PHP Apps Links suffers from an insecure cookie handling vulnerability.
92284a5de7c51f029615734d3f1cc759271141719791df4cf5e830d1c20d9e6bYes Solutions suffers from a remote SQL injection vulnerability.
fa8362ac6b7518d3a13e2040e7c0eb6ca591065b14ae08bca687fc272e75afe4Mojo's IWMS versions 7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
2ed6cdf1d5bb6b48bbbe4348df210f8fc54a7d21bc55a798774f2de197aba05fTechnical Cyber Security Alert 2010-40A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.
0d49afe2af08b5325f8b6061009d19ad3d2c3337315a2884da34bc08e8de01d9Zero Day Initiative Advisory 10-017 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious presentation. The specific flaw exists in the handling of TextBytesAtom records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy() copies user data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the context of the currently logged in user.
e66f5708444afbb8a61a86f354075f2e3c535010d167c5534163b79119e45335Zero Day Initiative Advisory 10-016 - This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.
cbead906d997ee76877af1d55e446626a519eb77a9753cd8dd8b5595996a9469UltraISO version 9.3.6.2750 local buffer overflow exploit.
bd57eec4e2084ff888f186ef5a94a351746bbbfe3542359ada2785b0666a8bbeSecunia Research has discovered a vulnerability in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when handling file paths and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Microsoft Powerpoint 2002 is affected.
4ab67aead2a10a87a263653a9e1d2c62ed128edce724d1df60f7bca4e22e07dcNewsletter Tailor suffers from a remote SQL injection vulnerability that allows for authentication bypass.
05823bc3f8b1a57206d81340808b740d3fa302331ec2464459967caa1426d34aNewsletter Tailor suffers from remote database backup and disclosure vulnerabilities.
f7dc04d8896706c2cb84f60c4233f35656911bb6b59d31db01a2fbd35e2689abCore Security Technologies Advisory - A vulnerability exists in MSO.DLL affecting Excel 9 (Office 2000) and Excel 10 (Office XP) in the code responsible for parsing OfficeArtSpgr (recType 0xF003) containers that allows an attacker to cause a class pointer to be interpreted incorrectly, leading to code execution in the context of the currently logged on user.
d40c00bfca38691caa302cc240a65cfb4055b89ee51b20a1b18ce6051b11c60eZero Day Initiative Advisory 10-015 - This vulnerability allows attackers to execute arbitrary code on applications that utilize DirectShow for rendering video on Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must be coerced into decompressing a malicious video. The specific flaw exists within the decompression of a specific type of video stream contained in an .AVI file. The application misuses a length field for an allocation causing the memory allocation to be too small to contain the subsequent data. During population of this buffer, the application will copy more data than allocated for leading to memory corruption with the potential for code execution.
1b5465d57ec60943e234e5d054de35549b804f4f09c061ee64c2c50e4f728fa343 bytes small /bin/cat /etc/passwd Linux x/86 shellcode.
de7500ae0726581b49c0f823c1ea34c0093776ca11b5329ed06e55f9179a1bf9Whitepaper called spoofing technique.
9cf5bb03c9b206a026568fc09c49e0e27937b42598a05896f187da1388b29970LDAP injection proof of concept exploit.
2431e5ecf0cce38a31875fd868f239dfc6e6328d965b87e14b451c25e2173acbFlexCMS version 3.1 suffers from an insecure cookie handling vulnerability.
05adef10ce58d8f94f7f0ccf20a5cb6e9406c3968e96cd1a72af118ab81f3bf4The Oracle E-Business Suite suffers from a cross site scripting vulnerability in the error details page.
cfb0d08a1aea903cb859eb27a83251c33db45a11685d30d5bcb2dc4bcf049053ThinkPHP versions 2.0 and below suffer from cross site scripting vulnerabilities.
a7208e5112a62b9ed7872de827624e94648b6e690b6581cc22685d4380ec8629Proposals are solicited for workshops to be held in conjunction with ACM CCS 2010. Each workshop provides a forum to address a specific topic at the forefront of security research. A workshop must be one full day in length. Proceedings of all workshops will be available (on a CD) to the workshop attendees. Each workshop will also have on-line proceedings through ACM Digital Library, with a separate ISBN.
acdd601dac84be7a44fbd3f5e99f18c1b4604e06b8706e5a43a9a11824d401ccNetreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.
2d67857abdd78b103035140fd6f2853b5cd3c45fa600745b4d134a306fedd23eAruba Networks Security Advisory - This advisory addresses the renegotiation related vulnerability disclosed recently in Transport Layer Security protocol. This vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject arbitrary data into the beginning of the application protocol stream protected by TLS.
22e3177636fc7aa2f310bbb771660dd68a2953ca6c2b727698e76ee120c2a131Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks or to cause a DoS (Denial of Service).
ed158b5e0d8f9b326366dc957840b691418249a25aab5730f1cdfedcb997bfa2Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
18d551acaee0a1840a30dba8a3f5dc1b983144a0a8a56d90a156be1d64064d88Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service).
3cf3aa0fa33d7cbd101a0206114d61dd7c22ed4ae4c47841bc768dd2a9c45169Secunia Security Advisory - A vulnerability has been reported in Microsoft Data Analyzer, which can be exploited by malicious people to compromise a user's system.
4b3c7107a36fd881027fc459a9998ae9e8303f6dc2d81c9836d0d01831f0596d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed