se, since authentication is
> still necessary to trigger them, they have a low impact.
>
> Thanks!
>
>
> Gynvael Coldwind 于2021年5月8日周六 上午12:09写道:
>
>> Hi,
>>
>> I might be missing something, but how are these considered
>> vulnerabilities?
>>
so
> > 2020.06.08-11:19:45.40@0: 776c7000-776d1000 r-xp 00:0c 961
> > /lib/libm-0.9.33.2.so
> > 2020.06.08-11:19:45.40@0: 776d3000-776db000 r-xp 00:0c 950
> > /lib/libubox.so
> > 2020.06.08-11:19:45.40@0: 776dc000-776df000 r-
Hi there,
It's the same with spaces btw (see also James Forshaw's mention of this in
his post [1]):
>echo test > asdf
>type asdf
test
>type "asdf. . . ... .. . . ."
test
Reading doesn't seem to work with Windows Subsystem for Linux (Windows 10)
though :(
$ cat asdf
test
$ cat "asdf
Hi Francisco,
Unfortunately your disclosure is factually wrong.
Please note that even the packet you are citing says "Host:
translate.googleusercontent.com" - this is not the same domain as
translate.google.es (or translate.google.com), therefore, due to the
JavaScript same-origin policy (
https:
Correct me if I'm wrong, but the vulnerability can be summarized as: if you
run an untrusted .exe you might execute malicious code?
I hardly see this as giving anything new to the attacker who can just
create a malicious exe file, set the winrar sfx icon and send it to the
victim.
Keep in mind th
Hi,
Quick question with regards to your disclosure - why are you attributing
the ownership/authorship of HTTP Live Headers to Google? The website you
linked seems to clearly says it's developed by eSolutions Nordic AB
("offered by https://www.esolutions.se";).
Also, if you found a vulnerability i
>
> We call it "Misfortune Cookie" over the affected vulnerable HTTP cookie
> parsing module, but MITRE insists on CVE-2014-9222
>
To be honest I'm getting rather annoyed by how Check Point is (mis)handling
this vulnerability. I mean, there is already a "cool marketing name", there
is a website de
ongratz on finding the bug :)
(BTW not sure why did you bring UAC into the discussion - did I miss
something? or was it just an argument you've heard before and wanted
to reply to it preventively?)
Cheers!
On Fri, Jul 25, 2014 at 2:50 PM, Stefan Kanthak wrote:
> Gynvael Coldwind wrot
Well it was discussed a couple of times recently on FD that this is a bug,
but it's not a privilege escalation.
If you are admin (and you did mention that it's a prerequisite) you can
execute code as other users anyway - so there's no *escalation* here.
Therefore it's not a security bug (unless yo
Well spotted.
That said, don't you have to be an admin to be able to create files in
these directories anyway?
So this is only exploitable on FAT, or by admin, or if the ACLs are
set incorrectly right?
--
Gynvael Coldwind
___
Sent through the
10 matches
Mail list logo