Paul Byrne of NGSSoftware has discovered a critical vulnerability in Apple Quicktime's implementation of the Indeo Codec which may allow an attacker to execute arbitrary code on a user's system via playing a malformed movie file in Quicktime containing video encoded in the Indeo Codec. Quicktime versions prior to 7.5.5 are affected.
294d4d92242e2bbc07de498d8204dd8aThe Baidu Hi IM client software suffers from a denial of service vulnerability.
bbbf6aeed6465d77771ab86989e89ef0Secunia Security Advisory - -tmh- has reported a vulnerability in Powies PSCRIPT Forum (pForum), which can be exploited by malicious people to conduct SQL injection attacks.
7fd26302049c283772ec11409530936aSecunia Security Advisory - A vulnerability with an unknown impact has been reported in WebSphere Application Server.
43fdc67567e20a3c3e861cdb21209f49Secunia Security Advisory - Nortel has acknowledged a vulnerability in Nortel Switched Firewall products, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.
1748fcd9ed4cd3a9a652fa52f138149eMicrosoft Windows is prone to a kernel-related denial of service condition due to the way srv.sys handles malformed WRITE_ANDX SMB packets. Metasploit exploit code included.
25af0dea610017b0a37c7579326b9e5fCzarNews versions 1.20 and below account suffer from an account hijacking SQL injection vulnerability.
29d950871e395adf3befdbc3b248e3e0CzarNews versions 1.20 and below remote SQL injection exploit that uses the cookie.
95b1fbfc40a9f7ed31e43f21632506fbSecunia Security Advisory - Debian has issued an update for git-core. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
15605784e405a7daf74da494ecc6426cSecunia Security Advisory - FIREH4CK3R has reported a vulnerability in vbLOGIX Tutorials Script, which can be exploited by malicious people to conduct SQL injection attacks.
97f5d02ec4083222c39a6c0890ca9007pGalerie version 1.0 suffers from a remote SQL injection vulnerability.
3f5df9d01c240a57b5ea341e4904aca8Web 4U Ghana suffers from a remote SQL injection vulnerability.
e21aa0484a368ad0504912715fed83d5A Website For All suffers from remote SQL injection vulnerabilities and also has a default password.
d5e0d640b7237844cd930907d647468bDebian Security Advisory 1637-1 - Multiple vulnerabilities have been identified in git-core, the core of the git distributed revision control system. Improper path length limitations in git's diff and grep functions, in combination with maliciously crafted repositories or changes, could enable a stack buffer overflow and potentially the execution of arbitrary code.
86e90f113df62d1e1534171635a605b7Cpanel versions 11.x and below suffer from a local file inclusion vulnerability that allows for system compromise.
e6f203cb984696d7b2574759474eca42Horde and Turbo Contact Manager version H3 2.2.1 suffers from cross site scripting and remote java file inclusion vulnerabilities.
3e8424f9bd1f5d4ffe1d8ba251266b8fPaper discussing playing with sockets and port scanning.
1b2cc491a1edef335cc4166fa98db010New Downline Builder suffers from a remote SQL injection vulnerability in tr.php.
298eea9eb94d9fc4b96403e86a20a5cdDownline Goldmine Builder suffers from a remote SQL injection vulnerability in tr.php.
3d4d122a36b1bbe9651cf5840d4c609fCategory Addon suffers from a remote SQL injection vulnerability in tr.php.
78128d85dc7df61892ab3f43d217e79a
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed