SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.
bc4cc7bf63d53a27a1eb576d08fe29628ea8da32f5518c5c866e31065558a8a7IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered by providing an overly long file parameter value inside a LOAD statement, which is used to insert data from an operating-system file into an existing table or view. Version 12.10 is affected.
7242df27de9624e0c0b57ed3ef055069c110005a841ad63815fe50406c581c74IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.
9fcbc5360bbab3d3d0d5f91e96ba944fd77fa77b62d50735a37991cb02aa1f1fgoogle-api-php-client versions 2.1.3 and below suffer from multiple cross site scripting vulnerabilities.
8eaec32d7fdf5c15debcbc897ef52db1a3048d72036b4d43408cd00a1a64ebbfWhitepaper called From Zero to ZeroDay Journey: Router Hacking (WRT54GL Linksys Case).
66c928dae742c5b1f66c19385575361b4ebbbe5aef56979b8945aa3f1562cf31A few weeks ago, DefenseCode announced the remote pre-auth root access exploit for Cisco Linksys. During further research, they have discovered that other router manufacturers are also vulnerable to the same vulnerability, since the vulnerable Broadcom UPnP stack is used across multiple router vendors. Rapid7 has produced some scary numbers surrounding how many routers are affected on the Internet.
973bb983a4d13f077857f0d5faee4a6aaf7969bdaa84af71296a5aabd7a67568A critical security vulnerability that allows a remote unauthenticated attacker to remotely execute arbitrary code under root privileges has been discovered in Broadcom's UPnP software.
a9af7d158bb390ad756245dc9d569c020c94e28b5576407cf6cf4b7fe4378cd8Safari 4.0.2 suffers from a local buffer overflow vulnerability related to the webkit parsing of floating point numbers.
d9f549ccc385b7d7b909f34d0c726cf7b9734986d0f5f78d922e54dec9773f79Memory corruption vulnerabilities have been discovered in NASA's Common Data Format. Versions 3.2.4 and below are affected.
d3bfdae0226b04f7084476e78657351396b5f9598a25fc61dc3d13c191fa4f96INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).
f15fcb7c39b1de855c85925767b7a551daaddf85fabc42a30d0971f234fc959eA remote vanilla stack overflow vulnerability exists in the Surgemail IMAP server. The vulnerability is caused due to a boundary error in the IMAP server, when processing overly long arguments of the 'LSUB' command. The vulnerability results in a simple stack overflow condition that can be trivially exploited.
6caf1134a18b78d821475643125ddbaac4ab936cf127a25b6b9b7c01c6c4eaf2The SOPHOS ES1000 and ES4000 Email Security Appliances suffer from a cross site scripting vulnerability.
123b619e25aff04e8e4059347592ab523fc7b2fc5ae0e69d4e85093667da700dMcAfee E-Business Server versions 8.5.2 and below pre-authentication denial of service exploit.
9fdbf08d12eca23e24b5da2766dfaa3afb090a14d10501e4f61f1a490950b23dINFIGO IS Security Advisory #ADV-2008-01-06 - The McAfee E-Business Server versions 8.5.2 and below suffer from a pre-authentication code execution and denial of service vulnerability.
7129afa195fe0c40d1247cd6d401cf701a55ca378c31f5c79339a620eade8866During an audit of Enterprise Security Analyzer, multiple remote buffer overflows have been discovered in the ESA server (TCP port 10616). There are various stack and heap overflows in multiple ESA requests. The vulnerability has been identified in the latest available Enterprise Security Analyzer v2.5. Previous versions are believed to be vulnerable as well.
7cfad04c205329f1f36fe4c6cad33a97921cb4da56226e103ba111b14bd847cdProof of concept remote exploit for the MDaemon POP3 preauth buffer overflow. MDaemon versions 8 and 9 are susceptible to this.
e36d9a6cd5875ac91dfbfc8be90a0ef092197e21924979c6115982c649be0d8bDuring an audit, a critical vulnerability has been discovered in the MDaemon POP3 server. There is a buffer overflow vulnerability in 'USER' and 'APOP' command processing part of the Altn MDaemon POP3 server. The vulnerability can be triggered with providing a long string to USER or APOP commands with '@' characters included in the string. In this case, MDaemon will incorectly process the string and a heap overflow will happen as a result. To trigger the vulnerability, a few USER commands have to be sent to the POP3 Server. Sometimes (depending on the heap state and string length), it is even possible to redirect code execution directly to the supplied input buffer on the heap. MDaemon versions 8 and 9 are confirmed vulnerable.
d5c9043c3a5da6e06fbb9448e0ee6aac59f636527f57112ed1d576f7218e753dINFIGO IS Security Advisory #ADV-2006-05-03 - New vulnerabilities have been discovered in ArgoSoft FTP server version 1.4.3.6, Golden FTP server version 2.70, FileZilla version 2.2.22, and WarFTP Daemon / Guild FTP server version 0.999.13.
f7e189f0655ec928de2b27d398b63004754ae6497a019f787feea012621c36f3Winamp is vulnerable to a buffer overflow vulnerability when processing ID3v2 tags of mp3 files. To exploit this vulnerability, a user has to add malformed mp3 file to the Winamp playlist, and play it. The vulnerability was tested on Winamp versions 5.03a, 5.09 and 5.091.
883ada7f9612a1df12849639513fc5cefa2acdd94f5c6810f9f84e4a64a6a23cLSS Security Advisory #LSS-2005-06-06 - Crob FTP server versions 3.6.1 and below suffer from various remote buffer overflows.
c87f455adf3a1de29ab1bbd59e257815a8b6261cf9e1c2be3b87a1d648f5b816LSS Security Advisory #LSS-2005-06-07 - Popper webmail is susceptible to a remote code inclusion bug in childwindow.inc.php that allows for remote command execution.
df5832afc053b6a437f0df4c9905733d31fb35594d529c89550ba0a5fb3cc1c2Exploit for the Ethereal IAPP dissector remote buffer overflow vulnerability. All versions that have support for the IAPP dissector are affected up to version 0.10.9.
526f33ba2f77710943103bc1d05b2c8a140887ea702b11aa53b942fa083849f1LSS Security Advisory #LSS-2005-03-05 - There is a buffer overflow vulnerability in the Ethereal IAPP dissector. All versions that have support for the IAPP dissector are affected up to version 0.10.9.
63b1cc3f3155d1879b4735aff3a5831a2bec847f7be9ce147c4a43a685e19f09Exploit for the Ethereal 3G-A11 dissector remote buffer overflow vulnerability. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.
5630433d3aa4230867dbe25c72e8a8b0ce98dc61d46e9b0142eb5e80726e7c18There is remote buffer overflow vulnerability in the Ethereal dissector for CDMA2000 A11 packets. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.
d279201e64f7d7ea4798aa76b9407af0207f59dbc661865a44c9f8a85e63ef5c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed