S-CMS versions 2.0 Beta3 and below suffer from multiple local file inclusion vulnerabilities.
4969b9cff3ba4eed139bd55ef52527be04fd89b448a0bc9c9766b207c078bc84Ubuntu Security Notice USN-785-1 - It was discovered that ipsec-tools did not properly handle certain fragmented packets. A remote attacker could send specially crafted packets to the server and cause a denial of service. It was discovered that ipsec-tools did not properly handle memory usage when verifying certificate signatures or processing nat-traversal keep-alive messages. A remote attacker could send specially crafted packets to the server and exhaust available memory, leading to a denial of service.
208e147ce29e65f7d8f96691927f0fe32948bb42223fd69447cd79efea688f99HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running SNMP and MIB. The vulnerability could be exploited remotely to execute arbitrary code or to create a Denial of Service (DoS).
adbe17937a74e321a838c48aab551631bfb8a84d025587aae81221952cb427a1Apple Safari versions prior to 4 may permit an evil web page to steal files from the local system by mounting an XXE attack against the parsing of the XSL XML.
e9629230c391f216896d6065eb1e80b55c3825799e35430b12dbef7a474701b8Zero Day Initiative Advisory 09-034 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the garbage collection of JavaScript set elements in WebCore. When an SVG set object is appended to an SVG marker element that is dereferenced, calls to the targetElement attribute will fail to reference count the marker element. When the set element is appended to another object, subsequent calls to the targetElement attribute will result in a heap corruption which can be leveraged to execute arbitrary code under the context of the current user.
cf8604ce72d5c9bd4c727ff12fc63e69f99f8bff0eb3dc75009bbb2e8b48db76Zero Day Initiative Advisory 09-033 - This vulnerability allows attackers to execute arbitrary code on vulnerable software utilizing the Apple WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when the document.body element contains a specific XML container containing various elements supporting the 'dir' attribute. During the destruction of this element, if the rendering object responsible for the element is being removed, the application will then make a call to a method for an object that doesn't exist which can lead to code execution under the context of the current user.
6e80b5824ae34097d5c28a72f0440e425c552a71e38a28f6b15dbd85405346f4Zero Day Initiative Advisory 09-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of attr() functions in a CSS content object. When a large numerical value is passed as the argument to the attr() function, a memory corruption will occur which can be leveraged to execute arbitrary coder under the context of the current user.
3406b151f54e4e829c0123b2413427f1c5cbe6bc5c6796e106f73a28b01c6c9eZero Day Initiative Advisory 09-031 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of messaging applications that make use of the libpurple library. User interaction is not required to exploit this vulnerability. The specific flaw exists in the implementation of the MSN protocol, specifically the handling of SLP messages. The function msn_slplink_process_msg() fails to properly validate an offset value specified in the SLP packet. By providing a specific value, an attacker can overflow a heap buffer resulting in arbitrary code execution.
286f5573fcf8c6351e406eab363184ebc1f7e8a3742b6d01a9ca6c90a0e3992dWhen using a RequestDispatcher obtained from the Request in Apache Tomcat, the target path was normalized before the query string was removed. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected by a security constraint or by locating it in under the WEB-INF directory. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.
c0a0a2a9804149cddfa6d775c7f68367d06311ea65f71bbd9aad52799158a793This is a utility to generate portbinding shellcode payload for Windows XP/SP1.
bf0f481e32cb257a862904bc89cf4a124df303ab40cc597e1410ca33a91a327bThis is a utility to generate portbinding shellcode payload for Linux/x86.
6c2fc2e2b424d795c8196a3aa502fcb488595071f7752a8e8da3bcb311373a1cThe Joomla Akobook component version 2.3 suffers from a remote SQL injection vulnerability.
d8809fb50ce5c5880bad0069971393eb3e77b949f9b0ae1957feecad59477858The Joomla Media Library component version 1.5.3 suffers from a remote file inclusion vulnerability.
c4639003c79b29970b9a28af1f88540ea0be51c61f65410069b6b23fb79a7fd6The Joomla BookLibrary component version 1.5.2.4 suffers from a remote file inclusion vulnerability.
04c4367d1180c9b08d4ee3c368cb234c53cdc21efa25ee1a14bd406d42ea7027Secunia Security Advisory - A vulnerability has been reported in Online Armor Personal Firewall and Online Armor Personal Firewall AV+, which can be exploited by malicious, local users to gain escalated privileges.
025e45e3bc9fb89e52e97d5d634f12808cf23fd830875dcb606091399382cd25
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed