exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2009-05-16

iDEFENSE Security Advisory 2009-05-14.5
Posted May 16, 2009
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 05.14.09 - Remote exploitation of multiple buffer overflow vulnerabilities in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allow attackers to execute arbitrary code. Two vulnerabilities exist due to a lack of bounds checking when processing specially crafted Microsoft Excel spreadsheet files. The two issues exist in two distinct functions. The two vulnerabilities are nearly identical, with the differentiating factor being the value of a flag bit within a record of the file. If the bit is set, the code path to the first vulnerable function is taken. Otherwise, the code path to the second vulnerable function is taken.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-1009
SHA-256 | 453d22e035785f3551f5dd9b4c765c0be2b84487078feb070cf8fca38359966c
iDEFENSE Security Advisory 2009-05-14.4
Posted May 16, 2009
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 05.14.09 - Remote exploitation of a buffer overflow vulnerability in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allows attacker to execute arbitrary code. This vulnerability exists due to the lack of bounds checking when processing certain records within a Microsoft Excel spreadsheet. Upon entering the vulnerable function, data is copied from a heap buffer into a stack buffer without ensuring that the data will fit. By crafting an Excel spreadsheet file properly, it is possible to write beyond the bounds of the stack buffer. The resulting stack corruption leads to arbitrary code execution.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2009-1009
SHA-256 | 8389434236ec275ba15686052b23800beb7d91e6ecc2328bb57b95587c050ba5
iDEFENSE Security Advisory 2009-05-14.3
Posted May 16, 2009
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 05.14.09 - Remote exploitation of an integer overflow vulnerability in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allows attacker to execute arbitrary code. This vulnerability exists when handling specific records within a specially crafted Microsoft Excel spreadsheet file. Within the vulnerable function, an integer value is read from the file. This value is later used in an arithmetic integer calculation. Since no validation is performed, an integer overflow can occur. This results in the allocation of a buffer that is too small to hold the data that is subsequently read from the file. A heap buffer overflow occurs, leading to an exploitable condition.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2009-1010
SHA-256 | e7d3ca952a5b943eaf5807594202a97d1c4f5d9826e4cdcd0d1270d22526cdf2
iDEFENSE Security Advisory 2009-05-14.2
Posted May 16, 2009
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 05.14.09 - Remote exploitation of multiple integer overflow vulnerabilities in Oracle Corp.'s Outside In Technology, as included in various vendors' software distributions, allows attacker to execute arbitrary code. These vulnerabilities exist in the handling of an optional data stream stored within various files. Both issues are integer overflows, and are within the same function. Within the vulnerable function, an integer value is read from the Microsoft Office file. This value is later used in several arithmetic integer calculations. Since no validation is performed, integer overflows can occur. The result is the allocation of a buffer that is too small to hold the data that is subsequently read from the file. A heap buffer overflow occurs, leading to an exploitable condition.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-1011
SHA-256 | d796703c546844346e61187c1f28d228851aa35f15ef643c392eb9215a2794b9
Debian Linux Security Advisory 1800-1
Posted May 16, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1800-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak.

tags | advisory, denial of service, kernel, vulnerability, memory leak
systems | linux, debian
advisories | CVE-2009-0028, CVE-2009-0834, CVE-2009-0835, CVE-2009-0859, CVE-2009-1046, CVE-2009-1072, CVE-2009-1184, CVE-2009-1192, CVE-2009-1242, CVE-2009-1265, CVE-2009-1337, CVE-2009-1338, CVE-2009-1439
SHA-256 | 7b388dd92d5ed876c22110bec17ca2aff92c2340e883f5439fd3d883d3fbea24
Microsoft IIS 6.0 WebDAV Bypass
Posted May 16, 2009
Authored by Kingcope

Microsoft IIS version 6.0 suffers from a WebDAV remote authentication bypass vulnerability.

