PHP Apps Links suffers from an insecure cookie handling vulnerability.
122cea400ed7bf6f9eecccbb3dbde11b
Yes Solutions suffers from a remote SQL injection vulnerability.
2a903b9d93e0cef07ce50f2537447b93
Mojo's IWMS versions 7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
6cebd2b90abd6185eab5bb798b64760f
Technical Cyber Security Alert 2010-40A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.
9108f9e15288839d67499d2558fcb5f3
Zero Day Initiative Advisory 10-017 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious presentation. The specific flaw exists in the handling of TextBytesAtom records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy() copies user data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the context of the currently logged in user.
8978d1cd3eb0adeec15a19ab6c4a7d29
Zero Day Initiative Advisory 10-016 - This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.
e547143a9fbe9bc36baa123f2786452e
UltraISO version 9.3.6.2750 local buffer overflow exploit.
ccfdee94e145a442e745eb9612104bb2
Secunia Research has discovered a vulnerability in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when handling file paths and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Microsoft Powerpoint 2002 is affected.
1f0f98264cce91f3f785b518aeb37784
Newsletter Tailor suffers from a remote SQL injection vulnerability that allows for authentication bypass.
34ee1c42a1d59467cc5e096993b86fb6
Newsletter Tailor suffers from remote database backup and disclosure vulnerabilities.
fa0826349b5e0ea0926dd004e0b548f1
Core Security Technologies Advisory - A vulnerability exists in MSO.DLL affecting Excel 9 (Office 2000) and Excel 10 (Office XP) in the code responsible for parsing OfficeArtSpgr (recType 0xF003) containers that allows an attacker to cause a class pointer to be interpreted incorrectly, leading to code execution in the context of the currently logged on user.
b2f3bb40ec8fae94f4ec8e97263f9f0c
Zero Day Initiative Advisory 10-015 - This vulnerability allows attackers to execute arbitrary code on applications that utilize DirectShow for rendering video on Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must be coerced into decompressing a malicious video. The specific flaw exists within the decompression of a specific type of video stream contained in an .AVI file. The application misuses a length field for an allocation causing the memory allocation to be too small to contain the subsequent data. During population of this buffer, the application will copy more data than allocated for leading to memory corruption with the potential for code execution.
1912905d1232a842162862db969a5a11
43 bytes small /bin/cat /etc/passwd Linux x/86 shellcode.
2799d300b0067e9a58f6249650090e2b
Whitepaper called spoofing technique.
65a186b0f1619645b5df80b181c70b95
LDAP injection proof of concept exploit.
ce98bee2a6d03c1531d5f1790b7b3b38
FlexCMS version 3.1 suffers from an insecure cookie handling vulnerability.
f78e033118c2608a2ac1056e27f1c335
The Oracle E-Business Suite suffers from a cross site scripting vulnerability in the error details page.
9cb292b5286761099c52dba53e565290
ThinkPHP versions 2.0 and below suffer from cross site scripting vulnerabilities.
a3dc6ba953b837878aca58c9809fffc8
Proposals are solicited for workshops to be held in conjunction with ACM CCS 2010. Each workshop provides a forum to address a specific topic at the forefront of security research. A workshop must be one full day in length. Proceedings of all workshops will be available (on a CD) to the workshop attendees. Each workshop will also have on-line proceedings through ACM Digital Library, with a separate ISBN.
19dc59ae850bc3346f49d457bbeb11f9
Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.
8061ea5f80d65bf6656c3f5a55d50534
Aruba Networks Security Advisory - This advisory addresses the renegotiation related vulnerability disclosed recently in Transport Layer Security protocol. This vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject arbitrary data into the beginning of the application protocol stream protected by TLS.
2f67860d1650ede724866d5efef4c335
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks or to cause a DoS (Denial of Service).
b20d8a34efcfb1659d45057ba638f6fa
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
b4afb434df2d333e90a34e0920a4fac1
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service).
80284b123f3edfff1d4862c4e3790548
Secunia Security Advisory - A vulnerability has been reported in Microsoft Data Analyzer, which can be exploited by malicious people to compromise a user's system.
9d8f07d622632dabbd381496fa8e479f