Limbo CMS version 1.0.4.2 cross site request forgery proof of concept exploit.
47e85c04e1e5955077ba75b1f7d3b717ba5756af132107e06e092a769be3d40cXRDP version 0.41 and below remote proof of concept buffer overflow exploit.
3850e56fcdf1147801a0b4e75c405946f3f28619ee595802594985b5ced6241ccTorrent version 1.3.4 and dTorrent version 3.3.2 buffer overflow exploit that creates a malicious .torrent file.
0cabf0dc05b816f20a1c1c32fd253540eca55c949086c52a7967e4ace6f0749fThe parsing engine in Fortinet can be bypassed by a specially crafted and formated archive file. The bug results in denying the engine the possibility to inspect code within the archive. There is no inspection of the content at all.
7330e5a1ce82e9df459efa7a72231861338a5a8b8faa3988279a52bfc3e70f47The parsing engine in Nod32 can be bypassed by a specially crafted and formated RAR archive. The bug results in denying the engine the possibility to inspect code within the RAR archive. There is no inspection of the content at all.
d16a3930303232da6c6000c0a2a401a46a80e757ad3095cd2dae73fd1b647c35The parsing engine in AVAST can be bypassed by a specially crafted and formated RAR archive. The bug results in denying the engine the possibility to inspect code within the RAR archive. There is no inspection of the content at all.
71d1ca5d2a352a58e67248f0d06a4195472337d5f22e84e988c377d1a10de562The parsing engine in Bitdefender can be bypassed by a specially crafted and formatted CAB archive. The bug results in denying the engine the possibility to inspect code within the CAB archive. There is no inspection of the content at all.The parsing engine in Bitdefender can be bypassed by a specially crafted and formatted CAB archive. The bug results in denying the engine the possibility to inspect code within the CAB archive. There is no inspection of the content at all.
ddecd2cf5fc9845db8845c9acc356945dc8128e6106ec9e79fbafd2c19b5fdd0DNS Tools PHP Digger remote command execution exploit that acts like an interactive shell.
aa7406f9682e67162c3d51325dfb9007e9a72cb7c6d2a38bb0fdbfb0cb4a1842The Blackberry Mobile Data Service Connection is vulnerable to several cross site scripting attacks in the "Customize Statistics Page". All versions prior to 4.1.6 MR4 are vulnerable.
32a645ba20821c711d9b5be04daab2fb1198f6b02eca86a871e10c9d321e5366Online Email Manager suffers from an insecure cookie handling vulnerability.
b4668556242a49c8834b000f76f29d9c3e1530080f9666408fefae5487955aa1Online Guestbook Pro suffers from a remote blind SQL injection vulnerability.
68e5589cf2e281c07bd1ef1c99d7053d3a4c50e71c46fc831c626d50a6ce2976Kosmix.com, the web search engine, suffers from a cross site scripting vulnerability.
8718783775cdb9e9ba414d910bb66769cf945a867d9e31c81ff4f99cc8e8a579dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
9698e24363a7d65cae731214e6a604f6137e86c4f67d24b20706cc5097f13aaaratproxy is a semi-automated, largely passive Web application security audit tool optimized for accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex Web 2.0 environments.
51824925542ec9c1f2120b1b5cc8c0bfcf73bceeb9fb57026dc1ad012aa1f8c5Secunia Research has discovered a vulnerability in CUPS, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error in pdftops while decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. CUPS version 1.3.9 is affected.
69cecc15d52272c8c8a0897ee8b9850da490e32c9e15ea296b4599e738188a11Secunia Research has discovered a vulnerability in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error while decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. Xpdf version 3.02pl2 is affected.
fa077be3403b3929a797bfc8071d7acf1a0ec98e5d1dda45ab503f0dff7e7e5cTiny Blogr version 1.0.0 RC4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
f4d8663d74c8e0b57251e275478a038073bf27a9f0bb5fe9e6bdda3d79811dd9Debian Security Advisory 1774-1 - It was discovered that ejabberd, a distributed, fault-tolerant Jabber/XMPP server, does not sufficiently sanitise MUC logs, allowing remote attackers to perform cross-site scripting (XSS) attacks.
2565b30c1941de7daad6848ebfdd5a37be2d8ebdd8d9a78a4ab8141c8830833aMicrosoft Windows Media Player crafted .wav file denial of service proof of concept exploit.
0a5fdd4bdf56c261b9ba717bff3ec778f55d59214fdce4f0f79bdfdb110d8f35Microsoft Windows Media Player crafted .mid file denial of service proof of concept exploit.
4e3232dfc6303b16f8ffa4ab6be185db168c83ec0a05625dc4991859f827893aMicrosoft GDI+ crafted .png file denial of service proof of concept exploit.
102ef9e2e3f4fc1485443ba38b935c4ee56a6f71803a062f2318d86b8ff21d06Debian Security Advisory 1773-1 - It was discovered that the imagetops filter in cups, the Common UNIX Printing System, is prone to an integer overflow when reading malicious TIFF images.
71fa135bd479dc9c0f4f14a237aa3f3703bbbf0bd2d8428c61f7db7c5544afdbWhitepaper called SAP Penetration Testing with Sapyto.
74600147b1192eff71ef757b0e9db5e7916f75dcbe26c2c40be69feabefd314eSecunia Security Advisory - Some vulnerabilities have been reported in Apache Geronimo, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct script insertion, cross-site scripting, and cross-site request forgery attacks.
5e4c6a38e17fe2c9f82879ae52d68c052a5cb76812033088f319c347ed9f61d0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed