The CA eTrust Admin GINA component contains a privilege escalation vulnerability within the reset password interface. This vulnerability is exploitable only through physical interactive access or through Remote Desktop. Affected products include eTrust Admin 8.1 SP2 (8.1.2), eTrust Admin 8.1 SP1 (8.1.1), and eTrust Admin 8.1 (8.1.0).
3962113ae17c146b5640bd4ec12da7a3f96a4ed5be77c2f201e85de1071f6d9e
PHP versions greater than or equal to 4.0.7 and less than or equal to 5.2.1 suffer from an arbitrary variable overwrite in import_request_variables().
5fa15988075ab903a6fb5db15ca53a4cf5cbc587310a227e5c83e5aa6494637b
Article discussing file management security issues in Microsoft Windows Vista/2003/XP/2000.
af2416acea7784325eb7b5e5fd487071fe970b7a59fd3bfa82407217ee7559d8
Whitepaper discussing various port scanning techniques with explanations, diagrams, and examples using Nmap and Hping3. PDF version.
c0dd9c2daf75d423372e3098be822433dd1a7a63f0118e0a205fe59b2b971571
Whitepaper discussing various port scanning techniques with explanations, diagrams, and examples using Nmap and Hping3. Text version.
d3019251c4f27b4d2fb8cce28300a408be8e83c9a19904cca9e409520ba51ed4
Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in dmo/DMO_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
c5cdff64d715a5ff1636f58d8abe75e80d9cf94154c2f6c414ecfa5963b5f403
Mandriva Linux Security Advisory - Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
6b5b611577e93ca97e04c8e9a9708f6ef4e8e175667239866876ec1cabe8ae60
Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
98e19e2b7caff2cbb310887cdedbd0652b406d4d07adca198bf3b319303a428d
Mandriva Linux Security Advisory - ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
151bc594bf49a8d4c06b8d0066b3308be2e049c336aacb3b9f336c29486f9541
Ubuntu Security Notice 432-1 - Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without --status-fd, there is no way to distinguish initial unsigned messages from a following signed message. An attacker could inject an unsigned message, which could fool the user into thinking the message was entirely signed by the original sender.
b20afc54d5ee0271c49512ca07738acf7c820aafc428e8929919d4c440074d7c
Ubuntu Security Notice 424-2 - USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem.
e310fb1be714d20b26c72bf2cab12289e3cc50abbc9dc4f113ed397d55290dbe
PHP version 4.4.6 crack_opendict() local buffer overflow exploit.
94c68df67e2e1df9884d7e59cdc21affda88015442b720d1db00be61a81e5c00
Black Hat USA 2007 Call For Papers. Black Hat USA Briefings 2007 takes place at Caesars Palace Las Vegas, Nevada, July 28-August 2.
39881c79d18cff4a2243ee345d72c9e352f1ba186ebc8a37744b40431f26e9fb
dynaliens versions 2.0 and 2.1 suffer from admin bypass and cross site scripting vulnerabilities.
7ba86a132b64ef2603f7d81fe45715ad0422256df5f5da3b27ad3b7c7e64ec30
Asterisk crashes when handed an otherwise valid request message but with no URI and no SIP-version in the request-line of the message. Asterisk versions 1.2.15 and 1.4.0, along with prior versions, are affected.
4df0189ab0730598e7eef2261fe6960b91fbe72020bb219fd37a290679ce1e96
Conquest versions 8.2a (svn 691) and below suffer from buffer overflow and memory corruption vulnerabilities.
858134cf9631a43c96c8ccdb82c9d9e1ae83103f68ee6d3468c7fa13d3ca8cd0
Winamp versions 5.12 and below crafted .PLS file remote buffer overflow exploit. Written in Perl.
07d8b624ae8c747343fe22839b4742a9d2799a0d8bc965bb30020428d8281dde
WinZip versions 10.0.7245 and below FileView ActiveX buffer overflow exploit.
13135b625739a870d46e0156520936ebef5b93a66dc0bdbacf68dd04b7de0584
mod_security versions 2.1.0 and below suffer from a POST rules bypass vulnerability.
b3244d2e4f4855891b5b0d5e7fdac24d64fef9bb75f24aacf1299123e1bdf3bb
PHP versions 4.4.5 and below and 5.2.1 and below shmop SSL RSA private key disclosure exploit.
534c6aa03aa244af3fb2bbddad9f72491afa2df620545dc250817d60a24cf3cc
Snort versions 2.6.1.1, 2.6.1.2, and 2.7.0 remote denial of service exploit.
64c07aec5e8b5052f034febd2b9696cf0e4590dcd7684d523ffe6b812079b68f
Debian Security Advisory 1264-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.
8e3df8f485e671883be6bec88e44bb6c9e66f4edf58ff94affb4718bc6fd522c
A vulnerability allows attackers to execute arbitrary code on Apple QuickTime Player version 7.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of forged size fields in user-defined data atoms (UDTA). By setting this field to an overly large value, an integer overflow occurs resulting in an exploitable heap overflow. Successful exploitation results in code execution under the context of the running user.
3c46b27729a5cc0f77a4436b174b66b57347bfc4d93cec3e17ad567beaa38d7d
A vulnerability allows remote attackers to execute arbitrary code on Novell NetMail version 3.5.2. Authentication is not required to exploit this vulnerability. The specific flaw exists in the webadmin.exe process bound by default on TCP port 89. During HTTP Basic authentication, a long username of at least 213 bytes will trigger a stack based buffer overflow due to a vulnerable sprintf() call. Exploitation of this issue can result in arbitrary code execution.
ffb6df8237fe772875dbde8970d3255dc11ed6808126cdb08a3ecb0b4b34fa8b
PhpMyAdmin versions 2.9.2 and below suffer from cross site scripting and cross site request forgery flaws.
c091998521db907f610d4211ad5dff7c231c9f9f496f1e6d1d635a31d5158d5b