what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 73 RSS Feed

Files Date: 2009-08-06

Debian Linux Security Advisory 1851-1
Posted Aug 6, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1851-1 - It was discovered that gst-plugins-bad0.10, the GStreamer plugins from the "bad" set, is prone to an integer overflow when processing a MED file with a crafted song comment or song name.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2009-1438
SHA-256 | 4895448f52ffe68e98196ec3721ff78244663b3346b4ace337499d3dd23b3c87
Mandriva Linux Security Advisory 2009-195
Posted Aug 6, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-195 - A vulnerability has been identified and corrected in apr and apr-util. This update provides fixes for these vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2412
SHA-256 | 65a23f9e0b8882b8afe1e667bae3c05d6ad58e8e697a8011a4920ea95ebf1171
Mandriva Linux Security Advisory 2009-194
Posted Aug 6, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-194 - Vulnerabilities have been discovered in the wireshark package, which could lead to application crash via radius, infiniband and afs dissectors. This update provides a fix for those vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2560, CVE-2009-2562, CVE-2009-2563
SHA-256 | f508f94bd641d0b3de7652903bfdc8a48f392f6428bfccf2a9a070b1d5bbba6e
Fetchmail Improper SSL Certificate Verification
Posted Aug 6, 2009
Authored by Matthias Andree

Fetchmail versions 6.3.10 and below suffer from an improper SSL certificate subject verification vulnerability.

tags | advisory
advisories | CVE-2009-2666
SHA-256 | ce7096d8ac83ac8f9f069b1910a6aa91898577d3165d040410eeb7f62efaf3fc
ImTOO MPEG Encoder 3.1.53 Overflow
Posted Aug 6, 2009
Authored by optix hacker

ImTOO MPEG Encoder version 3.1.53 local buffer overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, local, proof of concept
SHA-256 | c0bea02fc4084b911fa05b99649d0a42b8d9616310907f8ebf099d9409c8be0a
Groovy Media Player 1.2.0 Overflow
Posted Aug 6, 2009
Authored by optix hacker

Groovy Media Player version 1.2.0 local buffer overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, local, proof of concept
SHA-256 | da1df7b729e312b47d0116c4f7e1c577aba1585b4fcdef5369e83477e3eed691
Mandriva Linux Security Advisory 2009-193
Posted Aug 6, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-193 - ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate. This update corrects the problem, including for older ruby versions.

tags | advisory, remote, ruby
systems | linux, mandriva
advisories | CVE-2009-0642
SHA-256 | 0669c17c9c0462df2e2d19f4671fc26124b8dab42ffd851016ebb52c686df9f9
Pico MP3 Player 1.0 Denial Of Service
Posted Aug 6, 2009
Authored by PLATEN

Pico MP3 Player version 1.0 crash exploit that creates a malicious .mp3 file.

tags | exploit, denial of service
SHA-256 | 2480581152550e9e868df764f9bbce42c35001ba070367aa30a1452af47a4b74
PHP Photo Vote 1.3F Cross Site Scripting
Posted Aug 6, 2009
Authored by Moudi

PHP Photo Vote version 1.3F suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | c99a1e29edd2c84a4f62a3c614ab2f21fcab22ffac4b299b4d3177992844bbc0
PHP Easy Shopping Cart 3.1R XSS
Posted Aug 6, 2009
Authored by Moudi

PHP Easy Shopping Cart version 3.1R suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 309417a64f248bf3908db3dece4ea6d08ba0c4b6cb96b52ecfeb154cdedc395b
AccessoriesMe PHP Affiliate Script 1.4 SQL Injection / XSS
Posted Aug 6, 2009
Authored by Moudi

AccessoriesM3 PHP Affiliate Script version 1.4 suffers from blind SQL injection and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | 875be93014116e1dc5ed53ce1569f7ba184df07baf355704f1b483647414fca3
LM Starmail 2.0 SQL Injection / RFI
Posted Aug 6, 2009
Authored by int_main();

LM Starmail version 2.0 suffers from remote SQL injection and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection, file inclusion
SHA-256 | 7cca570843e0988e35079cc1e6f38676726cd88ba4e948180aac7e00cc8b2a12
TYPO3 CMS 4.0 SQL Injection
Posted Aug 6, 2009
Authored by JxE-13, CyberNaj

TYPO3 CMS version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 92c31571d658f708864804a1ae697eb492d660a96d403bd64628cde380b3b778
Playlistmaker 1.5 Stack Overflow
Posted Aug 6, 2009
Authored by germaya_x

