FireEye FX, AX, NX, and EX products suffer from an analysis bypass vulnerability.
449aafd21ac2669413a7bfe12b72b0a0409a12dace2cd2b57d2a5622aa29d505Microsoft Internet Explorer 11 suffers from a MSHTML!CObjectElement use-after-free vulnerability.
e3a600a83bd36797b98db962833ac5481dc99968f9a214f43e970ffe3c05e463OpenSSH versions 6.9p1 and below suffer from PAM related authentication bypass and use-after-free vulnerabilities.
0b9cdda83d2bd4462b9476721a79b253f4d0d5a4f1b85d7710195b4178d9abf5Microsoft Internet Explorer 11 is prone to a use-after-free vulnerability in the MSHTML!CTreeNode::GetCascadedLang function. The following analysis was performed on Internet Explorer 11 on Windows 8.1 (x64). If an attacker succeeds in bypassing the Memory Protector and Isolated Heap protection mechanisms this vulnerability allows the execution of arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
1ab54ed16c416f2c380415334ef8a0ac58296c12aa60e0f295c012e60b25b90fThis whitepaper discusses exploitation of CVE-2014-4113 on Windows 8.1.
347b65c62cf9b21ce7a51217f70945df6a72439a4ef09808f6143d9103ce6fc4Polycom systems suffer from a format string vulnerability when creating a CDR entry. Polycom HDX series versions prior to 3.1.1.2 are affected.
8998433b0bea32dde00acd6d3311c61443b062424f5faeac20c6cdfee2adbe3bA simple H.323 SETUP packet can be used to commit a remote SQL injection attack against Polycom systems. Polycom HDX series versions prior to 3.1.1.2 are affected.
c8ef16e32d79b56646936f40819360d5231808c030efb457b8afed16f3c94923The firmware update functionality in the Polycom web interface is vulnerable to a simple command injection vulnerability which allows an attacker with access to the web interface to execute arbitrary commands on the underlying embedded Linux system. Polycom HDX series versions prior to 3.1.1.2 are affected.
eaeed66e6e35211d5de8494085612d6cabc696df21d84244931e4cb825cb4492The Polycom Command Shell can be used to view and also change several settings of the system. However it can also be used to get system-level access (i.e. root access) to the HDX system. The "printenv" and "setenv" commands can be used to read and write variables respectively which are stored in flash memory. Polycom HDX series versions prior to 3.1.1.2 are affected.
162aad6a25e60bab68f51ec49f90cbda2650407c9f0ac15d752cc71dba4606beThis Metasploit modules exploits a command injection vulnerability in the URL handler for for the IBM Lotus Notes Client <= 8.5.3. The registered handler can be abused with an specially crafted notes:// URL to execute arbitrary commands with also arbitrary arguments. This Metasploit module has been tested successfully on Windows XP SP3 with IE8, Google Chrome 23.0.1271.97 m and IBM Lotus Notes Client 8.5.2.
7a3b0f8cdedb3c1112e263b6a63066bb8c62253df93e1569505b5ae265a933a9A heap corruption vulnerability has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service.
a967d2b7f8fefd73301e6eaf2dfb4c514e1473ca7edba87c15475fe6dc0abe7eA stack-based buffer overflow has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service.
8c2aad516fccebdeefca7b40556e1cfb18e6b22108f839a744c124db43130d39A directory traversal vulnerability has been found in the PJL file system access interface of various HP LaserJet MFP devices. File system access through PJL is usually restricted to a specific part of the file system. Using a pathname such as 0:\..\..\..\ it is possible to get access to the complete file system of the device.
3046f35f738f91dd1414a725b79b838acb34d0bb5e416218ca7e0fbb11a194c5This Metasploit module exploits a feature in the Distribution Packages, which are used in the Apple Software Update mechanism. This feature allows for arbitrary command execution through JavaScript. This exploit provides the malicious update server. Requests must be redirected to this server by other means for this exploit to work.
31bbe100ffdd2f91eaedeff7614f1752ef8f6fb3e51341837b95b2b328745b19A remotely exploitable vulnerability has been found in the HTTP header parsing code of the CFNetwork framework.
3cd844ab4b16ffea30d4bf56950667b6ccf6b6b2a12354c933cb59ebebbbebe9ClamAV contains an off-by-one heap overflow vulnerability in the code responsible for parsing VBA project files. Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the 'clamd' process by sending an email with a prepared attachment. Versions below 0.94.1 are affected.
6cc70ca47bd8e70a162e0b466166e4ae4e11b76c25c6b31b93bb29214c73de19Apple Mac OS X Software Update suffers from a remote command execution vulnerability. Full Metasploit module included.
1852939fa989f4ddf6144fb1874a746c14013a7706681e093ad78115be9ffd22OpenSSL versions before 0.9.7m and 0.9.8e suffer from an off-by-one buffer overflow in SSL_get_shared_ciphers().
14554756f6b961b55d3c66f67ef71356931c21b86d987c2959039bdbdf012665tcpdump versions 3.9.5 and below suffer from an off-by-one heap overflow in the ieee802.11 printer.
d25a3d728ab60232446e3ac7336e378fa1d08dcf088e60d62e4c19444d0f09aeMPlayer version 1.0rc1 suffers from a buffer overflow that can be exploited with a maliciously crafted video file.
f6b24ce436da9fc6ea70e8ee7f600461e195bedd2bab50ac218f4d119d59a662Remove vulnerability has been found in the SmartFTP-D Server which allows a remote user with an account to read any file on the system.
dc0c845f36c1df20329e24792344d24bc446161aac536e31bd3e8e9f4f21f5c7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed