Google AOSP email application versions up to 7.0 suffer from an html injection vulnerability.
997b4ab75d2a1bd77ad1ed1e393d5be70361f9a6bcb2b694bbf2ee14017f4233Free WMA MP3 Converter version 1.8 suffers from a buffer overflow vulnerability.
405e1a5c47ed2d7f68d824586599986b2c40de899c0466366ebf697fa61505deMurgent CMS from 2015Q4 suffers from a remote SQL injection vulnerability.
3d3c1ae69315f62677ef5cb67d8cd395a1393075c74dfc1d329ba7fc8f456883LineNity WP premium theme suffers from a local file inclusion vulnerability.
aedb3c213591ef0023a5bac52d0988f5003d14829fbb8554821e52c538078db3Ebay Magento suffered from multiple cross site request forgery vulnerabilities.
9100b8e6174a98fe814cca49771a623e8ed97ea3ca97aba563a8cdfb93846e04Ebay Magento Commerce suffered from a cross site scripting vulnerability.
d053d31a2e30a77f10b17da4ec3786d918f2e3f72ec4c69bda9bb8bedc20b230Lan Scan HD version 1.20 suffers from a command injection vulnerability.
a6f4b3a9396e8402950f0d05045b64e5fa21dea5031ee2933070b42412e31732Port Scan version 2.0 suffers from a command injection vulnerability.
e0354f5b75c9099132633c4b052838d46b8bbee6c82c53020df95d4ea18525b4PHP Address Book version 8.2.5.2 suffers from a remote SQL injection vulnerability.
74ce6b4fbc3365f91ad208910228a3874d6c832b0bfb7575b3a009ca64d52058zTree version 3.5.19.1 suffers from a cross site scripting vulnerability.
74c4694fccb338eef0b0a66ddd1bd35451475c0c7f74ebe8ff6a29b02a59712fA number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. This finding documents an overflow with a malformed OS/2 table.
8fe968ce622cf9113f76404623b7e14a9b2abf8080a96adb4115cbf39cfdec56The Cisco FireSIGHT Management Center appliance suffers from a certificate validation vulnerability. FirePWNER exploit included. Versions affected include 5.2.x, 5.3.x, and 5.4.x.
3fc2f6862036f1dcec916cfa817e09ceabd99af239e63cb74877b949a1537809The attached testcase was found by fuzzing DEX files, and results in a heap overflow with a wild memcpy. Note that Kaspersky catch exceptions and continue execution, so running into unmapped pages doesn't terminate the process, this should make exploitation quite realistic.
6751e071bf8dd3497577b29fbf7d097aa98be4740d9f645d2afa24cded401776Adobe Reader X and XI for Windows suffer from an out-of-bounds read in CoolType.dll.
bc8c45d0bc029bbfe2dcb8a7c8653db43d3be01d2877e59509fb180abdbeb922On Windows 8.1 Update 32/64 bit, the system call NtApphelpCacheControl (the code is actually in ahcache.sys) allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function AhcVerifyAdminContext. This function has a vulnerability where it doesn't correctly check the impersonation token of the caller to determine if the user is an administrator. It reads the caller's impersonation token using PsReferenceImpersonationToken and then does a comparison between the user SID in the token to LocalSystem's SID. It doesn't check the impersonation level of the token so it's possible to get an identify token on your thread from a local system process and bypass this check.
72088e382599651c32cb9cdc5567e22509289abb4b5d97381967f2aafa755155TECO JN5 L510-DriveLink version 1.482 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .LF5 file. Successful exploitation could allow execution of arbitrary code on the affected machine.
0a17862b17b3d467c4d8f98421a8360fdbcb7dc4e4083cf422ec3cebfc1dcc18TECO AP-PCLINK version 1.094 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.
05a9e596617eb5f861cd0aa93ea5277f10981c522596b213248bf09866d332c4TECO SG2 FBD Client version 3.51 suffers from a vulnerability that is caused due to a boundary error in the processing of a Genie FBD, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GFB file. Successful exploitation could allow execution of arbitrary code on the affected machine.
9e734f6542911311ba1c133e0986c8e5fe18cf3fbb2d5b7622a8b4a411038008networkd is the system daemon which implements the com.apple.networkd XPC service. It's unsandboxed but runs as its own user. com.apple.networkd is reachable from many sandboxes including the Safari WebProcess and ntpd (plus all those which allow system-network). networkd parses quite complicated XPC messages and there are many cases where xpc_dictionary_get_value and xpc_array_get_value are used without subsequent checking of the type of the returned value.
8f3b0d4e8a89ad64284b0b7f58567f82fed3eee85dac017382e0f65c2b11a7e5TECO TP3-PCLINK version 2.1 has a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.
4778282fac2ab5abb25a2673b573310bfa0f672266d7d8e650fd6ed1fd4de623When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. The naming pattern for files is {CN}.cer and CN can be modified to perform path traversals.
ce9f7093bf60e3752e2176561753c43ff890d74e6e48bcae0af1b4f25757ad05A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. This finding documents an overflow with a malformed TrueType program.
aa2c793abdcbae42410e9648120375bbbf61f199aadac00919c7cae1a9e4ac95A use-after-free condition has been encountered in FreeType while fuzzing Type42 fonts. Version 2.5.3 is affected.
f0ddade4f563e81601505e4c49d519629a1f9cb5f6e95c61b4ed5f44b810a101Fuzzing the ZIP file format found multiple memory corruption issues, some of which are obviously exploitable for remote code execution as NT AUTHORITY\SYSTEM on any system with Kaspersky Antivirus.
fc8862117299fd338cb8bbf77d3ccb922e26861f2ef48f8fe569ea1fedea5e5bTECO SG2 LAD Client version 3.51 suffers from a vulnerability that is caused due to a boundary error in the processing of a Genie LAD file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GEN file. Successful exploitation could allow execution of arbitrary code on the affected machine.
99d9948e7ad21ed7716d95d01d9ecd153145a8d5a83a9616f7e4db8d5d28f544
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed