Secunia Security Advisory - Jordi Corrales has reported a vulnerability in CADSLR1, allowing malicious people to cause a Denial of Service.
eccc9211bdc15f5068d07448cb567d25b213c146062183c3352436b3ba9d6e3aDue to a vulnerability in the Sysinternals PsTools share mapping, an attacker with a user account can execute arbitrary code as an administrator.
afa2b3db99139b18f9779cb16ab7ebf5920c2aaf5e39becbcf6b41bd48024acfSecunia Security Advisory - Lostmon has reported a weakness in I-Cafe client, allowing malicious users to by disable the software.
80b75d5f1b4a5f89d1ee0cdc8fe71be78001681f051ca500c5b7314b6e886d0dSecunia Security Advisory - PunBB 1.x, Nucleus 3.x, and BLOG:CMS 3.x all suffer from a flaw where system access can be gained due to a lack of input validation.
457f046835019de8732a58b41bcae39662b69a04597c072414a80d8faa282e1eSCO Security Advisory - Multiple vulnerabilities have been found in the MMDF binaries included with SCO Openserver versions 5.0.6 and 5.0.7. These include buffer overflows, null dereferences, and core dumps.
f78bc63931e13a59fb61612fe42904a3de9bc9c717ed7cd53c2d6e79a6eb8a55IEXPLORE.EXE file version 6.0.2800.1106 and MSHTML.DLL file version 6.00.2800.1400 are both susceptible to cross site/zone scripting flaws.
adf292c1753dbb9a45642cd37fcc3a60abe2952a1004a4a51d48cb8e38659b95Secunia Security Advisory - PlaySMS SMS Gateway 0.x is susceptible to SQL and Command Injection vulnerabilities due to a lack of input validation.
1cc264e0e4b8a2944a006a41120b90825709572680c28c278ad9eba146e8bd73Sun Security Advisory - The Solaris Volume Manager (SVM) under Solaris 9 is susceptible to a local denial of service attack.
a8c6ebdaba6f938c0c8029a833bd13a7c8121c64368b4de0fc723ba27981be5aPHPBB version 2.0.x is susceptible to an HTTP response splitting vulnerability and also a cross site scripting flaw.
9bd2d0b59a945ad92ce18125125d0ac88e7d1a7638e8a47859f05b04619bb36aSecunia Security Advisory - Cengiz Aykanat has reported two vulnerabilities in eTrust Common Services, allowing malicious people to cause a Denial of Service.
2894708288caaaf6e3b2120fdc52945843409c7496057f455f34da77d567a6d7CuteNews version 1.3.x suffers from an HTML injection flaw in the commentary section.
1bed2be3a7e3553d352ea8e88aeacbb7a7dc51caa12eba604305e417a1450da1Outblaze email suffers from a cross site scripting flaw.
2e3fb75d7c154d7b6b50aaad88ab9ae8b9d1380f03794f14958361957ee8087cMedal of Honor games, such as Allied Assault version 1.11v9 and below, Breakthrough version 2.40b and below, and Spearhead version 2.15 and below, all suffer from buffer overflows server-side.
26138defb44c5ccd5bca6847f51453afed6f2ae54af0f0e5fde0b3aba6ceaf32A format string bug exists in the code that handle the Debugger Messages for OllyDbg version 1.10.
ea3b234c64fa58685fccf9e73ab76034b66c1ae43da07c0540c4599cf53cbb37Microsoft Internet Explorer gives too much trust to the location variant when it comes to method cache.
dfcc5befe5b4cbb0775285dc6081d07b23ee805c7630f7a4a7e2a864aef1038dmod_ssl 2.8.18 for Apache 1.3.31 suffers from a format string vulnerability.
6bc74708efb719f3dd166615a2295857ff80b86322f5e777eacbf97f0e3496e4PHPBB 2.0.8 is susceptible to full patch disclosure and cross site scripting vulnerabilities.
371b61e8aff45c61219490cd0843e2dbc477151643dbfbae0bf932f620e3e71bSecunia Security Advisory - Marcel Boesch has reported a vulnerability in Mozilla and Firefox, which can be exploited by malicious people to cause a denial of service. Versions affected: Mozilla 1.6, 1.7.x, and Firefox 0.x.
fba993b6d724a589100b57a880caeacb0e040dc3256bd64266d7c963296be1ceMicrosoft Hotmail is vulnerable to a cross site scripting attack.
fac53ad1625eb0829847db8b6e5be732ea19aec830faef6e35e5f8c2e301bde9Novell Bordermanager 3.x suffers from a flaw that allows for a denial of service attack due to an unspecified error within the VPN service IKE.NLM.
fdf68776d373f9e276efea50a7f8193b00e23d45d4937f43906a9384eadeee5bGattaca Server 2003 version 1.1.10.0 is susceptible to full path disclosure, cross site scripting, and multiple denial of service attacks.
a2081aacff40e09987d1fdd220f9e159cd210b6b03a5656b73841afd03dd340dA denial of service condition exists in the Microsoft SMS Client where a data packet that gets analyzed will cause the server to throw an exception while attempting to read or write an invalid memory address. Tested against: Microsoft Systems Management Server version 2.50.2726.0.
553f2e065d26c6b861b80533b5ce510271d41b91c5034a763c8d3895d8d62af4A remote code execution vulnerability exists in the Task Scheduler (mstask.dll) because of an unchecked buffer. Affected Software: Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1.
b178c0fb6e2cf5a365096e5e090fe21dc3fe55636e18842f57f2b7cdfc145164Microsoft Windows Task Scheduler is vulnerable to a stack-based buffer overflow. The flaw can be exploited by creating a specially-crafted .job file. This will most frequently be a local exploit, but it is possible to imagine some cases where this could be remotely exploited as well.
8a91f17d4a2fd2983c074e04a451428f0f826e5f1059013c4a6a38db1aee67e2PHP memory_limit remote vulnerability allows for remote code execution on PHP servers with activated memory_limit.
a2764c250202043b5e2fbcc945ecc7953565f046d5aa69d07e2cf18d05dc5ee3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed