The Flashblock extension suffers from a bypass vulnerability.
3abdbbc0d0c93123afc790840b3faa118624f14c03969635f0631ffcef0e04c3The Microsoft Malware Protection Engine is susceptible to two denial of service vulnerabilities.
470195fff2629e9ffcacfa65a5d39dfc77abca29a4a5d14aef9889df5fcc0c1dThe Yahoo! Assistant (3721) ActiveX control is susceptible to a remote code execution vulnerability. Versions 3.6 and below are affected.
8039debd2fc4ad573e54771c91907d5dd43665633cecefbad5b990965e1a3b4eThere is a vulnerability in TrendMicro Antivirus, which allows an attacker to escalate to SYSTEM privileges, cause a denial of service, or potentially execute arbitrary code.
cbbe329974518f2285471fa2997e42aa2c2f547dfec54c5cfd80f713192ff19cAvast! Home/Professional versions below 4.7.1098 suffer from a remote heap corruption vulnerablity when processing tar files.
9f92d4f3c6008e5617da162295351ea8967ec9216dc3cc289ad4ea33b811d385AhnLab AntiVirus V3 Internet Security 2008 suffers from a denial of service condition that may lead to arbitrary code execution.
b9871befeef9483c9341e420a26f081ceacb053a4ca88b82547337d463e7ccb7Apple QuickTime player versions below 7.1.5 suffer from a udta ATOM integer overflow vulnerability.
e03394245274b6b00e5fa22b4c2814fab82e21766b6d438a9e3795daf1e5fb32Sina UC ActiveX is susceptible to multiple remote stack overflow vulnerabilities.
a9afe17447add80ad7ac871bd7a82d4c0ead1d050043917422ca2e7989f5c4cbThere is a DACL weakness that exists in the HP all-in-one products drivers, which can be exploited by malicious, local users to gain escalated privileges.
4cdf87116b8d9ee3c3f00f60c40288c8b169a7243a24ee7362d44092701f936fThis vulnerability allows remote attackers to execute arbitrary code in the context of the logged in user. An array boundary condition may be violated by a malicious Microsoft Office (DOC/PPT/XLS) file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious Microsoft Office file.
557ac5b561185b4409b354703022b4e5b04b1b7d390dcc2fe8ee31074e5ded9dApple QuickTime versions 7.1.3 and below suffers from a flaw where a carefully crafted H.264 movie can trigger an integer overflow allowing for arbitrary code execution.
6c090024f18a7c46674718dc456d8725aec97dea0295516493942ab00ae11cefA vulnerability Microsoft Powerpoint allows remote attackers to execute arbitrary code in the context of the logged in user. An array boundary condition may be violated by a malicious .PPT file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .PPT file.
30b627d479aa605a484c97b5825eb6551f6f35f7202004e7be15e2a53a90f1cdAn array boundary condition in Microsoft Office may be violated by a malicious .xls file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .xls file. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, and possibly others.
fb609c739271a9ebe6e5cec1b2eae2fa37472dc298a788c5b6d84cdea012300dA vulnerability that allows for arbitrary code execution in Apple QuickTime versions below 7.1 can be exploited by persuading a user to open a carefully crafted .mov files or visit a website embedding the malicious .mov file.
a89f12ae3f451f766a0aca560c2172873afbd4aee6a95b6ad188f185d5f05218Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability: This vulnerability affects systems that use Double-Byte Character Sets. Systems that are affected are Windows language versions that use a Double Byte Character Set language. Examples of languages that use DBCS are Chinese, Japanese, and Korean languages. Customers using other language versions of Windows might also be affected if "Language for non-Unicode programs" has been set to a Double Byte Character Set language.
9928b78c2e165f8d0be66728788d0d369520d36f2e3f50b6f0342f762ba5d58cWinEggDropShell Eternity version 1.7 is susceptible to preauth stack overflows. Proof of concept denial of service exploit included.
2ec95ea1eb4e9a0c406b4c6e8ae0c57a3f64aba3b51d781bc5062ceb434bc713Ethereal SLIMP3 protocol dissector remote buffer overflow proof of concept exploit that crashes the program. Tested with Ethereal 0.10.12, WinPcap 3.1 beta4, WinXP SP2.
4040c8f6a0687370d485ce7020c65239db8950551fc47099f8dc2c15e9977dfbXcon 2005: Talking About 0day
e4d859a8ae5ae21d8225ae5961d59c20dbcc3a791da1b98ee61f8c0a40955b69BNBT EasyTracker is susceptible to a remote denial of service vulnerability when accepting a malformed HTTP request. Demonstration exploit provided. Versions 7.7r3.2004.10.27 and below are affected.
f9291b23377db55f3b2c53e515326c7b8ac550f848e8a637eecb137eee6a7662LeapFTP versions below 2.7.6.612 suffer from a buffer overflow flaw when processing .lsq files.
32ec455c4bb5ce48b9e778645c2fe17108ccb537116bb2ab4c39ba6288277afcA vulnerability in PeanutHull versions 3.0 Beta 5 and below allows for local escalation to SYSTEM privileges.
e386d26672ec959f3aae1a8ff760d9fb2cce069ebf985167f901becbb46f3893Darwin Streaming Server is distributed with a web-based admin application that allows it to be configured through a web browser. Version 5.5 and below of the Windows 2000/2003 Server distribution of this package is vulnerable to a denial of service.
c987692cc8c8b1c843e510d206f9d2a49af9b2847c26be81960db8c06e8cdc78Multiple denial of service flaws have been discovered in PY Software's Active Webcam webserver version 5.5.
26151850928cc836c6124073c2ae43a20e7622af212d9438d9c3507060f714fcLocal exploitation of a design error vulnerability in the Gene6 FTP Server could allow the attacker to gain elevated Priveleges,usually the SYSTEM.
e242968e801468eec0c32ef5861e9293070e77c7459e9d37ae964bdf11eb5533TFTPD32 is susceptible to a remote denial of service attack.
08d63438b5eeee5c70a2de34a5848af21d0b764e94caf2d59984c64995ca09c9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed