NULL FTP Server version 1.1.0.7 suffers from a SITE parameter command injection vulnerability.
1220731bf2a3fe71b2edbc3ce418e4000dde3fbbe7e1f74bdc460f8757dc7773Multiple exploitable buffer overflow vulnerabilities were found within the file attachment viewer in IBM Lotus Notes. The vulnerabilities can be exploited to execute arbitrary code by tricking the user to view a malicious DOC, SAM, WPD, or MIF file attachment using the file attachment viewer in Lotus Notes.
890157468a36afba607e7e752659d2e88a1469381478ce7e639aee37185addbcAdobe Pagemaker versions 7.0.1 and 7.0.2 suffer from a buffer overflow vulnerability when handling long font names. Links to full advisory are provided however the author has removed the exploits related to the vulnerability.
4d649063f056168db14f9bd0375f8e3ad886dc0ae43795c2a6b08c1fe0359a45ESTsoft ALPass version 2.7 suffers from an arbitrary code execution vulnerability when importing a specially crafted DB file.
3d5ae490155ac68d0915c131e84daf0b821b62fb6bcbacf8f68c10b82d9593b7The yEnc32 Decoder version 1.0.7.207 suffers from a long filename buffer overflow vulnerability.
fd2f5f609a413073350206036e2b74dbbe63a7d1860e4bd7a03621009e4a808dA vulnerability has been found in PowerArchiver version 9.64.02. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ISO file.
da5e65cc8102776bac81f3a6ae4e44c4ea8af05fbe201f50c1c1538e357739c3A vulnerability has been found in iso_wincmd Total Commander Plugin. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ISO file. iso_wincmd version 1.7.3.3 (1.7.3 Beta 3) and version 1.6.10 have this vulnerability.
eea03011e2fd105c70b3f2997e5e0eab8234ea3a2525b4a52995ac75e09dcafeTwo vulnerabilities have been found in CruiseWorks. When exploited, the vulnerabilities allow an authenticated user to retrieve arbitrary files accessible to the web server process and to execute arbitrary code with privileges of the IIS IUSR_MACHINE account.
6ded8d2684f90a3812fd49e9f82867b5dc550992e640d71d72193a57d9bafc44Some SQL injection vulnerabilities have been found in Cybozu Garoon 2 version 2.1.0 for Windows. When exploited by a logged on user, the vulnerabilities allow for manipulation of SQL statements which can lead to disclosure of information from the database, or to cause the backend MySQL database to consume large amount of CPU resources.
94932244918f86ec9cbc3c1de3392a30b3dd4dfd9954868db3b6c5152b81423eA vulnerability has been found in Cybozu Products. When exploited, the vulnerability allows an authenticated user to retrieve arbitrary files accessible to the web server process. Affected versions include Cybozu Office version 6.5 for Windows and Cybozu Share 360 version 2.5 for Windows.
f3ebb6efe8e8068de884bcd59e82c23a1e7ac1c7641cae14b0c9c9927cc4bb0cA vulnerability has been found in Cool Messenger Office/School Server. When exploited, the vulnerability allows any people to logon to the messenger server as any user without requiring knowledge of any passwords.
9fd837b7913663fe4e67231c162238ff62e76ec61010aa9b3dfd5b23060068e2A vulnerability has been found in PowerZip version 7.06 build 3895. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ZIP archive.
1095a9a0d27e136c86405542df69e9e2eb4624755051ce1675b03404e3fd3bb2LHAPlus version 1.52 suffers from a buffer overflow vulnerability.
b1b5d6fe35b827ddc39b6a46190e8a09fed246c2f7a88badeb89caad29dbe617Secunia Research has discovered a vulnerability in AutoVue SolidModel Professional Desktop Edition, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of ARJ, RAR, and ZIP archives. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is opened. Successful exploitation allows execution of arbitrary code. AutoVue SolidModel Professional Desktop Edition version 19.1 Build 5993 is affected. Other versions may also be affected.
e93adff3a8f625d54d58dc9486926383f88de6f10f23d5b6f9a008feef926f49An arbitrary code execution vulnerability exists in PowerArchiver version 9.62.03.
be1c7f5acea357664b1372470353015f39b13264a61266b84630702156f1c79cA vulnerability has been found in PowerArchiver version 9.62.03 that allows for arbitrary code execution.
5be398cc76407912583ce04d6d10e64b66f05d6b129c7068c34e6a5947ce19f0A vulnerability has been found in AGEphone versions 1.24 and 1.38.1 that allows for arbitrary code execution.
8f76c6205b8597e13c8c77f5fd93bf27e2587fa1af93d650aac528e988192a08A vulnerability has been found in TurboZIP 6.0 that allows for arbitrary code execution.
463aafbe89aa1791e81c25bf9e6eceb69d145d3722f0a4e9e8d10d48e177b311Some vulnerabilities have been found in DynaZip DZIP32.DLL/DZIPS32.DLL that allow for arbitrary code execution. DynaZip Max version 5.0.0.7 and DynaZip Max Secure version 6.0.0.4 are affected.
50aa225d27ea00eec762bd08537c3f1eb0108a7dee8512410379c0163bcb6564Secunia Research has discovered two vulnerabilities in IceWarp Web Mail, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and compromise a vulnerable system. Merak Mail Server version 8.3.8.r with IceWarp Web Mail 5.6.0 is affected.
ea34c0a33de7ac0c8a3533381aaf94e7d5a0210039b64aa97bdbafdab97a3e5dSecunia Research has discovered two vulnerabilities in Visnetic Mail Server, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and to compromise a vulnerable system. Visnetic Mail Server version 8.3.5 is affected.
d2398297f500288373c0f6859e9be8e326afb0527008903d4c171dd3f33601b2Secunia Research has discovered a vulnerability in PicoZip version 4.01, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "zipinfo.dll" info tip shell extension when reading a ACE, RAR, or ZIP archive that contains a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when the user moves the mouse cursor over a malicious archive either in Windows Explorer or from any program that uses the file-open dialog box. Successful exploitation allows arbitrary code execution.
d020df17118c2708ed7b20a03b95d908f801e7b21c0521b16b3d114542da5705Secunia Research has discovered a vulnerability in CAM UnZip versions 4.0 and 4.3, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive. This can be exploited to cause a stack-based buffer overflow when a malicious ZIP archive containing a file with an overly long filename is opened.
15e13f5a99e65b3adbc306a4ea2fa32d802e0121972b3078e9f2fecd56fb97b1Secunia Research has discovered a vulnerability in Abakt, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive. This can be exploited to cause a stack-based buffer overflow when a malicious ZIP archive containing a file with an overly long filename is opened. Versions 0.9.2 and 0.9.3-beta1 are affected.
67471673445159616ecc2805692c08221a6e6eceb4b399e199f2b6db8e227996Secunia Research has discovered a vulnerability in TZipBuilder version 1.79.03.01, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive that contains a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a specially crafted ZIP archive is opened. Successful exploitation allows execution of arbitrary code with the privileges of an application that uses the library.
d82a5e72087c2ff64ade5023af3e50aef3b2192651f8f09e5fb8213dcdd4bc82
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed