Packet Storm new exploits for November, 2007.
a1a267d230c1babda05496342cfaab31710286937bcd59d3bbb2284a91d03cf6
bcoos versions 1.0.10 and below suffer from a SQL injection vulnerability in ratefile.php.
30caf2ed09c8464c212af883a2a3fa18bdaf22caae6e5dd15b02c9b312ce7a4b
A cross site scripting vulnerability has been discovered in Apache versions 2.2.x and 2.0.x using a malformed HTTP request with 413 error pages.
5e5ecae2dd8650f2334b76ce5c8c11c07a739563e20ab71119ce66af66f4b72c
The F5 FirePass 4100 SSL VPN is susceptible to cross site scripting vulnerabilities in my.logon.php3.
e6afb0f9bfff9f0c6c26b41688b8501ab2e432569ffb54063058d40d923885b9
The F5 FirePass 4100 SSL VPN is susceptible to cross site scripting vulnerabilities in my.activation.php3.
f93567dd019619dc99df7b77129c40ab79f517ee69a40dd6ed1e64a113c580e3
Ossigeno Suite CMS versions 2.2 and below suffer from remote file inclusion vulnerabilities.
cd3a5fd83140abce7c288c2c60a9cee0fb1afe1cda596e4ce6c9e0a8c6964c74
APC PDU products appear to be susceptible to a login bypass vulnerability.
cddc046fb1c3ecf8ec09e8c5618b1bb6d2591ae1445c8a726bdb5ac8f79ece9c
Apple Quicktime versions 7.2 and 7.3 RTSP response Content-Type header stack buffer overflow exploit for Mac-OSX and Microsoft Windows.
d154c6e12dd365a42668982a18f11a460123575bb7de81ca79d27b0ed0ca101e
FTP Admin version 0.1.0 suffers from bypass, local file inclusion, and cross site scripting vulnerabilities.
1859291e1795d3ac49baf5fb6e89514071d68e63fd16ad1c63999b6d2caab4aa
Seditio CMS versions 1.21 and below remote SQL injection exploit.
f53e7a30e46b0e8e26ae4f106fb3d029aef94db96279f4e6c65fcfad39c246c7
LearnLoop version 2.0beta7 suffers from a remote file disclosure vulnerability in file_download.php.
5e7f1ec0569d3e30501f00dcafd7c91c5c1c41d0f8f6ff09bc9967eb5f6dad26
KML Share version 1.1 suffers from a remote file disclosure vulnerability in region.php.
720db40fcf6a7157e2432fd002691514e5c617998bec7b087776d09352e62edf
WebED version 0.0.9 suffers from a remote file disclosure vulnerability in index.php.
150a0fc1508eba2f9756b47e06851150974ee8c1ab3841c751e7a4d7a618c1ef
Web-MeetMe version 3.0.3 suffers from a remote file disclosure vulnerability in play.php.
9f961294fefd8f6e0c68621a00f214a3e85507c1cd59fd2682db653e46496a93
Windows Media Player AIFF divide by zero exception denial of service proof of concept exploit.
453f2cfb6509e25e10dc2a2fef0ec098e68aaefe9e4056477cdbe80676f49d1d
bcoos versions 1.0.10 and below suffer from cross site scripting and SQL injection vulnerabilities.
805c22ff1c53330806b6d13752a311149728862efa15a2649a989073efb5d81a
Charrays CMS version 0.9.3 suffers from multiple remote file inclusion vulnerabilities.
8522fe34fb8b4ff4ea5a2c953b5e27c61491112bda7fac788bba0eeeaa2ae043
EHCP versions 0.22.8 and below suffer from multiple remote file inclusion vulnerabilities.
83fab2b77c909841eeea18b645cca3c219a8cf5b1727a7f2f54b050550cb4edc
PHP-CON version 1.3 suffers from a remote file inclusion vulnerability in include.php.
fbe1de639ebef1bd488e62fcc8faef2f0ddcc877ca7285e2d3b45a221ea65685
p.mapper version 3.2.0 suffers from a remote file inclusion vulnerability.
a74a7edf3ff0355f846c09e4ed08f06ea90e970c93c28091d947bb3e47b41811
Liferay Enterprise Portal version 4.3.1 suffers from cross site scripting vulnerabilities.
986158a74be87e3ba5f50ed3a1b3c2e834d1089cb1e5ba2389926537b234b0b8
PHPkit version 1.6.1 suffers from a remote file inclusion vulnerability.
673400a894bf744378440e29d2c810971d88724b774f606c4b331a80034588b7
Apple QuickTime RTSP response Content-type remote stack rewrite exploit for Internet Explorer 6/7.
75effbe555ebb351d97e13ff00995fd0384358d3d075db5ed1c1f8243cc48cf2
BitDefender Online Scanner 8 ActiveX heap overflow exploit that makes use of OScan8.ocx and OScan81.ocx.
52a89951da1b8dce895efdff343cadc997c9adc65847c7240880f462c7d3a10c
wpQuiz version 2.7 suffers from multiple remote SQL injection vulnerabilities.
87f2006a205be4968f46e94562b9ef9473168736e200e163e036b59d3ec55692