Exploit the possiblities
Showing 1 - 25 of 573 RSS Feed

Files

AeroMail 2.80 Cross Site Request Forgery / Cross Site Scripting
Posted Jun 30, 2011
Authored by Justin C. Klein Keane

AeroMail version 2.80 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
MD5 | cbb8d39fcd1ea68df778bb29857776bc
Zero Day Initiative Advisory 11-231
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a Matrix structure within a particular opcode embedded within a .pict file. When using this Matrix structure to transform image data, the application will miscalculate an index to represent a row of an object. This will cause the application to write outside the bounds of the array of objects which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3790
MD5 | c43306f7850b58eb82ccaa1650b655ec
Ubuntu Security Notice USN-1149-2
Posted Jun 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1149-2 - USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-2374, CVE-2011-2376
MD5 | 2e047736b2cf396f147b26133eb4ead7
Zero Day Initiative Advisory 11-230
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-230 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles Apple Lossless Audio Codec streams. While parsing the sample description for the 'alac' codec an integer wrap can occur that results in the allocation of a memory buffer that is smaller than intended. When Quicktime writes to this buffer it causes a memory corruption that can lead to remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0211
MD5 | 7537317f117f9f69067382ff0b758632
Zero Day Initiative Advisory 11-229
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-229 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a specially formatted RIFF WAV file. When parsing a fmt chunk within the file, the application will use a 32-bit field to calculate the size of a buffer to allocate. Before the allocation, the application will add 0x14 bytes to the result. Due to restrictions imposed on the implementation of this component by the language and it's platform, an integer overflow can be made to occur. This can lead to code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2011-0209
MD5 | fc673982aff7f944a871fb2ccd1e8d90
Debian Security Advisory 2266-1
Posted Jun 30, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2266-1 - Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2010-2531, CVE-2011-0420, CVE-2011-0421, CVE-2011-0708, CVE-2011-1153, CVE-2011-1466, CVE-2011-1471, CVE-2011-2202
MD5 | b2e43d17e42a67932628eb0ec6270779
SmallFTPd 1.0.3-fix Denial Of Service
Posted Jun 30, 2011
Authored by Myo Soe

SmallFTPd versions 1.0.3-fix and below suffer from a denial of service vulnerability.

tags | advisory, denial of service
MD5 | ee707912aedc27840fc0c56bd0b13f23
Zero Day Initiative Advisory 11-228
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-228 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on Windows and multiple applications on OSX. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ColorSync component which is used when handling image files containing embedded ICC data. When handling the ncl2 tag the process miscalculates an integer value used in a memory allocation. This buffer is later used as a destination when copying user controlled data. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user running the application.

tags | advisory, remote, arbitrary
systems | windows, apple
advisories | CVE-2011-0200
MD5 | 6d41ee6d1fa981fef6b659451d62befc
Secunia Security Advisory 45124
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS and potentially compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
MD5 | 47c97fba7783bf4e41982f10884f341b
Secunia Security Advisory 45062
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for php5. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, debian
MD5 | 6171a5734473e129f51c134f60c0486e
Secunia Security Advisory 45122
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
MD5 | b3ec0956fdcfdd4efde03f49ac8cbe0c
Secunia Security Advisory 45116
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | f24aa3c78b9b98b7892bafe47c1706bc
Secunia Security Advisory 45106
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Portal and IBM Lotus Web Content Management, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
MD5 | dcda23af82c2d8ba5f7af249e2a5c2e1
Secunia Security Advisory 45083
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Newsletter Subscriber plugin for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 7ef47af956c613ec4646150ba7dd5af1
Secunia Security Advisory 44998
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Brendan Coles has reported multiple vulnerabilities in Cachelogic Expired Domains Script, which can be exploited by malicious people to conduct cross-site scripting attacks and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 80a2350e4f04000b736b77f081caf259
Secunia Security Advisory 45086
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 6f8c09d0f101439af054c52d0f100d31
Secunia Security Advisory 45099
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WordPress, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | 2dbce1f4cadb98741b2509c0007b4177
Secunia Security Advisory 45034
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in SAP NetWeaver, which can be exploited by malicious users to manipulate certain data.

tags | advisory
MD5 | 389c143b509a860c61f5f11e0d931d43
Secunia Security Advisory 45081
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | e5ac01fd951e7210a12749e6cfa112bd
Apple Security Advisory 2011-06-28
Posted Jun 29, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-06-28-1 - Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26.

tags | advisory, java, web, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873
MD5 | 06451743e7bba659d645d05af3734473
Secunia Security Advisory 44890
Posted Jun 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in RSLinx, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | ad31967bc7be57fbcd3c1d038d0524bc
Secunia Security Advisory 45108
Posted Jun 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ALZip, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | ba9d5fe6be08feff0e841223238348c6
Secunia Security Advisory 45102
Posted Jun 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in FlatPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | a918acbc7001793ecc46daf7436682d7
Secunia Security Advisory 45097
Posted Jun 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome where some have unknown impacts and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 20d5e0f09d01af09c4b6ce60f8216c02
Secunia Security Advisory 45095
Posted Jun 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for Xen. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, suse
MD5 | d4cd7aec083fdaafa4d045e6d36dd771
Page 1 of 23
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close