Playlistmaker version 1.5 local stack overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
SHA-256 | c584207ab986f5817177ac4e5b6fba43eb94b4b4064c7912671705b9079fe2ed
PHP Script Forum Hoster Deletion / XSS
Posted Aug 6, 2009
Authored by int_main();

PHP Script Forum Hoster suffers from topic deletion and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
SHA-256 | b591c9bebd085e7b6dd622fef28283780d073d190f7d88977fef472ce4e065b5
jetAudio 7.5.3.15 Denial Of Service
Posted Aug 6, 2009
Authored by Dr_IDE

jetAudio version 7.5.3.15 local crash proof of concept exploit that creates a malicious .m3u file.

tags | exploit, denial of service, local, proof of concept
SHA-256 | 9abbadf5473b1eacec89b8a6001a675fd0abe614f80ba38299d0e1e443f621fb
FreeBSD 7.2-RELEASE SCP Kernel Denial Of Service
Posted Aug 6, 2009
Authored by Shaun Colley

FreeBSD 7.2-RELEASE SCTP local kernel denial of service exploit that causes a panic.

tags | exploit, denial of service, kernel, local
systems | freebsd
SHA-256 | 134f70fd1df5a8305a23db386308b72df604b197660b97ea45f9feb63b2e2578
A2 Media Player Pro 2.51 Buffer Overflow
Posted Aug 6, 2009
Authored by hack4love

A2 Media Player Pro 2.51 universal local buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
SHA-256 | 832b63a4423a0e0fefc833d58b8931ff863248533d20ad1a486cd91116742880
jetAudio 7.1.9.4030 Buffer Overflow
Posted Aug 6, 2009
Authored by Dr_IDE

jetAudio version 7.1.9.4030 plus vx universal buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow
SHA-256 | f431765caa2cc532e8bdc7b326d06fe2869c30bdae08f3b88e2ea6e6a9afe97f
jetAudio 7.1.9.4030 Buffer Overflow
Posted Aug 6, 2009
Authored by germaya_x

jetAudio version 7.1.9.4030 plus vx universal buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow
SHA-256 | 0d680cbd9ab8adee4eab17871d4550fa96237010e411f50e1166d134577ba650
Huawei MT800 Cross Site Request Forgery
Posted Aug 6, 2009
Authored by Jerome Athias

The Huawei MT880 device suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 3fe868872064c2e25216cee4105b2a6578bb14b43e96704b0e53f9d50b06bc5e
Zero Day Initiative Advisory 09-050
Posted Aug 6, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-050 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the code that handles loading a custom JPEG splash screen for a WebStart application. While handling certain parts of the splash screen, javaws.exe makes an improper calculation which is later used for an allocation. Later during decompression, Java Web Start will write data into this mis-allocated buffer resulting in a heap-based buffer overflow and eventual code execution under the context of the current user.

tags | advisory, java, remote, web, overflow, arbitrary, code execution
SHA-256 | ca7d543314563c01cb76f03850630e04c3f3bbe875fb0a9b6887812d3e2a5e75
Zero Day Initiative Advisory 09-049
Posted Aug 6, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-049 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious web page or open a malicious JNLP file. The specific flaw exists within the code responsible for handling Pack200 compressed JAR files. During decompression, several fields within a Pack200 header are trusted and used to calculate sizes for heap buffer allocations. By providing malicious values an attacker can create undersized heap buffers and subsequently overflow them. This can be leveraged to execute arbitrary code under the context of the user accessing the file or web page.

tags | advisory, java, remote, web, overflow, arbitrary
SHA-256 | f3895c8176efd0aaa04f4f2564053b537f655a444812a5b6864cd8dfd5164142
Zero Day Initiative Advisory 09-048
Posted Aug 6, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-048 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when accessing embedded style sheets within an HTML file. When modifying the properties of rules defined in the style the behavior element is improperly processed resulting in a memory corruption which can be further leveraged to execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1919
SHA-256 | 0d1a75ec8135d86faf85c24c23d55a581c00a5bfe4022870af6279e5298ebb17
Zero Day Initiative Advisory 09-047
Posted Aug 6, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-047 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the appending of elements to an invalid object. When appending malformed elements to a empty DIV element memory corruption can occur. A properly constructed web page can result in remote code execution under the context of the current user.

tags | advisory, remote, web, arbitrary, code execution
advisories | CVE-2009-1918
SHA-256 | 540f0b527d81dd9df6fc65e182b80c4166d34d41956aa3ba42a5a85a03b932a2
Page 1 of 3
Back123Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close