txtBB versions 1.0 RC3 and below suffer from a HTML/Javascript injection vulnerability that allows for privilege escalation.
83be17128bca52eeeb3d407c98a098dcdc7d4a9f0391d6afc260ecee0531a606Whitepaper called Exploiting Web 2.0, Real Life XSS-Worm.
de5ab8adb4270d52d585f53dd3f643708a861804db127890d71fbc495b960293GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
692a956d0280424ec1d44745090b00118e2cf07a274621cb29f555857ad3325cScannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
9ce9c0fc5de9173c30ea4e53ff3bea5c330c99325454f89e30e2d70b0704619fC4 SCADA Security Advisory - Areva T+D E-TerraHabitat and E-TerraPlatform solutions suffer from denial of service and privilege escalation vulnerabilities.
313222dd8a72c861545fb4fffdbb7ca944ab74de61117f8bcd90eb111c777005ClearBudget version 0.6.1 suffers from local file inclusion and insecure cookie handling vulnerabilities.
c2c45a31b0dd169bc8ff555020a1b36a476458018305ef9ae62593b12ec0230fClearBudget version 0.6.1 suffers from a database disclosure vulnerability.
72f1c6e82c863b2b6e34cbae5b7099ed14a6023b13560cdabe605925a4bab8b2Nokia N95-8 browser crashing denial of service exploit. Apparently this vulnerability also affects Firefox 3.06 causing a stack overflow.
86dfd323b43887238748e4a0706ff35c4404cb91073d28fa6fd5e401195533faProof of concept exploit for the FeedMon version 2.7.0.0 outline tag buffer overflow vulnerability.
36cff8e5f3605de8b129d70a05eacba2f012ba2169b898cb90a83b34a302ab11dBpowerAMP Audio Player local buffer overflow exploit that spawns a shell on port 7777.
02db4c29210f95e0efd9bfe1daf53b23d6a7a7911428635f98ee77c62041d35dSecurityFocus.com suffered from a linked cross site scripting vulnerability in the whitepaper search section.
cd205aed5150ef5a15c952b41b9b02bba56e8c5d159a9e21c9894b8930705d8eFeedDemon versions 2.7 and below suffer from a remote buffer overflow vulnerability.
cc0d40472e74081a342c3ee71a086147180630b62e1d792fd074ed7e63407b1cGR Note version 0.94 Beta suffers from a remote database disclosure vulnerability.
e4e954066f4c8d75208d2a6a631043dfc1b88ca315f71f7a0367922f62065d95The prdomain business register suffers from a remote SQL injection vulnerability.
2899c9f2295dfd56c2e175b8f59c62e03f2f77395349c496b0bdccf6bf324e19Debian Security Advisory 1717 - Stefan Cornelius discovered a buffer overflow in devil, a cross-platform image loading and manipulation toolkit, which could be triggered via a crafted Radiance RGBE file. This could potentially lead to the execution of arbitrary code.
265e84e682128cc2db4b0e85ebb3365be5c458f93067eff4a6edd31c6a500945Kipper version 2.01 suffers from cross site scripting, local file inclusion, and database disclosure vulnerabilities.
1d73cfe83d80e0a5b7cd0efb387b348bb8dceb98684fcd7db4bbf1e231553ceeThe Drupal Link module version 5.x-2.5 on Drupal 5.10 suffers from a cross site scripting vulnerability.
3e2442e480ab223cc24f6ee320ce3b85120926b9167e229e54754da3df85805fUltraVNC and TightVNC integer overflow proof of concept exploit.
ee4fc95781d5555e777203dd6d8110e53eb07ac2a46c4a04f7d1ce1780be7ae2Secunia Security Advisory - D.Mortalov has reported some vulnerabilities in 4Site CMS, which can be exploited by malicious people to conduct SQL injection attacks.
be1ac3054d553a1db1c0e16cf5ad5c488168802fbe8343310da83aa160f1e773Secunia Security Advisory - Fedora has issued an update for roundcubemail. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.
e01358e092f09844126cd4a0f2041a702452ae455f71d3497f10e26cb3558b92Secunia Security Advisory - Some vulnerabilities have been reported in multiple Cisco Products, which can be exploited by malicious people to cause a DoS (Denial of Service) and by malicious users to bypass certain security restrictions.
d76004fb0db35ad33afdcedd20c620eea016a28e1c2e6b8b1a83c3667f192032Secunia Security Advisory - Fedora has issued an update for gpsdrive. This fixes some security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
fdad77de7aee2e0c002b6182e26c6054d68cb77f5f9bf74f112ead766795b5e7Secunia Security Advisory - Fedora has issued an update for nss. This fixes a security issue, which potentially can be exploited by malicious people to conduct spoofing attacks.
ce3306cb6c676a7dce98d9664374322af299a4e7265ce58743cb74eaa270c53bSecunia Security Advisory - A vulnerability has been reported in the Views Bulk Operations module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
35fc57118d9208cdd03c6131855cedad4ef1eaaa7bb6b03d6031cfeef1681c41Secunia Security Advisory - A vulnerability has been reported in htmLawed, which can be exploited by malicious people to conduct cross-site scripting attacks.
a0b140dd40cb2bac576cef892365adff587801780b298bb1fa362fd632504879
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed