Title: Webmin CGI Command Injection Remote Code Execution Vulnerability
Published Date: Dec 20, 2024
Risk Index: 4.45 of 10 (Medium)
Summary: A critical vulnerability has been identified in the CGI request handling component of Webmin which allows remote attackers to execute arbitrary code. Authentication is required to exploit this vulnerability.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. The attacker can perform actions within the root context, potentially leading to full system compromise, data leaks, installation of malware, or creation of persistent backdoors.
Title: (0Day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
Published Date: Feb 08, 2011
Risk Index: 8.44 of 10 (High)
Summary: A critical vulnerability has been identified in the Remote Console component of IBM Lotus Domino. This vulnerability allows remote attackers to bypass authentication and execute arbitrary code. This issue occurs when a specific unsupported configuration involving UNC share pathnames is used.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data and execute arbitrary code on the affected system. The unauthorized access to the server can lead to further exploitation of stored data, manipulation of the server’s configuration, and potentially spreading malicious activities within the network. The ability to execute arbitrary code can also lead to complete control over the server, enabling attackers to carry out any harmful operations.
Title: (0Day) Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
Published Date: Feb 07, 2011
Risk Index: 8.05 of 10 (High)
Summary: A critical vulnerability has been identified in the Office Art component of Microsoft PowerPoint. This vulnerability, known as the “OfficeArt Atom Remote Code Execution Vulnerability,” affects multiple versions of PowerPoint, leading to the possibility of remote code execution and denial of service through memory corruption when handling invalid Office Art containers in PowerPoint documents.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. This could lead to various detrimental outcomes, such as data breaches, unauthorized access, system crashes, and potentially unauthorized control over the infected systems, as well as the propagation of malicious software.
Title: (0Day) Hewlett-Packard Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability
Published Date: Feb 07, 2011
Risk Index: 8.05 of 10 (High)
Summary: A critical vulnerability has been identified in the EXEC_CMD component of HP Data Protector, which allows remote attackers to execute arbitrary Perl code via a crafted command.
If exploited, this vulnerability could allow an attacker to gain unauthorized control of the affected system. This could entail executing arbitrary commands or scripts, accessing or modifying sensitive data, and possibly disrupting service operations.