Page 15 of 73 results (0.011 seconds)

CVSS: 9.3EPSS: 28%CPEs: 14EXPL: 0

Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment. Vulnerabilidad sin especificar en el componente PDF distiller en el BlackBerry Attachment Service en BlackBerry Unite! 1.0 SP1 (1.0.1) anterior a bundle 36 y BlackBerry Enterprise Server 4.1 SP3 (4.1.3) a la v4.1 SP5 (4.1.5), permite atacantes remotos asistidos por el usuario ejecutar códigod e su elección a través de un fichero PDF adjunto manipulado. • http://secunia.com/advisories/31092 http://secunia.com/advisories/31141 http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html http://www.kb.cert.org/vuls/id/289235 http://www.securitytracker.com/id?1020505 http://www.vupen.com/english/advisories/2008/2108/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43840 https://exchange.xforce.ibmcloud.com/vulnerabilities/43843 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 4

Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/. Desbordamiento de búfer basado en pila para phgrafx en QNX Momentics (alias RTOS) 6.3.2 y anteriores que permiten a los usuarios locales obtener privilegios a través de un fichero largo .pal del directorio palette/. • https://www.exploit-db.com/exploits/32009 http://secunia.com/advisories/30808 http://securityreason.com/securityalert/3974 http://www.scanit.net/rd/advisories/adv01 http://www.securityfocus.com/archive/1/493816/100/0/threaded http://www.securityfocus.com/bid/30024 http://www.securitytracker.com/id?1020411 http://www.vupen.com/english/advisories/2008/1996/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43542 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 5

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility. • https://www.exploit-db.com/exploits/21499 https://www.exploit-db.com/exploits/21501 https://www.exploit-db.com/exploits/21500 http://archives.neohapsis.com/archives/bugtraq/2002-05/0292.html http://www.iss.net/security_center/static/9231.php http://www.securityfocus.com/bid/4901 http://www.securityfocus.com/bid/4902 http://www.securityfocus.com/bid/4903 http://www.securityfocus.com/bid/4904 https://exchange.xforce.ibmcloud.com/vulnerabilities/9232 https://exchange.xforce • CWE-59: Improper Link Resolution Before File Access ('Link Following') •