tags | exploit, remote, bypass
SHA-256 | ed317aa9d45ad84a8984658e30b3b9bad93a6b391762859bbceb67cb7aa1cb6b
my-Gesuad 0.9.14 Bypass / SQL Injection / XSS
Posted May 16, 2009
Authored by YEnH4ckEr

my-Gesuad version 0.9.14 suffers from authentication bypass, remote SQL injection, and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, bypass
SHA-256 | 5ec6aaaa7f3c3901379ef0e2c40a140d592b5afb46d6c86053526084b5974b73
DMXReady Registration Manager 1.1 Database Disclosure
Posted May 16, 2009
Authored by S4S-T3rr0r!sT

DMXReady Registration Manager version 1.1 suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 0d1cc09a01ff8cf89d703b4ab8b2c7f586c0ed55db4bddf4e73b12007b9d66af
Audioactive Player 1.93b Buffer Overflow
Posted May 16, 2009
Authored by His0k4

Audioactive Player version 1.93b local buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
SHA-256 | 2a6d6e5b69292c66335256c9b6bb479892daa12ddd47dac0b35e4e4934192076
Secunia Security Advisory 35088
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Submitter Script, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 5f5d83404c68943ff3b6603b53ccabc42b8d2bf0abde5acddda5a3bf78d0c72d
Secunia Security Advisory 35089
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, remote
SHA-256 | 45402b87f266c65514d5675fe443f31feb1b918819b8df716d4dcc658584ba41
Secunia Security Advisory 35059
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in beLive, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | fb52c5dedb747b35ba84289a0d45200fa182b8a2b37401087e32d3dad823e2a0
Secunia Security Advisory 35087
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, remote
SHA-256 | 7b06433e8e0f2a2508cf2d585c67b81a48ebab580cdacce791bbb325d8daca07
Secunia Security Advisory 35076
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in libsndfile, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
SHA-256 | 21e72bda2a3efa3e1dee1717199474857b38d02166b112981969ed3780be3f9b
Secunia Security Advisory 35100
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in PostgreSQL in Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | solaris
SHA-256 | 7da8b00831398b1cc76711a8b2f9c9af2a1a173929d630cfc4fffbdcc8208df2
Secunia Security Advisory 35093
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
SHA-256 | 8ea16ee1a6b0d4d5e6d217d726c1cccb7770a256eba55b49f20ba9b903d7ccbf
Secunia Security Advisory 35095
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | ac0e461e051e5711ca499a15f23ed33d598b353b99eb7eeb5bcb48071ee9175e
Secunia Security Advisory 35104
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Thomas Sader has reported a vulnerability in Eggdrop, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 952752fee03d9422054004534c86ff0ff42ac342d93a47152c52c3d2c980e3f7
Secunia Security Advisory 35097
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for cyrus-sasl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, slackware
SHA-256 | a9b5e3345bd1f55390fb546df416adf8926a06a3253b334918e41182ef4c7ec3
Secunia Security Advisory 35096
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Adobe Reader in Solaris, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory, vulnerability
systems | solaris
SHA-256 | ecfd60b3c8de0c62169b632f5d9e53329888991ff51a7968fd92c112ea4e6564
Secunia Security Advisory 35094
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cyrus SASL, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
SHA-256 | fba0759b9dc0ab16c83cfd13fac4eacd242a0d3d6a994deee1fb2b7da4bc930f
Secunia Security Advisory 35071
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - TiGeR-Dz has reported two vulnerabilities in Business Community Script, which can be exploited by malicious people to bypass certain security restrictions, and by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 80eb2a2657a973b49f493d402ecea13dc1d5c32bf56c6c7f4c11e25c6136e6ad
Secunia Security Advisory 35049
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - YEnH4ckEr has discovered a vulnerability in shutter, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | a4f27a6655dff2f10ab8079c22bf17871eea165043e686a903c307a5b7f2d111
Secunia Security Advisory 35083
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various MRCGIGUY products, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 0e1c8497a8fbfce0ecc3406c8728e115887d3caf3e6e2c051e885442d940e1d6
Secunia Security Advisory 35067
Posted May 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Easy Scripts Answer and Question Script, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | c386f4b0618b52cc2b32791d9b2f960713e65c066093fa1e1728908a9cb3eadb
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close