Ubuntu Security Notice USN-738-1 - Diego Petten discovered that the Base64 encoding functions in GLib did not properly handle large strings. If a user or automated system were tricked into processing a crafted Base64 string, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program.
142d7caef8306ce3d9680632ff5816cfb188d0250570f70c3e4e04b9f8e64061Ubuntu Security Notice USN-734-1 - It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media (OGM) files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. It was discovered that FFmpeg did not correctly handle certain parameters when creating DTS streams. If a user were tricked into processing certain commands, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.10. It was discovered that FFmpeg did not correctly handle certain malformed DTS Coherent Acoustics (DCA) files. If a user were tricked into opening a crafted DCA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg did not correctly handle certain malformed 4X movie (4xm) files. If a user were tricked into opening a crafted 4xm file, an attacker could execute arbitrary code with the privileges of the user invoking the program.
5537267f70415650662292211f6955cbc9cb714e91da9e07fce11f6086570d49Gentoo Linux Security Advisory GLSA 200903-29 - Insufficient input validation in BlueZ may lead to arbitrary code execution or a Denial of Service. It has been reported that the Bluetooth packet parser does not validate string length fields in SDP packets. Versions less than 3.36 are affected.
184f9a14664dd2c864cbcdbbb51cc6287248747445a5ee6b4aa4a2323828212aUbuntu Security Notice USN-737-1 - It was discovered that the Base64 encoding functions in libsoup did not properly handle large strings. If a user were tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges.
f874a8bcf1deb0809b7e56c5833224376f539f277c373bf447e52e2715662ad5Ubuntu Security Notice USN-735-1 - It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges.
fd424f82cf882fbd59608a64ee9ee0e070c4235da7e96a3c94f60a15d7238d77Ubuntu Security Notice USN-736-1 - It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample (ctts) atom data in Quicktime (mov) movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Sync Sample (aka stss) atom data in Quicktime (mov) movie files. If a user were tricked into opening a crafted mov file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Time-to-sample (aka stts) atom data in Quicktime (mov) movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program.
e96fd857e4e7e1dc33b464d15c6b61d1bc385283c3b430689d54b60a852623f3Ubuntu Security Notice USN-733-1 - It was discovered that the Base64 encoding functions in evolution-data-server did not properly handle large strings. If a user were tricked into opening a specially crafted image file, or tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges.
c4665932c1a0959c853aa9bf23b3fcffd576ffaaa83886aadc7e7e6ea61da20aThe 3rd edition of YSTS (You Shot The Sheriff) has announced its call for papers. It will be held in Sao Paulo, Brazil on June 22nd.
acdc792127ef48abc2600c94f20efea05afb74e7c70ed819d89a7ddebe06c73bWinAsm Studio version 5.1.5.0 local heap overflow proof of concept exploit.
70c72405b8626aa69f6cb46da6dc65e650d6eab7c983066770c56348bf74ebc0Kim Websites version 1.0 suffers from an arbitrary backup download and phpinfo disclosure vulnerabilities.
39735faafcaec39dd0ceafca9d97be5a35310db3e4e4a66de2f406114c199703This is a small piece of shellcode written in assembler that can scan the user-land address space for small blocks of memory ("eggs") and recombine the eggs into one large block.
8f64a632ae31b520f87ac44f9927c36b3d08aeef8e12e7ea7b7456352c7aadbbOpenCart version 1.1.8 suffers from a blind SQL injection vulnerability.
4afbb0b776c1f7f3dcf3c064b4802ac815d06428bdfaa3c74451542cf3a8b160Proof of concept exploit for a local buffer overflow vulnerability in GOM Encoder version 1.0.0.11.
58d6dbc87679dc206331add6d6a07dc1a400ec6b33bd5051b484e6f168dfa930phpFoX version 1.6.21 suffers from a cross site request forgery vulnerability.
58612fada80c96469c3975032d84433f03940bb3619168cab8d70b088432e138Debian Security Advisory 1742-1 - Alan Rad Pop discovered that libsndfile, a library to read and write sampled audio data, is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution.
a37ce76a07759aa2c00c1ba6f442f62a8e9d2ce0729a65e12e9c1b573afa3af3Short tutorial called SSH Tunneling and SSH Port Forwarding.
926defa41e4a65db97daa334314e4326f0043f734a5e09258d78875539d0a316Gentoo Linux Security Advisory GLSA 200903-28 - Multiple vulnerabilities were found in libpng, which might result in the execution of arbitrary code. Versions less than 1.2.35 are affected.
bc9fa888d3762a9db0b644b2ba836732cc538b8c7ed65bacade59f0336bf2361Google Chrome version 1.0.154.48 single thread alert out of bounds memory access exploit.
aee43125382eb8595c468b2807c49b4a03835d0339d0495c6b07dfe3afc90195Cryptographp version 1.4 suffers from a file disclosure vulnerability.
c1fc5b8afabf812c4cd990c25c93a85e1883362363d31e338f0d0660a5d49b64Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
7ba1c4d05320cca514a145d5c8c6f913d21e5f7f72cd9d1dcb7d10c0333b5f5bXplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc.
ec89c87b5dacd6f201e2078550115234eed3074ba07c6eb7006c38acee229079Rosoft Media Player Free version 4.2.1 local buffer overflow exploit for multiple targets. Binds a shell to port 7777.
836ab9f988813f2edd4d96a5ec2c0a7f3aa258f64d8974ed5d8d53255343484fGOM Encoder Demo versions 1.0.0.11 and below suffer from a buffer overflow vulnerability.
f2e0f2e0540fd0f79188643dd66a89c38e2127a6469f2774d2964dde01db10b1Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode reference crash exploit.
02291ecdde47dce048dcb42adac3b1508cdea7e7ab5645016e1f5be7b0b67ea1Rapidleech versions prior to revision 36 suffer from arbitrary file download, local file inclusion, and cross site scripting vulnerabilities.
7d9872255ecc7e5a71246813fc98462efee5cccb388c1fc567fb276b2a59fe29
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed