OllyDbg version 1.10 suffers from a denial of service condition when seeing certain special bytes.
f538d17c5d770dce03b70daa622a7f21db59dd5c1b225ea9cb13d71ee7f8ef93MSN Shadow is a forensics tool to analyze the MSN protocol. It has features such as: text sniffing, video sniffing, spoofing messages, hijacking sessions, shutdown users, save text sniffed in HTML format, save video sniffed in AVI format.
3fbfe9ab9516006f29f16fa21536c097c3cce768db8ca4623f036940ab806be1phpPgAdmin versions 3.5 through 4.1.1 suffer from a cross site scripting vulnerability.
334636e8778c537c3d118de55e527517fd58cbc68e558f0146f81176e313ef1eRMForum suffers from a direct database download vulnerability.
52c923120065b9eae484710a8877048c9709a82f3e89059d8eedd4023be6d204Gentoo Linux Security Advisory GLSA 200705-20 - Chris Evans has discovered multiple buffer overflows in the Sun JDK and the Sun JRE possibly related to various AWT and font layout functions. Tom Hawtin has discovered an unspecified vulnerability in the Sun JDK and the Sun JRE relating to unintended applet data access. He has also discovered multiple other unspecified vulnerabilities in the Sun JDK and the Sun JRE allowing unintended Java applet or application resource acquisition. Additionally, a memory corruption error has been found in the handling of GIF images with zero width field blocks. Versions less than 1.4.2.03-r14 are affected.
8fdfae7708b71e8cc23b83550f7aac157241039b468621fde7436a4f1c783facGentoo Linux Security Advisory GLSA 200705-19 - Several vulnerabilities were found in PHP, most of them during the Month Of PHP Bugs (MOPB) by Stefan Esser. The most severe of these vulnerabilities are integer overflows in wbmp.c from the GD library and in the substr_compare() PHP 5 function. Ilia Alshanetsky also reported a buffer overflow in the make_http_soap_request() and in the user_filter_factory_create() functions, and Stanislav Malyshev discovered another buffer overflow in the bundled XMLRPC library. Additionally, the session_regenerate_id() and the array_user_key_compare() functions contain a double-free vulnerability. Finally, there exist implementation errors in the Zend engine, in the mb_parse_str(), the unserialize() and the mail() functions and other elements. Versions less than 5.2.2 are affected.
85b7223b6bfd70f54588716713c6a4f7ef1cdaf921d40a164c836fe16bbb3b6fZindizayn Okul Web Sistemi version 1.0 suffers from a SQL injection vulnerability allowing for login bypass.
c0e5c2deff0fb18411735238076560487b30368d89582801d0224ef66a651e88Ubuntu Security Notice 465-1 - Luigi Auriemma discovered multiple flaws in pulseaudio's network processing code. If an unauthenticated attacker sent specially crafted requests to the pulseaudio daemon, it would crash, resulting in a denial of service.
b4194e057152d91f6fa8d49428781929d5d5a12dd01e4501754b1a10f17dd788Eudora version 7.1.0.9 (IMAP FLAGS) remote SEH overwrite exploit that executes calc.exe.
c484749017d563fcc11f7881719d8778f52e3cf736979fc61598546693928422EDraw Office Viewer component unsafe method exploit that wipes system.ini.
a73aa0e36e2378dd23c8216334b948362cb4eb7160fc6a1bea69423ca839a8b2Zenturi ProgramChecker ActiveX arbitrary file download/overwrite exploit.
1691cebdd5af693f1f3c50c7520dc2b0ccf3d00f2412958c6d8ae778585e2c15Apache version 2.0.58 mod_rewrite remote overflow exploit for win32. Binds a shell to port 4445.
f8d367428261509f9e8e651cc83d34c6b4a4a86c15f633d671023a26ad41b8ddInternet Explorer 6 / Ademco, co., ltd. ATNBaseLoad100 module remote buffer overflow exploit.
cc172dca81fb7d641e2ef31d86eca200033d53f260d74a5994cc178ce9925bf3webCMS version 1.00 suffers from a direct database download vulnerability.
810af9d3e0ce0430aa9c64d00723938af8fb9fb0ad96db6c7fc1974b95609d50iDefense Security Advisory 05.25.07 - Remote exploitation of multiple stack-based buffer overflows in Sun Microsystems Inc's Java System Web Proxy allows unauthenticated attackers to execute arbitrary code with superuser privileges. The problem specifically exists within the "sockd" daemon. This daemon implements SOCKS proxy support for the Web Proxy product. Attackers can cause a buffer overflow by manipulating certain bytes during protocol negotiation. iDefense has confirmed the existence of this vulnerability using version 4.0.3 of Sun Java Web Proxy Server. Lab tests were performed on an x86 RedHat enterprise Linux machine. Previous versions, including products released under the "Sun ONE" product line, are suspected to be vulnerable.
72294cd502e9972bae2c8981123cf64868977da03f4e00dd9aae3dbd828ec5ebOpenPKG Security Advisory - Multiple vulnerabilities in PHP versions 5.2.2 and below have been addressed.
de25ea5eaff6e286c1e16000b5dfce7c3dedab43e0b8b25a85fcd5852260b7f1rtpBreak detects, reconstructs and analyzes any RTP [rfc1889] session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it does not require the presence of RTCP packets (voipong needs them) that are not always transmitted from the recent VoIP clients.
256b6027883fa8b0d360d88a1624d81c72a15e08947d23e0f7d2f91439678b4fPligg version 9.5 is susceptible to a guessable confirmation code for password reset.
6a5c9c8df8272d2b5249a353b1d8ce0b89612a994e53e4f4926cabe84e513934Digirez version 3.4 suffers from cross site scripting vulnerabilities.
c1a32677cec4da50981c4187de0ffec6e745afd2006d208cdb77882c21d529de
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed