Skip to content

Home Early Warning System Issues
Issues
Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE
Thursday, 29 October 2015 11:23

Mozilla's (executable) full setup packages for Windows allow arbitrary code execution resp. escalation of privilege: their SETUP.EXE loads SHFOLDER.DLL ['] from a temporary (sub)directory "%TEMP%\7zS.tmp\" created during self-extraction of the full setup packages. Avoid using executables for installation except the native installer package format of the resp. target OS.

Detail infomation about this vulnerability

 
Western Digital Self-Encrypting Hard Drive Crypto Fail
Tuesday, 20 October 2015 16:45

Western Digital self-encrypting hard drives suffer from having an extractable AES key that can be used to decrypt all data. No patch is available currently. Source & Details

 
LibreSSL Leak / Overflow
Monday, 19 October 2015 16:13

Various vulnerabilities are discovered in all versions of LibreSSL. These include a memory leak and a buffer overflow. Details can be found in here.

 
Blat.exe v2.7.6 SMTP / NNTP Mailer Buffer Overflow
Friday, 16 October 2015 16:01

blat.exe is a Win32 is a command line eMail tool that sends eMail using SMTP or post to usenet using NNTP.An older release of blat.exe v2.7.6 is prone to a stack based buffer overflow when sending malicious command line arguments.

 
HP SiteScope Input Validation Flaw in DNS Tool Lets Local Users Obtain System Privileges
Thursday, 15 October 2015 15:46

A vulnerability was reported in HP SiteScope. A local user can gain system privileges on the target system. No solution was available at the time of this entry.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 10 of 141
[YOUR IP : 54.234.75.144: 36320] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...