The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS...
Untrusted search path vulnerability in Lunascape before 6.4.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Date published : 2011-01-24 http://www.securityfocus.com/bid/45945 http://help.lunascape.tv/LunascapeHelp-en/page.aspx?pageid=ver_6_4_11
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges...
The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users...
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain...
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive...
The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users...
The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data,...
Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated...
Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard...
The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via...
CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by (1) sniffing the network for transmissions of Java...
Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 allows remote attackers to cause a denial of service (device crash) via a long string in a...
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML...