CVE-2009-1171 (moodle) The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a “$$” sequence, which causes LaTeX to include the contents of the file. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171
Posts Tagged ‘User-Assisted’
1063 (exescope)
CVE-2009-1063 (exescope) Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via a crafted executable (.exe) file. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1063
1104 (java)
CVE-2009-1104 (java) The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.2_19 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted attackers to bypass intended [...]
1105 (java)
CVE-2009-1105 (java) The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1105
User-assisted execution of arbitrary code
Bugtraq: [ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code [ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code URL: http://www.securityfocus.com/archive/1/502090
User-assisted execution of arbitrary code
[ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code <!– Envelope-to: email@address Delivery-date: Tue, 24 Mar 2009 15:38:03 +0000 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1Lm8hX-0006hl-BJ for email@address; Tue, 24 Mar 2009 15:38:03 +0000 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 0E70B2370F9; Tue, 24 [...]
Amarok: User-assisted execution of arbitrary code
Bugtraq: [ GLSA 200903-34 ] [ GLSA 200903-34 ] Amarok: User-assisted execution of arbitrary code URL: http://www.securityfocus.com/archive/1/502035
User-assisted execution of arbitrary code
[ GLSA 200903-34 ] Amarok: User-assisted execution of arbitrary code Posted by Tobias Heinlein on Mar 20 – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – Gentoo Linux [...]
1040 (winasm_studio)
CVE-2009-1040 (winasm_studio) Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1040
1022 (gom_encoder)
CVE-2009-1022 (gom_encoder) Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1022
