Typo3 CMS versions 6.2.14 and below and 4.5.40 and below suffer from a cross site scripting vulnerability.
5fe660afc121bc98f78855bc4c8a79507bdd0980f0cc631158e37e50937cd828Multiple buffer overflow vulnerabilities have been identified in Yahoo! Messenger versions 11.5.0.228 and below.
9d26e574742a05e0d9ed0da0fc36fb791f73fe5d0fc5808ba608861876ba8aafThis Metasploit module exploits a stack-based buffer overflow vulnerability in GetGo Download Manager version 4.9.0.1982 and earlier, caused by an overly long HTTP response header. By persuading the victim to download a file from a malicious server, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3.
d221161463d2ce4c841da81d4b8047cf3a870adfd262c14d29a88c0aff92cacfEasy File Management Web Server versions 4.0 and 5.3 contain a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code.
2039514b66ce596ea64365ef4991d5e6a022c978a82c9ac5be853aebebb0af20Easy File Management Web Server version 5.3 USERID remote buffer overflow exploit.
b364c7edc6c03e244a4a4f0e0f4d9b842e07eab722f99c60858b54553b348888Free Download Manager versions 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and possibly others are affected by a stack-based buffer overflow vulnerability. Proof of concept code included.
d757234aa82969bb55c4498cb2fc25d5a4f629a3efd5fc1a69edf4175c7a988aGetGo Download Manager version 4.9.0.1982 HTTP response header buffer overflow remote code execution exploit.
b71f7cfd63c6e6d52aa0cd84b8e6587aad6d03dad7f571d24247fbf0842affa4GetGo Download Manager versions 4.9.0.1982, 4.8.2.1346, and 4.4.5.502 suffer from a stack based buffer overflow.
37e7b43cd0b640f958d68aebcb6fef26f37e335a1fdb848743f568b90af6185cVideoCharge Studio version 2.12.3.685 GetHttpResponse() man in the in middle remote code execution exploit.
228da2a55f85e238a38f51f0a1e8c982a474297369a89295f5a2d46727406ec5VideoCharge Studio version 2.12.3.685 suffers from a stack buffer overflow vulnerability.
73fd64057ffa4960396c8186ba3b099299420ab0955d8d2a7ad8d4308d44e0ebKingsoft Office Writer 2012 version 8.1.0.3385 SEH buffer overflow exploit that creates a malicious .wps file that pops calc.exe.
b7d9ad349ded8a5a19c71d80cba93ff175a9354bd4e6012b41c0c8d3a2f14174Avira Secure Backup version 1.0.0.1 build 3616 suffers from a buffer overflow vulnerability.
8a2c729190e444854e9eea2ba4a3bf9fc83b7990ca632fb6cff00b8e685190a9Watchguard Server Center version 11.7.4 suffers from multiple reflective cross site scripting vulnerabilities.
21a7488291867114eeb368131b1bd0f179b36af50dd69fe04235cd15e9d10e81Watchguard Server Center version 11.7.4 suffers from a dll hijacking vulnerability with wgpr.dll.
b67a720d0a797532d0f3e4fea6a5b7cd8823f0a69b548c11cca0352f1007db8eThis Metasploit module exploits a buffer overflow in ABBS Audio Media Player. The vulnerability occurs when adding an .lst, allowing arbitrary code execution with the privileges of the user running the application. This Metasploit module has been tested successfully on ABBS Audio Media Player 3.1 over Windows XP SP3 and Windows 7 SP1.
8e7dbe90958fe8302802551dc7fa864bd2477fa21cadd92aa30a40e30889a87bAn invalid pointer dereference vulnerability has been identified in WinAmp version 5.63. The application loads the contents of the %APPDATA%\WinAmp\links.xml on startup (the key lngId="default") and while browsing through the bookmarks in the Browser view of the GUI, but does not properly validate the length of the string loaded from the "<link name>" and "<home url>" keys before using them in a pointer call in the library gen_ff.dll, which leads to a invalid pointer dereference condition with possible code execution.
99fc912aec9bf8e6915bfe5b9f35e6490007597a4a95e0a25c852c3364dc998fWinAmp version 5.63 suffers from a stack-based buffer overflow vulnerability. The application loads the directories in %PROGRAMFILES%\WinAmp\Skins on startup to determine the skins that have been installed and to list them in the application menu point "Skins" and in the Skins Browser. But the application does not properly validate the length of the directory name before passing it as argument to a lstrcpynW call in the library gen_jumpex.dll, which leads to a buffer overflow condition with possible code execution.
a76ea933b9df26a37cc6888564494cffff7f2cecd9238e9b31fca155cae86ed4A local privilege escalation vulnerability has been identified in Photodex ProShow Producer version 5.0.3310. Insecure file permissions on the executable file "scsiaccess.exe", which is used by the application service "ScsiAccess" under the SYSTEM account, may allow a less privileged user to gain access to SYSTEM privileges. A local attacker or compromised process is able to replace the original application binary with a malicious application which will be executed by a victim user or after a ScsiAccess service restart.
d3fa045e2673851c540274839e21d86b9ded844acad5b02695a52999b8f3dffdHP Intelligent Management Center version 5.1 E0202 suffers from a reflective cross site scripting vulnerability.
7911d915326d86bec4aa7bcdd5bae2ad5bd871c1220a20f5aee4f992e29eaf0dPhotodex ProShow Producer version 5.0.3297 suffers from an insecure library loading vulnerability. Proof of concept code included.
37042fd4c529e3d7db8443fd5e77c902abe947c3615533a5f6e2701744019f79Photodex ProShow Producer version 5.0.3297 suffers from a stack-based buffer overflow vulnerability. When opening a crafted transition file (.pxt) the application loads the "title" value from the pxt file. The application does not properly validate the length of the string loaded from the "title" value from the pxt file before using it in the further application context, which leads to a buffer overflow condition with possible code execution via overwritten SEH chains on Windows XP/7 32bit. Proof of concept code included.
ea2d7dca9a83d313a225c8b9a5f034f06ab679db12c229e96637363431e9c049A memory corruption vulnerability has been identified in Photodex ProShow Producer version 5.0.3297. When opening a crafted style file (.pxs), the application loads the "title" value from the pxs file. The ColorPickerProc function does not properly validate the length of the string loaded from the "title" value from the pxs file before using it in the further application context, which leads to a memory corruption condition with possible code execution depending on the version of the operating system.
4c548ccf5e23c74bf6aebf62a75caa02e6097be464986683796f64a9f92f7c47Photodex ProShow Producer version 5.0.3297 suffers from a stack-based buffer overflow vulnerability.
8950afe8c76bac1b5fc520a0e7b3f1321468130de042fa250c83d0f3ac59b4f8The Serva version 2.0.0 DNS server suffers from a QueryName remote denial of service vulnerability.
b5cbd744342ad1eecd6b836f545154e91f162a2f846c7f9001896942b50d5e8dThe Serva version 2.0.0 HTTP server suffers from a GET remote denial of service vulnerability.
001b100a5c4e82ff91b36a959ef4c456faa5256c9837bae79b525146f1d84dc1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed