Secunia Security Advisory - shinnai has discovered a vulnerability in Haihaisoft PDF Reader, which can be exploited by malicious people to compromise a user's system.
0d85a7371404beef99fa555b738970223f778b59bf1501531d90d5d3dbeb336bSecunia Security Advisory - A vulnerability has been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
8ed3c6b25463725d248deceb67466c214700793d41a146a7ace6668b6a523f1dSecunia Security Advisory - Luigi Auriemma has discovered some vulnerabilities in Microsoft DirectX, which can be exploited by malicious people to cause a DoS (Denial of Service).
294ff0ce84023427ff9f193215df22f1d11b496f89bb79b601d19228d71e9058Secunia Security Advisory - VMware has acknowledged some vulnerabilities in VMware vCenter Update Manager, which can be exploited by malicious people to disclose sensitive information or conduct cross-site scripting attacks.
3949c51192918efc5764a67af26329790d795c50ffe14d04ca734dc559885f89Secunia Security Advisory - A weakness and a vulnerability have been reported in NQcontent, which can be exploited by malicious people to determine valid user accounts and conduct cross-site scripting attacks.
cce58564647126dd7ec61e8a814a0acc68d888411c4cf9d8754fb190d6d4dbf9Secunia Security Advisory - Debian has issued an update for libpng. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.
c4fa9933b26b79db29e61d20612a14bc448687d1ade53cda16fcfa605d65d346Secunia Security Advisory - A vulnerability has been reported in Novell Teaming, which can be exploited by malicious people to compromise a vulnerable system.
1850440c8326c3c56fd7009e4e3104d5b9dcd28494195cc92875f993d305b81cSecunia Security Advisory - A security issue has been reported in IBM FileNet Content Manager, which may lead to a bypass of certain security restrictions.
604d9c9bc4e3073fcc78cfecaeebc4f1baf1e24fe76599a56bd7e790a302a49bSecunia Security Advisory - Ubuntu has issued an update for freetype. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
d4e085583503f518c0ec39813dddb17baf8a19e4b3dc041808406caec773f77cSapGUI BI version 7100.1.400.8 heap corruption exploit that launches calc.exe.
0a2aec950e56fddda7c1b46af3772494756689d2d2fb0233a1faf4ab06f90173VMware Security Advisory - The default version of the Jetty Web server in Update Manager is version 6.1.6 for which the following relevant vulnerabilities are reported. A directory traversal vulnerability in Jetty allows for obtaining files from the system where Update Manager is installed by a remote, unauthenticated attacker. The attacker would need to be on the same network as the system where Update Manager is installed. A cross-site scripting vulnerability in Jetty allows for running JavaScript in the browser of the user who clicks a URL containing a malicious request to Update Manager. For an attack to be successful the attacker would need to lure the user into clicking the malicious URL.
71229e8375725c682b9b8bc4687d11565e6aad277b5be549585f83274690850bHarald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Mac OSX source release.
c1841f46addbb3487332a8fafa4d85b599763883d29be3fbccb82813f4be5a02Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Linux 32bit binary release.
91a3b8d161a49b89633ec10b5c9b37bf2e3490e76fb7a1b9513d0921293671c6Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Linux 64bit binary release.
985e34f83f0f978178f355ac36b80b0f24c7c3e928cf353bb7cf6ed93873c3b0Really Simple IM version 1.3 Beta denial of service proof of concept exploit.
529f9e9af3d7e65c19b1f6ae01cb0aae8442444dce6eb40daf258cf5ba95f89cGKrellM2 System Monitor Plugin local proof of concept exploit that spawns a shell on tcp/6666.
679a1cbd327fd993035ea613c196a669dfe405e36169f64bfe774c78a1e51358HP Quality Center suffers from multiple cross site scripting vulnerabilities.
cd2f3c541814d362a86c4bbb25e47feb75d4b1a877b10804a50d95306a296622AIX5l with FTP server remote root hash disclosure exploit. Creates a coredump including the root user hash from /etc/security/passwd.
ffcd4f4babc007df54a8c30b68c543ca31700ab2e57bbd47c9d45f7258140368Mandriva Linux Security Advisory 2010-137 - Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed. A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected. The updated packages have been patched to correct these issues.
efd92e7d42dab7ac0d40e33efe6456624e6b0c34d5a859edf8491479d8deda99SnowFlake CMS version 1.0 Beta5.2 suffers from a remote SQL injection vulnerability.
9024bad91a10cd100e80dd0314d7ef7c708b444899ce0868fffa51ece74885feDebian Linux Security Advisory 2072-1 - Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files.
d17b0e986dbcc1fbbef738ae5e58903f49fceb0dc5c82dae6a6e23be776a6dddrapidCMS version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
105eb671688b0faa0724dce67c0ff13d418ecc793007a265b52e5a7930e3f72aHero DVD buffer overflow Metasploit module exploit.
5d23ca9a0163c1c9270898e90296dd8ff1e83880dd7ffbbee1c0d2d705002069Interesting write up that goes indepth discussing the man-in-the-middle vulnerabilities associated with Microsoft ClickOnce.
4f5d70c70a326c2f6d3ceb75e4c77b5eaea08d46bfbab1003845d0a31aeaf26dThe Facebook Political Action application suffers from a remote SQL injection vulnerability that can in turn result in a full shell.
82c14ab9c9953a579378b5653467e8fbada6cb78c2bb527ce3aa13b46d034d50
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed