Core Security Technologies Advisory - CUPS versions 1.3.9 and below suffer from a handling flaw of the IPP_TAG_UNSUPPORTED tag that allows attackers to cause a remote pre-authentication denial of service.
c015aeb8f199c04414df0ffabb0edc2e28089f8b3418871e171f578104ffebe6Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the parsing of Sorenson Video 3 content. This can be exploited to corrupt memory by tricking a user into viewing a specially crafted movie file. Successful exploitation may allow execution of arbitrary code. Apple QuickTime version 7.60 is vulnerable.
2e8725bc5e81954431c94cc73cb01854f146743cc2a8cba41eb8c54fdb5a54c7Secunia Research has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the processing of MS ADPCM encoded audio data. This can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. Successful exploitation may allow execution of arbitrary code. Apple QuickTime version 7.6 is vulnerable.
a2a4b3b1f79137e0bdaa1f56ec9cb556a63484d2f019f3520bd9593a4fd3fe1bWhitepaper called Updating Botnets Via Google's Search Engine.
89aef8825142a806903bcb4d94ec5dd228e0a86849caddfb795935b0c5dfc52dWhitepaper called Don't Trust In Technology. Written in Italian.
d2906d3113ef8d8b529020b8406551b2c8d905ae85b032194ee6ee467477c9baThe Call For Papers for the 26th Chaos Communication Congress (26C3) has been announced.
3c96bd0fb88ae090aa0eecbcc302d0c01ad04ac56d8aec896aa9b4ac8c784a51iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.
cbc14665d325634318ebd6f792f8dc2229101bd5a55232420570538612f6a5e4Debian Security Advisory 1810-1 - Anibal Sacco discovered that cups, a general printing system for UNIX systems, suffers from null pointer dereference because of its handling of two consecutive IPP packets with certain tag attributes that are treated as IPP_TAG_UNSUPPORTED tags. This allows unauthenticated attackers to perform denial of service attacks by crashing the cups daemon.
1bd16047f6f2688935a4db4002019a5bca9dee9d10b9673b7d868bce30d1c98dDebian Security Advisory 1809-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, or privilege escalation.
79f152838b2185e00ecf0e1f8740e157acf2c11de21d97e03e413d77ae6237cdMandriva Linux Security Advisory 2009-126 - mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807.
d75dbdd02f95a5496ef2f20a32e2a3f13f0c249712a243749d06c3cc529fa049Ubuntu Security Notice USN-778-1 - It was discovered that cron did not properly check the return code of the setgid() and initgroups() system calls. A local attacker could use this to escalate group privileges. Please note that cron versions 3.0pl1-64 and later were already patched to address the more serious setuid() check referred to by CVE-2006-2607.
2decf7efb1d005a42b975f3509694bbfbad095d66021d849be47225bcf814e56Podcast Generator versions 1.2 and below suffer from local file disclosure, local file inclusion, remote file inclusion, and local file deletion vulnerabilities.
4aeefc4eae624bc775c6b58b0b66219b1e2d528166919c641d29c6126b787657WebEyes Guest Book version 3 suffers from a remote SQL injection vulnerability in yorum.asp.
142c95252c039044d6bb652dfe24522a741017bbbd3c997ede9334c57927324cThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Terminal. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of 'CSI[4' xterm window resizing escape code. When a very low negative value for (x, y) size is set, an integer overflow occurs resulting in a memory corruption. This can be further leveraged to execute arbitrary code under the context of the logged in user.
20ae37d091c7aa40b2e3352124f58f68bb08d2f96fd590e14194979db31572c4This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple iTunes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the URL handlers associated with iTunes. When processing URLs via the protocol handlers "itms", "itmss", "daap", "pcast", and "itpc" an exploitable stack overflow occurs. Successful exploitation can lead to a remote system compromise under the credentials of the currently logged in user.
8d637afa2075e90e1be84aa4abb5915cf1bc7f9771a686d21746d62b6f3f9b6dZero Day Initiative Advisory 09-030 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of PICT files in QuickTime.qts. While processing data for opcode 0x71 QuickTime trusts a value contained in the file and makes an allocation accordingly. By providing a malicious value this buffer can be undersized and subsequently can be overflowed leading to arbitrary code execution under the context of the user running QuickTime.
687d2c8c0a4b9f669cf8e1bbe05279d52cb42f9b1296cbb1e631d476ad5d21beZero Day Initiative Advisory 09-029 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of malformed Jpen2000 image files. A field is read directly from the file and used to allocate memory for a structure. If the value read is smaller then the expected structure size then a memory corruption will occur which can be leveraged by an attacker to execute arbitrary code under the context of the current user.
c27a2dd6fbe56f47c064b981f8933bff2e419d88d6fa21be6cb9ebd0cdc16ed6Zero Day Initiative Advisory 09-028 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of QuickTime Player. User interaction is required to exploit this vulnerability in that the target must either open a malicious file, or visit a malicious web page. The specific flaw exists during parsing of Clipping Region (CRGN) atom types in a Quicktime Movie file. The application trusts the contents of the atom to contain a terminator during a copy operation. The application will copy user-supplied data into a heap-buffer until it identifies this terminator. This will allow one to overwrite heap-control structures which can be leveraged to achieve code execution from the context of the application.
9ea60fb11a4c11055f4340d7a7e34f6d29c70109125454300e9506c8884b175cZero Day Initiative Advisory 09-027 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of PICT files in QuickTime.qts. While processing data for opcode 0x8201 QuickTime trusts a value contained in the file and makes an allocation accordingly. The process then enters a loop whose terminating condition is controlled. The previously allocated heap buffer can be overflowed leading to arbitrary code execution under the context of the user running QuickTime.
e5a8881356b8195f7683ff22b673f2ee53d9b6f264c177db07e55d592e090becZero Day Initiative Advisory 09-026 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application parses a malformed .PSD image. While decoding the columns, rows and channels in the image header, the application trusts a different length for copying than used for allocating it. This results in a heap overflow and can lead to code execution under the context of the current user.
5f140f9c949aa12e84bf33600ed965a9abb6ec417ca90de7bc99cf488350d24eZero Day Initiative Advisory 09-025 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of QuickTime Player. User interaction is required to exploit this vulnerability in that the target must either open a malicious file, or visit a malicious web page. The specific flaw exists during decompression of a delta-encoded chunk. The algorithm to decompress the frame trusts a line specifier when calculating where to write decompressed data. This results in a relative write using attacker supplied values which can lead to remove code execution under the context of the current user.
97c35ea1d887432caef782922ae73ca9a7eb54c8f601b304cb6e6e4cad9565e9Zero Day Initiative Advisory 09-024 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Safenet Softremote IKE VPN service. Authentication is not required to exploit this vulnerability. The specific flaw exists in the ireIke.exe service listening on UDP port 62514. The process does not adequately handle long requests resulting in a stack overflow. Exploitation can result in complete system compromise under the SYSTEM credentials.
c10784bcd8400bdec93f62053829dce5cebd0bb2f52f7f999f9db8b67f923f7ePropertyMax Pro FREE suffers from remote SQL injection and cross site scripting vulnerabilities.
a10be1a9e02c3840d69b847ff28bda2960133507ce81f50051560a77792b20c6WebCal suffers from a remote SQL injection vulnerability in webCal3_detail.asp.
6cc7932f666a4ea459ae4a9417ede4c6ea65512a376d687df9086b276675a21bBitdefender Antivirus Iran suffers from a remote SQL injection vulnerability.
bbafab8591e5a2863d90e04af9c1064947a0a459a4fc3763b370dee422f9323e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed