iDefense Security Advisory 05.14.09 - Remote exploitation of multiple buffer overflow vulnerabilities in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allow attackers to execute arbitrary code. Two vulnerabilities exist due to a lack of bounds checking when processing specially crafted Microsoft Excel spreadsheet files. The two issues exist in two distinct functions. The two vulnerabilities are nearly identical, with the differentiating factor being the value of a flag bit within a record of the file. If the bit is set, the code path to the first vulnerable function is taken. Otherwise, the code path to the second vulnerable function is taken.
453d22e035785f3551f5dd9b4c765c0be2b84487078feb070cf8fca38359966c
iDefense Security Advisory 05.14.09 - Remote exploitation of a buffer overflow vulnerability in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allows attacker to execute arbitrary code. This vulnerability exists due to the lack of bounds checking when processing certain records within a Microsoft Excel spreadsheet. Upon entering the vulnerable function, data is copied from a heap buffer into a stack buffer without ensuring that the data will fit. By crafting an Excel spreadsheet file properly, it is possible to write beyond the bounds of the stack buffer. The resulting stack corruption leads to arbitrary code execution.
8389434236ec275ba15686052b23800beb7d91e6ecc2328bb57b95587c050ba5
iDefense Security Advisory 05.14.09 - Remote exploitation of an integer overflow vulnerability in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allows attacker to execute arbitrary code. This vulnerability exists when handling specific records within a specially crafted Microsoft Excel spreadsheet file. Within the vulnerable function, an integer value is read from the file. This value is later used in an arithmetic integer calculation. Since no validation is performed, an integer overflow can occur. This results in the allocation of a buffer that is too small to hold the data that is subsequently read from the file. A heap buffer overflow occurs, leading to an exploitable condition.
e7d3ca952a5b943eaf5807594202a97d1c4f5d9826e4cdcd0d1270d22526cdf2
iDefense Security Advisory 05.14.09 - Remote exploitation of multiple integer overflow vulnerabilities in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allows attacker to execute arbitrary code. These vulnerabilities exist in the handling of an optional data stream stored within various files. Both issues are integer overflows, and are within the same function. Within the vulnerable function, an integer value is read from the Microsoft Office file. This value is later used in several arithmetic integer calculations. Since no validation is performed, integer overflows can occur. The result is the allocation of a buffer that is too small to hold the data that is subsequently read from the file. A heap buffer overflow occurs, leading to an exploitable condition.
d796703c546844346e61187c1f28d228851aa35f15ef643c392eb9215a2794b9
Debian Security Advisory 1800-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak.
7b388dd92d5ed876c22110bec17ca2aff92c2340e883f5439fd3d883d3fbea24
Microsoft IIS version 6.0 suffers from a WebDAV remote authentication bypass vulnerability.
ed317aa9d45ad84a8984658e30b3b9bad93a6b391762859bbceb67cb7aa1cb6b
my-Gesuad version 0.9.14 suffers from authentication bypass, remote SQL injection, and cross site scripting vulnerabilities.
5ec6aaaa7f3c3901379ef0e2c40a140d592b5afb46d6c86053526084b5974b73
DMXReady Registration Manager version 1.1 suffers from a remote database disclosure vulnerability.
0d1cc09a01ff8cf89d703b4ab8b2c7f586c0ed55db4bddf4e73b12007b9d66af
Audioactive Player version 1.93b local buffer overflow exploit that creates a malicious .m3u file.
2a6d6e5b69292c66335256c9b6bb479892daa12ddd47dac0b35e4e4934192076
Secunia Security Advisory - A vulnerability has been reported in Submitter Script, which can be exploited by malicious people to conduct SQL injection attacks.
5f5d83404c68943ff3b6603b53ccabc42b8d2bf0abde5acddda5a3bf78d0c72d
Secunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
45402b87f266c65514d5675fe443f31feb1b918819b8df716d4dcc658584ba41
Secunia Security Advisory - A vulnerability has been discovered in beLive, which can be exploited by malicious people to disclose potentially sensitive information.
fb52c5dedb747b35ba84289a0d45200fa182b8a2b37401087e32d3dad823e2a0
Secunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
7b06433e8e0f2a2508cf2d585c67b81a48ebab580cdacce791bbb325d8daca07
Secunia Security Advisory - Two vulnerabilities have been reported in libsndfile, which can be exploited by malicious people to compromise an application using the library.
21e72bda2a3efa3e1dee1717199474857b38d02166b112981969ed3780be3f9b
Secunia Security Advisory - Sun has acknowledged a vulnerability in PostgreSQL in Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service).
7da8b00831398b1cc76711a8b2f9c9af2a1a173929d630cfc4fffbdcc8208df2
Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
8ea16ee1a6b0d4d5e6d217d726c1cccb7770a256eba55b49f20ba9b903d7ccbf
Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.
ac0e461e051e5711ca499a15f23ed33d598b353b99eb7eeb5bcb48071ee9175e
Secunia Security Advisory - Thomas Sader has reported a vulnerability in Eggdrop, which can be exploited by malicious people to cause a DoS (Denial of Service).
952752fee03d9422054004534c86ff0ff42ac342d93a47152c52c3d2c980e3f7
Secunia Security Advisory - Slackware has issued an update for cyrus-sasl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
a9b5e3345bd1f55390fb546df416adf8926a06a3253b334918e41182ef4c7ec3
Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Adobe Reader in Solaris, which can be exploited by malicious people to potentially compromise a user's system.
ecfd60b3c8de0c62169b632f5d9e53329888991ff51a7968fd92c112ea4e6564
Secunia Security Advisory - A vulnerability has been reported in Cyrus SASL, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
fba0759b9dc0ab16c83cfd13fac4eacd242a0d3d6a994deee1fb2b7da4bc930f
Secunia Security Advisory - TiGeR-Dz has reported two vulnerabilities in Business Community Script, which can be exploited by malicious people to bypass certain security restrictions, and by malicious users to conduct SQL injection attacks.
80eb2a2657a973b49f493d402ecea13dc1d5c32bf56c6c7f4c11e25c6136e6ad
Secunia Security Advisory - YEnH4ckEr has discovered a vulnerability in shutter, which can be exploited by malicious people to conduct SQL injection attacks.
a4f27a6655dff2f10ab8079c22bf17871eea165043e686a903c307a5b7f2d111
Secunia Security Advisory - A vulnerability has been reported in various MRCGIGUY products, which can be exploited by malicious people to bypass certain security restrictions.
0e1c8497a8fbfce0ecc3406c8728e115887d3caf3e6e2c051e885442d940e1d6
Secunia Security Advisory - Some vulnerabilities have been reported in Easy Scripts Answer and Question Script, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
c386f4b0618b52cc2b32791d9b2f960713e65c066093fa1e1728908a9cb3eadb