Chrome version 121 suffers from a javascript fork malloc vulnerability that indicates memory corruption upon crash.
c5fe58fff9338fa2b857b94610a42def7f40d9f7d58140b30fcf25e66b5a7686Firefox version 121 and Chrome version 120 may both suffer from a minor denial of service issue with file downloads.
87fff58ac306829b938551eaffd6ed12db00ff7e56118bf0e6a8e7d7cf6ed267cpio version 2.13 suffers from a privilege escalation vulnerability via setuid files in a cpio archive.
e4948bd6237737a1ce41d6d861ca14bf4316c0d417e7e9b48c670388f66f760aFirefox version 117 suffers from a file creation denial of service vulnerability.
0d270254e544e127717e08d6202c874bd08cb13e7feeb36cff908777b6a11ecaGNOME Files version 43.4 (nautilus) on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges.
ac80117ac673973985c2dd78f43ddd88009c6d2d28c771696ceaab5aceb3f410The documentation for the python CGI module suffers from a cross site scripting vulnerability.
12070a3cded8397a9c1036c6ffa17c97d5ef5a584b91e3216867995ff23654e8Sagemath version 9.0 suffers from overflow and denial of service vulnerabilities.
cd33738d86983c0d334c06354102833ee1f1e36d4ad569b092958d9f143920dapari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution.
ffffda78c0913f524e10b48ae7dd7f2a88fb017e7d948c4b48b4348c11a63e02PunBB with SQLite appears to store its database within the webroot, allowing it to be retrieved by attackers.
69a176611a21eebbc0aee350ecc71ddb18f3ad9ba64256f148c25a06a3685d57Apple Safari remote denial of service exploit for the iPhone / OSX / Windows.
bcf3762c17722ccbd9badf01735132e76fff0d22715bdb3bc81c0734638e143fPOC for a possible integer overflow bug in konqueror 3.5-latest.
00263bb5a228545e88b8e05dee01534319248a7271970aec28977e1612e8fbe9Various flaws exist with qmail on 64 bit platforms. Exploits provided.
e78a21634f16badb4dc5b430ee69e8aaf02b0f216e92396bb8d94d3c093ddf2dAn integer overflow flaw exists in sys_epoll_wait in the Linux kernel 2.6 series in versions equal to or below 2.6.11. Sample exploitation provided.
d083ba6efdf8af859e7ea6c1a4962bccf506a55a0eb627d60abf4685586d6b1aLinux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.
64668cf27bf96d59d1d1f9aeceaa70ae1834d86bc88475e6ae009a8b38a70a8bGeorgi Guninski security advisory #71 - By opening html in IE it is possible to read at least well formed xml from arbitrary servers. The info then may be transmitted.
e156bc37f51fe57421af3618c35923d4d1555d62766229c4eb0d0edca13f7471Secunia Security Advisory - Details have been released about several vulnerabilities in Mozilla, Mozilla Firefox, and Thunderbird. These can potentially be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system. These vulnerabilities reportedly affect versions prior to the following: Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8.
0a6ca10ffc4a3ba1127a2e7aff306ae4251a2daf157abd425b6d345403f1729dThere is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.
a8cc5f8ac30aaea07627d9adc2917e311c049a9732c8e5df1d08b9e3855672e0The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.
4fd4a3dc2ff2887823678f53b78e0b6b9f804c4881d7f2160ca9ed11a8f808d5Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).
9510c3cbe496d79d6ba299e4a9cfefccde6cd32836986fc9c388bc98a38277d8Two stack based buffer overflows exist in Exim 3.35. Both bugs need features enabled and are not in the default configuration. Proof of concept exploitation given.
353e702b40c92a2c6f894d544e776cf46bb65be439d7576759dac932b6645004Georgi Guninski security advisory #65, 2004 - Qmail version 1.03 is susceptible to a couple attacks. A crash in qmail-smtpd occurs with a long SMTP session. The crash is not global, it affects only the current SMTP session. It is also possible to trigger a segmentation violation (SEGV) from the network.
10dae39fc506d25c870163518f0077627ecaf939966caa0aad04678186ced065OpenBSD v3.3 and below local root and v3.4 local denial of service exploit which uses a kernel based stack overflow vulnerability in ICBS. Patch available for v3.3 here. Also works against OpenBSD v2.x.
02d1b6e6fd805a42150e80b21f685c51c4db5a62cb4d1d9e22b42e2992724a5cGeorgi Guninski Security Advisory #56, 2002 - It is possible to inject user supplied input to file descriptors 0 through 2, which in some cases (for example if the user is permitted to do su) leads to local root compromise. Includes C code which checks if your system is vulnerable.
5f384a32d95069e2a59cd9ac291811139c17cd24f6fb6bf2e1c41c048807c9f3AIX shellcode that does an execve() of /bin/sh.
b148fe51945518e8a42791b283e7d596af3c65b818e4827df4c53d3d8dd094dbGeorgi Guninski security advisory #53, 2002 - Two serious security vulnerabilities have been found in Microsoft Office XP. It is possible to embed active content (object + script) in HTML mail which is triggered if the user replies to or forwards mail. In addition, a bug in the Host() function of the spreadsheet allows creating files with arbitrary names and their content may be specified to some extent at which is sufficient to place an executable file (.hta) in user's startup directory which may lead to taking full control over user's computer.
3f49c6b96bb45bdcb1c169996f326348feabd1e79660329b74273529af5b2f1f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed