ElasticPwn is a proof of concept exploit that demonstrates the directory traversal vulnerability in versions prior to 1.5.2 and 1.4.5.
b8dc5f1df82809852d6a77c351c7f2eb981f60244033ee5ab50a39260d9b0d1aAll Elasticsearch versions prior to 1.5.2 and 1.4.5 are vulnerable to a directory traversal attack that allows an attacker to retrieve files from the server running Elasticsearch.
e14bc9f35bf13a67b98981ea4b74e9432b3624b8a7bccf2d1aad94a07d646feeWade Alcorn and John Heasman of NGSSoftware have discovered a stack overflow vulnerability in Castle Rock Computing SNMPc Network Manager. Versions 7.1 and below are affected.
44f1205ae4dc7f2841bac78a799e87ca996df01f25e2116bf1a2a9de5b97fa5dNGSSoftware Insight Security Research Advisory - It is possible to cause the Java Virtual Machine to overwrite an arbitrary memory location with an arbitrary value (repeatedly and in a stable manner) when parsing a malformed TrueType font. JDK and JRE versions 5.0 Update 9 and below as well as SDK and JRE versions 1.4.2_14 and below are affected.
0f0ebea1254e1ec07669df846e6a69c1b0b5d28d5ec47a79fc20ee4ef9e02c1bNGSSoftware Insight Security Research Advisory - JDK and JRE versions 6 Update 1 and below, 5.0 Update 11 and below, and SDK and JRE versions 1.4.2_14 and below contain a vulnerability that allows an untrusted applet to violate the network access restrictions placed on it by the Java sandbox.
9a7c6871dff0c09ab04b8fb752675bf310bc954b330129c49fbe3633fb2bc29cAll versions of RealPlayer 10 and some builds of RealPlayer 10.5 suffer from a heap overflow in the ID3 tag parsing code.
46421bbdec94678eace2f1448aa87b7317888d18e61f1d242f583bc1db79e149NGSSoftware has discovered a high risk vulnerability in Sun Microsystem's Java Web Start that ships with the JRE and JDK on Windows platforms. The vulnerability affects Java Web Start in JDK and JRE 5.0 Update 11 and earlier versions and Java Web Start in SDK and JRE 1.4.2_13 and earlier versions.
18365c45e4d10cf127f912194570aa30696d54cc5d34635beed0f89e4620a0ddJohn Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of RTF documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2.1. If an attacker can coax a user into opening a specially crafted RTF document then the attacker can execute arbitrary code in the security context of their victim.
be4a33febe226d70a1f14570aa889aadb761814ecb40cb7d6d9614c7df6778d0A stack overflow affects all versions of OpenOffice prior to 2.2. The flaw exists in the handling of StarCalc documents within OpenOffice.
c06dc4d6cb7f25d0c27d7c5763173af7931fb5c54fce6b66c583a2a8e0cb583dBrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote resource exhaustion vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause LGSERVER.EXE to write very large files to the system disk. In addition, the LGSERVER.EXE process becomes unresponsive until the file has been written.
5e363b53e6622717f68088020395485bc3abf558e7989dfb9923e72982cf384eThree heap overflows have been discovered in OpenOffice versions below 2.1.0 and StarOffice 6, 7 and 8. If an attacker can coax a user into opening a specially crafted document then the attacker can execute arbitrary code in the security context of their victim.
0bc1c17478066157d522005ac5c33b04a9f2b3857860aeb56b9a06aedd499e60Whitepaper entitled "Implementing and Detecting a PCI Rootkit". This paper discusses means of persisting a rootkit on a PCI device containing a flashable expansion ROM.
260ded5cc1071aca1b4d5dfacad60c3e7469b9713f06b292531eeef70176c5cdNGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in the Microsoft NetDDE service which can allow a remote attacker to execute arbitrary code on a system without authentication. This vulnerability can also be used by any low privileged local user to gain Local System privileges. Systems Affected: Microsoft Windows NT/2000/XP/2003 Server.
7fe7b3cd43a05089bc18d0500d8382f190e1c29289808a9a8cd64afe62566c0dNGSSoftware Insight Security Research Advisory - Two vulnerabilities have been discovered in RealPlayer which may potentially be leveraged to allow remote code execution, or may used in combination with the Real Metadata Package File Deletion vulnerability to reliably delete files from a users system. RealPlayer 10.5 (6.0.12.1040) and older versions are affected.
5c0369393320c3bc4942c495e3418f09710027a42e9c22a5dd5a498b9a15bf83NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in RealPlayer which can allow an attacker to delete arbitrary files from a users system through a specially crafted webpage with little user interaction. RealPlayer 10.5 (6.0.12.1040) and older versions are affected.
b462f3260253fe793321c8e2dfeaaaa00172ff31bc7e9284b32f1a9c98fb0224NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in the RealPlayer ActiveX component which can allow remote code execution when visiting a specially crafted webpage or when opening a specially crafted skin file. RealPlayer 10.5 (6.0.12.1040) and older versions are affected.
d332699dfef5d8bd70ed59b5f1cffff864fb02bf8b2f613b89ac2599be623d18NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in the MSN Heartbeat ActiveX component which can allow remote code execution through Internet Explorer. This component is installed by some MSN gaming sites and is marked safe for scripting by default.
437cb0444e747bd19c3d33d21dc1c6e7f5bed0c0cc0ce510e105d1b9021bdcd7NGSSoftware Insight Security Research Advisory - Multiple vulnerabilities have been discovered in the AtHoc toolbar which can allow remote code execution through Internet Explorer when browsing to a specially crafted webpage.
47bfb3702c540e74e290ac45de0ac6236c9dac1d8ea51d84b10c5a95b4edf519A high risk vulnerability exists in Quicktime for Windows versions 6.5.2 and earlier.
e225e65e339978dc3071b9a5afce13c6687b3bd18967e4ff3e7c14bb2d873daaRealplayer 10.5 permits execution of arbitrary code via a malformed skin.
b743a1d74b44fe7d8b975d6c7165caf91b93e5cc4d1f958f6e38c90fd2fdf13dMicrosoft Security Advisory MS04-038 - Multiple Internet Explorer vulnerabilities have been patched by Microsoft. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
8c12c38d2335efcde6058b11b2939c069107c03e4343a03882cdaf1d2b2296eeRealNetworks Inc. has recently been made aware of security vulnerabilities that could potentially allow an attacker to run arbitrary or malicious code on a user's machine. While they have not received reports of anyone actually being attacked with this exploit, all security vulnerabilities are taken very seriously by RealNetworks Inc. Real has found and fixed the problem.
6271c03d314637ce60285d26839c6ed02232a7c525f81fffb3637673d7cd4358NGSSoftware Insight Security Research Advisory #NISR11062004 - By crafting a malformed .RA, .RM, .RV or .RMJ file it possible to cause heap corruption that can lead to execution of arbitrary code. By forcing a browser or enticing a user to a website containing such a file, arbitrary attacker supplied code could be executed on the target machine. This code will run in the security context of the logged on user. Another attacker vector is via an e-mail attachment. NGSResearchers have created reliable exploits to take advantage of these issues. Versions affected are: RealOne Player (English), RealOne Player v2 (all languages), RealPlayer 10 (English, German and Japanese), RealPlayer 8 (all languages), RealPlayer Enterprise (all versions, standalone and as-configured by the RealPlayer Enterprise Manager).
9386d33a1646cab5f7eba3a0866f4a1fc55d21938426f75fe5d480922d5d3f5b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed