[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

114411

 
 

909

 
 

88812

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 88593 Download | Alert*

The host is installed with PHP and is prone to security bypass vulnerability. A flaw is present is in the extract function in PHP before 5.2.15, which overwrites $GLOBALS and $this when using EXTR_OVERWRITE. Successful exploitation allows context-dependent attackers to bypass intended access restrictions by modifying data structures that are not intended to depend on external input.

The host is installed with PHP and is prone to race condition vulnerability. A flaw is present is in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler has been defined and many concurrent signals are being delivered to it through ext/pcntl leading to a race condition. Successful exploitation allows context-dependent attackers to cause a denial of service (memory corruptio ...

The host is installed with PHP and is prone to integer overflow vulnerability. A flaw is present is in the mt_rand function in PHP before 5.3.4, which always returns PRN - a number less than 0 whenever min is set to 0 and max is set to anything greater than the mt_ version. Successful exploitation allows context-dependent attackers to predict the return values by leveraging a script's use of a lar ...

Kees Cook discovered that the chfn and chsh utilities do not properly sanitize user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments. Packages in the oldstable distribution are not affected by this problem.

Kees Cook discovered that some shadow utilities did not correctly validate user input. A local attacker could exploit this flaw to inject newlines into the /etc/passwd file. If the system was configured to use NIS, this could lead to existing NIS groups or users gaining or losing access to the system, resulting in a denial of service or unauthorized access.

Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files.

language-selector: Language selector for Ubuntu Linux Local users could gain root access via the language-selector.

The host is installed with Adobe Coldfusion and is prone to session fixation vulnerability. A flaw is present in the application 8.0 through 9.0.1 caused by an unspecified error which will persuade a victim to visit a specially-crafted link and log into the application. Successful exploitation allow remote attackers to hijack web sessions via unspecified vectors.

The host is installed with Adobe Coldfusion and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application 8.0 through 9.0.1 where it fails to properly validate user-supplied input. Successful exploitation allows remote attackers to inject arbitrary web script or HTML via the cfform tag.

The host is installed with Adobe Coldfusion and is prone to unspecified vulnerability. A flaw is present in the application 8.0 through 9.0.1 caused by an error in the ColdFusion administrator console. Successful exploitation allows attackers to obtain sensitive information via unknown vectors.


Pages:      Start    7847    7848    7849    7850    7851    7852    7853    7854    7855    7856    7857    7858    7859    7860    ..   8859

© SecPod Technologies