The Joomla Restaurant Guide component version 1.0.0 suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.
d00ec099221f493dc999b3a2f3953d7bb9c694088a81a3a26e0827e0d9be13fcWi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.
4dd51d239b2fa42d5f7a934a2fc179c42c3d1d7659fa11057f34b2cc4bd616baUbuntu Security Notice 988-1 - Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges.
3292bde8e4e5b048589c79d2d8ad3262fbd351a7707fb46c64c98ef65a7d9b66Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
953bbad01cb03674ab6135b70f707467ccd55dd1b8cb7257f1f49473d776792074 bytes small Win32/XP SP3 (Tr) create new file (zrl.txt) shellcode.
b18181efb4254751939c3371c6813db9adfc1999627afbbf951700281a81430452 bytes small Win32/XP SP3 (Tr) cmd.exe shellcode.
a97dcdacf92839454c7f72dd9e9f67e65e9c22ea250741dd75c4bd4213e68c7853 bytes small Win32/XP SP3 (Tr) calc.exe shellcode.
9f24dce28c28b8e8d5838b436907cecd6a08996d76e88c123afadcb9add422b7Free Simple CMS versions 1.0 and below suffer from a remote file inclusion vulnerability.
1f0bab6915c38374d04f3409e9cca75897c9d33487ecd6ea9df084d256e824caUbuntu Security Notice 978-2 - USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
279e9c9f571dc9eb648f55303ef86819aa3f9ac4e057095049c812b308770b96Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 suffers from a remote code execution vulnerability.
755e32b54edf09bcc945c50382e1d9793c0e29cc4fd76dbedb13e82a13390a94Month Of Abysssec Undisclosed Bugs - CMSimple versions 3.2 and below suffer from a cross site request forgery vulnerability.
00143e8015eab234d038859a285d41990e8f2abf0b8a617cc23af65126cf065aMonth Of Abysssec Undisclosed Bugs - The Parameter plugin in Firefox 3.6.4 suffers from a remote code execution vulnerability.
06e291aca17db5db59743c6b31ae519234f925b5af49376333a3f0097075b146Month Of Abysssec Undisclosed Bugs - phpmyfamily versions 1.4.2 and below suffer from cross site request forgery, cross site scripting, information disclosure and remote SQL injection vulnerabilities.
0cf085558e72559231041b49f9c308bfb70b5a11f00884515f90cf2919070c96xt:Commerce Gambio 2008 - 2010 suffers from an ERROR based SQL injection vulnerability in reviews.php.
a4508f4f4991a110085c2b7958c4494d63ccd9cbd55d957928a0d8488fdcaff1Ubuntu Security Notice 975-2 - USN-975-1 fixed vulnerabilities in Firefox and Xulrunner. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Various other issues were addressed.
d4f8fe00ff4692cdae02e6e9d2e61d82d7c87effedee8fa5741315f6628f0279MediaHuman Music Converter version 1.0.1 suffers from .wav and .mp3 denial of service vulnerabilities.
49de5f7d7f2ab9b63ac7c0a0f944ab60335f419fbb054e0cf33fa66a6a0e606dMicrosoft DRM technology suffers from Active-x related buffer overflow and denial of service vulnerabilities.
c67e4e09d51917b4d4a68cf3c3fcbc0e03bc502047d6cba23d4185432556f03fDebian Linux Security Advisory 2110-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
e25b6491aff8c3f5313eb5b89eb84002884efc169a59c3cd5dd92e86cb26502dHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service (DoS) and permit unauthorized disclosure of information.
bd8b17704deb1ab7649c91532d1c94ef776dd4816a7809ba4ddc9d701b153d10Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 suffers from a remote code execution vulnerability.
bfafaebfaff6cd46b5c1fdee36d35413dda174b2f09f7738e05a56d5be3855d7Month Of Abysssec Undisclosed Bugs - The Parameter plugin in Firefox 3.6.4 suffers from a remote code execution vulnerability.
59044f65786070ffa2cc012fdbc684d9a6add3b705bb14b9d14f2f1ccaa453a6Month Of Abysssec Undisclosed Bugs - CMSimple versions 3.2 and below suffer from a cross site request forgery vulnerability.
222618d51aabdb031a7b98ec991aa0c5bd04539cebaa77f999e66cb8f96a26a7Month Of Abysssec Undisclosed Bugs - phpmyfamily versions 1.4.2 and below suffer from cross site request forgery, cross site scripting, information disclosure and remote SQL injection vulnerabilities.
5abd8f12eb03d51ee727684ae4038c351d3b500291f64361b147f169eb74333bA-PDF All to MP3 Converter version 1.1.0 universal SEH overwrite exploit.
3f2a1e14578e7f0b16bdaf7c345ff3f4e5b23a857542542f9875c0de6d4f9e47DJ Studio Pro version 8.1.3.2.1 SEH overwrite exploit.
e954495a7ea7efc7bae3651a28925b06ca5231857084af17012e62369912cd46
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed