The default POP3 server installed on iSeries boxes allows for username enumeration. This PDF contains a table converting POP3 login errorcodes to their actual meanings.
4d267c5719f82f3364c7ebc3a98ea3abbcbf5823e3324094c48771565765e12eThe InternetCreateUrlW function of wininet.dll, a core component of Internet Explorer, is vulnerable to a buffer overflow attack when the source buffer is copied into the destination buffer using WideCharToMultiByte. In practice this is probably only useful for Denial of Service attacks (if that) and still requires some social-engineering to actually exploit this.
ff53458ff1c02389c39168172c59ac6ab1cbb62bfdb0fc78469a4dc9190da6caOlder versions of MusicMatch (like a large number of other software packages, including core components of Windows) make an insecure call to CreateProcess. This is a local attack which requires that an attack can write files to the root of the C:\ drive, something that actually is possible with versions of Winows prior to XP.
9faba944c8b50a3f791d05142beaf4ad28418d0d8414df595ed593e83feed2eeUbuntu Security Notice USN-111-1 - A remote Denial of Service vulnerability has been discovered in Squid. Versions of ubunto up to 2.5.5-6ubuntu0.7 may contain vulnerable versions of squid.
5410ff64f8687a5559684c5a08918347a5be9390c3b89ed0c767095b795a22d2Sumus, a Internet-based cardgame program, is vulnerable to a stack-based buffer-overflow in the server component.
04b607c7c82dcc14b5382394ef565748a6ad092ebe29a4a4a2e157d6d8c1ab8dAll4WWW-
c3d17514e1fa26e0970b8916a28ed513073ce3377b213d0794119ac7f3ef0ee3Example of malformed MIDI ringtone which can be used to cause a Denial of Service condition in LG-U8120 mobile phones.
d88d8912a07b8432a22f5b3279b4ba54f57f6883f9b4a6dbd3af5acca52d6b49LG u8120 mobile phones are vulnerable to a Denial of Service condition when malformed MIDI ringtones are sent to them.
43d00dc0128c5866e3796a05f31f1e9218064ce1216fa3f9f1e729bed32d07aecpio is vulnerable to a time-of-check/time-of-use attack, where a user MIGHT be able to change the permissions of arbitrary files on the system, when cpio is being used to unpack an archive. The likelyhood of this attack working is EXTREMELY low.
adfbd806dec0f7b16d8cdda758c2e49fb3927d4e11c4c2152a78aea6d416202aIBM WebSphere Application 6 and prior are vulnerable to a JSP sourcecode disclosure issue when the Application Server and Webserver roots are configured to be the same.
f528fdb3fac42ff14cc7162becf5513975c73b196deb7b13bbcfff0c72f0f3d1Gentoo Linux Security Advisory GLSA 200504-12 - The copy_symlink() subroutine in rsnapshot follows symlinks when changing file ownership, instead of changing the ownership of the symlink itself. Versions less than 1.2.1 are affected.
a1a6ff3a18efb1b5a7fc789b905df40270bf6e2d26b9f4b368572cb426b4d8f4WIDCOMM Bluetooth Connectivity Software is vulnerable to a directory traversal exploit.
26922982be2e110326b1f4ab84e34eb26baddab981f457133c2df971e2f2f145Example predebug code execution exploit, demonstrating how programmers being loaded into debuggers can attack the machine running the debugger. Example showing simple command execution.
76d7d2479d8d488badcb0576ec9f7d6ca96d0d10a0e52cd27298f200805cd49eExample predebug code execution exploit, demonstrating how programmers being loaded into debuggers can attack the machine running the debugger.
33ca07cc4db8f94578af6e6aae40cf6f4c90465438674f0c1438b9825c9a1273
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed