitrary files, or mount/unmount files, outside of the jail via a symlink attack.
Integer underflow in the DecodeGRE function in
src/decodec
|
DecodeGRE
|
underflow
|
function
|
Integer
|
Snort
|
Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.
Mozilla based browsers, including Firefox befor
including
|
browsers
|
Firefox
|
Mozilla
|
before
|
based
|
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
Mozilla Firefox might allow remote attackers to
attackers
|
phishing
|
spoofing
|
conduct
|
writing
|
attacks
|
Firefox
|
Mozilla
|
remote
|
might
|
allow
|
Mozilla Firefox might allow remote attackers to conduct spoofing and phishing attacks by writing to an about:blank tab and overlaying the location bar.
Parallels Desktop for Mac before 20070216 imple
Parallels
|
Desktop
|
before
|
Mac
|
Parallels Desktop for Mac before Friday, February 16, 2007 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows local users of the guest operating system to write arbitrary files to the host filesystem, and execute arbitrary code via launchd by writing a plist file to a LaunchAgents directory.
The embedded Internet Explorer server control i
Messenger
|
Explorer
|
embedded
|
Internet
|
Instant
|
control
|
server
|
AOL
|
The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.1.41.2 and 6.2.32.1, AIM Pro, and AIM Lite does not properly constrain the use of mshtml.dll's web script and HTML functionality for incoming instant messages, which allows remote attackers to place HTML into unexpected contexts or execute arbitrary code, as demonstrated by writing arbitrary HTML to a notification window, and writing contents of arbitrary local image files to this window via IMG SRC.
Off-by-one error in the ReadBlobString function
context-dependent
|
ReadBlobString
|
out-of-bounds
|
ImageMagick
|
Off-by-one
|
attackers
|
character
|
arbitrary
|
function
|
triggers
|
crafted
|
writing
|
address
|
execute
|
allows
|
before
|
which
|
error
|
blobc
|
image
|
635-9
|
code
|
file
|
'\0'
|
via
|
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.
Software vulnerabilities results 1 to 20 of 32
Page:
1
2
►