Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various these components as an embedded OLE object. When instantiating a vulnerable object Windows will try to load one or more DLLs from the current working directory. If an attacker convinces the victim to open a specially crafted (Office) document from a directory also containing the attacker's DLL file, it is possible to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system.
54a85ca989c4eaff178f934a3bf1f889b5563dba98e78c59197f8309e65b7406MyBB version 1.8.6 suffers from multiple cross site scripting vulnerabilities.
09a5d3981d355ec0a29e90ee57d1093fb1ebc1eb4d6c9e3e9940a391386d94b3A specially crafted HTTP response can cause the CHttpHeaderParser::ParseStatusLine method in WININET to read data beyond the end of a buffer. The size of the read can be controlled through the HTTP response. An attacker that is able to get any application that uses WININET to make a request to a server under his/her control may be able to disclose information stored after this memory block. This includes Microsoft Internet Explorer.
94c41624ff0f1959d2d6ec3ad4d68a44468068d2211d86e587904cea67366cf44images versions 1.7.13 and below suffer from a remote SQL injection vulnerability.
74de1ddc3bddc388cd27bca15944047be987925a71644ccbc0bf1a487955531bExponent CMS version 2.4.0 suffers from a remote blind SQL injection vulnerability.
efb6f348b4c97ed885446cc19619c0d5dcfbb991b1688207a51826ebad74cb58Microsoft Internet Explorer versions 9, 10, and 11 suffer from an MSHTML PROPERTYDESC::HandleStyleComponentProperty out-of-bounds read.
69867369c8cff2f756daea66abcef97b67f77b7116041fb4cfb63a932b7b4769Nero version 7.10.1.0 suffers from an unquoted service path privilege escalation vulnerability.
bad453dd996e32dcdd658e911ef7091ccb817266a006aad8aa09bc2e7fc877b3e107 CMS version 2.1.2 suffers from a privilege escalation vulnerability.
73baba47c53c160ce7de24af40be1871e0c32ae23b42c9e50a5f1ec9f610bac5A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to run such a script in any application that embeds the VBScript engine may be able to disclose information stored after this memory block. This includes all versions of Microsoft Internet Explorer.
de2a5025554f64ba3382cd282b48b1d88c6ba27472d9213565816e814c3c7bdbPCMan FTP server version 2.0.7 LIST command buffer overflow exploit.
ee8c05f9d31c111b08f65c859a19a515350d52b94b05b48a00dae728d3c59400Droid4XService (Droid4XService.exe) installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
0a067f88b1ac621e2bddaaff892ce2e233e835a6b70cfc46bd1bb9a8eac8c45aVerint Impact 360 version 11.1 suffers from an open redirection vulnerability.
90b86698e84b565bf822062eee3cb8a8a648d26b748b7e8d05a0febd3793bd37Samsung Software Update Service, SWUpdateService (SWMAgent.exe), installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
fa631c32f50f71cbeace4cb98fbe8c2fe5df271cc347f3d1d9bc08165cc55e61Adobe Connect and Desktop version 9.5.7 suffers from malicious script insertion vulnerabilities.
5d4defe17959d7dd2a5ced15d3b2e58a4576fed73b0d6f23e36ec599cada1d18Avira Antivirus versions 15.0.21.86 and below suffer from a command execution vulnerability.
78a59e0dd369a5bd39deaf1ea862d4e542548155f19cd30868dfaf06d9060e7dPCMan FTP server version 2.0.7 HELP command buffer overflow exploit.
1e931abe04a9035467fbd7383b1872edad0a0e560491380e1dd821c7353c4038D-Link ADSL router DSL-2750E with firmware version SEA_1.07 suffers from a file disclosure vulnerability.
5b3e48e6c154c065a6f5f66894e16cc4b75f24024861e7e8a923afaa15523de3NETGEAR ADSL router JNR2010 with firmware version 1.0.0.20 suffers from a file disclosure vulnerability.
89351c58412f573eab1041e77b42d338f8587baa062a618e9c0694a4fe1e544fWordPress 404 to 301 plugin version 2.2.8 suffers from a persistent cross site scripting vulnerability.
caf5fe4e82197491c2d860c9c6183c6cfbe9f3b073eb49cb2472f0de886a1e21NETGEAR ADSL router JNR1010 with firmware version 1.0.0.32 suffers from a file disclosure vulnerability.
2ab7d96798cb9335ad7bbafd60afd681b9e8ae3434614fef0cc6588d36f0c876NETGEAR ADSL router WNR612v3 with firmware version 1.0.0.9 suffers from a file disclosure vulnerability.
83b45b90accee293fef2e2738d7d071e7d33c5436060f03cbbe988b3a89366ebD-Link ADSL router DSL-2750U with firmware version IN_1.08 suffers from a file disclosure vulnerability.
782cca1a45e485462231cc414ff4e53635082360738f17a7ed29bd4d2cc96066WordPress Calendar plugin version 1.3.7 suffers from a cross site scripting vulnerability.
ea052d53851c7851e99b09704105a6c6efd2ea912fa3031b5a38723b58c17e60OpenGB version 1.2.3 suffers from a cross site scripting vulnerability.
f6310c6342bbd12490a1dae8f1fe7e75a53b1b536cfba1a4d9e2b735941c451cThe tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.
a6ca122006a1200c7bde861b8e42d7ff62e7411987a0ab39b2b75bf23a794a1a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed