This Metasploit module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.
ea2b810d8a275178be0dfc2ccca862cb1f378b8ed6266f448f49b3fcfd6fdeb8FlatPress versions 0.804 through 0.812.1 are vulnerable to a local file inclusion vulnerability that allows for remote command execution.
4dd1daafaed7571a46676a5c0128eb90a99e59d95cbf94db05bfc143a1943c38The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.
0c039847d86afe125a043304d5e02d2d4b3de233c83eba9f8c616909e44f7f20IBM Installation Manager version 1.3.0 and below iim:// URI handler remote code execution exploit.
4d3ad59494e57d7bedc2cfd2ca2fcbf85ee505f8f145cd2ab76b18d1c9f6c570Multiple EMC products remote buffer overflow exploit that takes advantage of keyhelp.ocx version 1.2.312.
861211011ec04b8ec31d45c7a4403ea58f6c226627dbdec4741e684a617b6b6fOracle Document Capture BlackIce DEVMODE Active-X related remote stack-based buffer overflow exploit.
f87679f2b3d8baad72aa6db816a0125c42a2918130b43bccf764d8def1f3dd78HP LoadRunner version 9.5 Persits.XUpload.2 control (XUpload.ocx) MakeHttpRequest() remote file creation proof of concept exploit.
768a53821af4fde79d580a63870f6f429503fd30279cee4a32400f9427e0122aOracle Document Capture BlackIce DEVMODE Active-X related remote command execution exploit.
bf83d52218e9fa39a7b0bd3571b7981a25bac0078fd1ce84ec57dc0d16ffc7a2Adobe Photoshop Elements 8.0 Active File Monitor Service suffers from a bad security descriptor local elevation of privileges vulnerability.
f86b1fd7b15d1b7e7a42902dfb35784ffde8f8a5ebc4700dd28f5494a936881bWinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.
4880f2bb7f9786ba0a35c233213dc63a64301bccc3f90b77bbd582104b13228fDam Burst is a simple utility that allows an unprivileged user to disable the censorship functionality of the Green Dam Youth Escort software. Dam Burst operates by injecting code into a running application and removing the Green Dam hooks that enable it to monitor and block user activity, effectively restoring the running application to its original uncensored state.
0673f6b2281b49995b2f6ade3bc6f690015861420aff1882e86d5ffc75e31757Secunia Security Advisory - Some vulnerabilities have been reported in IBM DB2, where one has an unknown impact and others can be exploited by malicious users to bypass certain security restrictions.
5c7e64e3f61f81bd28c14c8a7d3d3a50e6c84d636d29a9bd2406fb4f9d9a85b1Secunia Security Advisory - A vulnerability has been reported in IBM Informix Dynamic Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
bcd405b9cf930dd891dca271c5bde6948a78a4cbe646546f60396fbfb2199cd6Secunia Security Advisory - Some vulnerabilities have been reported in Juniper JUNOS, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct script insertion attacks.
ff336aee48286760e80863adca35d837537d0a96d522947d63390276b9b180baSecunia Security Advisory - Ubuntu has issued an update for dovecot. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service) or compromise a vulnerable system.
4c2cfd3818a8f77b03e5722dad47fd062a6cc8a79dc67660feb996fd8fb8a3ceSecunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.
413ea69c81359d8bf5dd6cd4cd1c7f6310008a92f13dceda0dd94a811a2e108eSecunia Security Advisory - Maxim A. Kulakov has reported a vulnerability in multiple TrustPort products, which can be exploited by malicious, local users to gain escalated privileges.
f695aee2239890be2826be4832470dc877300f43266831c261e9aa13c7b05735Secunia Security Advisory - A vulnerability has been reported in the FireFTP extension for Firefox, which can be exploited by malicious people to manipulate certain data.
579d2b36eeb19a245196f25975126d719c06817e86340b16c46b66271c575c8bThe E107 eCaptcha plugin suffers from a cross site scripting vulnerability.
ce9b99226830c2e16bbd2cbe66a2246d99e928fdce2ecf419bc3fe81294b059bHP Security Bulletin - A potential security vulnerability has been identified with HP Remote Graphics Software (RGS) Sender. The vulnerability could be exploited remotely to gain unauthorized access.
61aac50aed82ed61d95afc86a3635a160842974cdef3f4e95600038803bbfd87TrustPort Antivirus version 2.8.0.2265, Antivirus Business version 2.8.0.2265, PC Security version 2.0.0.1290, and PC Security Business version 2.0.0.1290 suffer from a local privilege escalation vulnerability.
a03d13ef3d07de36c52c5c404d29288885fcc3dbeddbe2d172ec9c52bed2d620Debian Security Advisory 1897-1 - Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a temporary filename on reuploads which are stored in a hidden HTML field and then trusted without prior validation. An attacker can use this to overwrite arbitrary files on the system or to upload PHP code and thus execute arbitrary code with the rights of the webserver.
74849428a088e248caf5775fc100bbbb2aa65fc2d2b0257a92f72ae1150aacd1TorNavigator is a Web browser dedicated to the TOR network, which allows people and groups to improve their privacy on the Internet by hiding their IP address through a network of virtual tunnels. TorNavigator includes a built-in Tor server and provides the ability to choose or ban countries in order to use an IP address from a specific country. The Privoxy local proxy is used for better privacy.
32674f1424b862fa79b632eb06f5ba44acc0791bf10685c9585f835e210c2c21The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
1d230a03c7e6adf1c761730bf27cee694d6658e97581c9507e993c80a1fab0ffUbuntu Security Notice USN-838-1 - It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. It was discovered that the ManageSieve service in Dovecot incorrectly handled ".." in script names. A remote attacker could exploit this to read and modify arbitrary sieve files on the server. This only affected Ubuntu 8.10. It was discovered that the Sieve plugin in Dovecot incorrectly handled certain sieve scripts. An authenticated user could exploit this with a crafted sieve script to cause a denial of service or possibly execute arbitrary code.
5fd61a6a6d760fcf2bd0a9d66e294c6897bc30e1df8871482b661db6a9b066a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed