Netragard, L.L.C Advisory - Sonexis ConferenceManager version 9.3.14.0 suffers from a remote blind SQL injection vulnerability.
1f9f92a63ad712d5bdad484011567b4dc9edf18843008ce146b3c460e4a79e40Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution.
b4e62b2f700ce3815f78c1991849fbb9ad953a16a199be95b8d4740f1b5ad9a7Netragard, L.L.C Advisory - The libxml library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability. Safari uses the vulnerable libxml library and can be attacked via the feed:// input vector. Versions below 3.2.3 are affected.
9012ec278979cbf1e8f349fe20406fb03ef5ed6f98fa19b6fa6209f214f162f3Netragard, L.L.C Advisory - The GoGo Inflight Internet service fails to encrypt wireless connections between users and the access point.
e15a68a398d9fbb9df850bb9e64eb1d67cbb71a7114d0a7fa4d220d64af99af9Netragard, L.L.C Advisory - The Cambium Group Content Management System (CAMAS) Failed most Open Web Application Security Project ("OWASP") criterion during testing.
6dc9216857c8b8a7de3efc27c3d5195a6260f1f1903675c0dbdb8d568555f4bbNetragard's account of using Facebook to earn the trust of a company's employees and turning the tables on them.
07fe17adad384be9b339492dc7d5434525fa2531f80cffe9d1b7b53cb9c1ae1aNetragard, L.L.C Advisory - Core Image Fun House versions 2.0 and below for OS X suffer from a buffer overflow vulnerability when a specially crafted .funhouse file is leveraged. Proof of concept code included.
6c6bce17e27550c78e31772953580b27edbf6c06eb465a112c51012482a46cacNetragard, L.L.C Advisory - Netragard's SNOsoft Research Team discovered two critical vulnerabilities in the OpenBase SQL Relational Database that can lead to full system compromise. OpenBase versions 10.0.5 and below are affected.
461394d46dce182dddd5cd5ac8284bec3acbe0ca019c1b7a15477e4a510c19e6Netragard, L.L.C Advisory - Maia Mailguard versions 1.0.2 and below suffers from file read and directory traversal vulnerabilities that allow for remote code execution. Details provided.
d36bb22c015e1a08a2926bcf374d2972835a70bfa94c4a09681029459a05bf6fNetragard, L.L.C Advisory - An exploitable vulnerability exists in FrontBase that can be used to gain NT AUTHORITY\SYSTEM or root privileges on an affected system. FrontBase versions 4.2.7 and below are affected.
cd42c535ea4a9cbfa1eb848bf2b4eff416a1e0f36719dba4953b028de6dfb69eRoxio Toast 7 Titanium on Mac OSX executes the kextload command with root privileges. The kextload command contains two vulnerabilities which can be exploited by a local user to gain local root access to the system. This advisory outlines both issues.
4d9a1d1c4b802566deb492490350c56c3638f0b626e4adf257715a70770d86bbDeja Vu, which is bundled with Roxio Toast 7, creates ruby scripts in the /tmp directory. These scripts contain commands which are executed with escalated privileges. A race condition exists which makes it possible to execute arbitrary commands against the system or gain root level access.
dceb4c62c12876daaa9c13d289451d6a39385dd8a1b2de27fbeba98c759b1b3bRoxio 7 Toast contains locally exploitable vulnerabilities due to insecure system() by calls by suid binaries which use the user's $PATH environment variable.
a9a41ad652cad025669286ea026676bda759c1424a925ade740e5e98f354c33a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed