exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2010-10-06

Zero Day Initiative Advisory 10-193
Posted Oct 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-193 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application explicitly trusting a string's length embedded within a particular file format. The application will duplicate an arbitrarily sized string into a statically sized buffer located on the stack. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-3632
SHA-256 | 13b8e90f73d446785cc068baba1c949551ccec4ceb3454c549d4e3f198d8108e
Zero Day Initiative Advisory 10-192
Posted Oct 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-192 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required in that a target must be coerced into opening a file or visiting a web page. The specific flaw exists within the ACE.dll module responsible for parsing ICC streams. Within the 'desc' tag there exists an embedded 'mluc' data structure. The code within ACE performs arithmetic on the second DWORD from the mluc structure and a value from the desc structure. The resulting integer is used for an allocation of a heap-based buffer. An attacker can forge these values to force the process to under-allocate this buffer and later overflow it during a copy operation. This leads to remote code execution under the context of the user running the application.

tags | advisory, remote, web, overflow, arbitrary, code execution
advisories | CVE-2010-3622
SHA-256 | ecd9e32d6f577f1936ad4eb02c36581111f3a572888a3e928346a7aadfc57941
RSA SecurID 800 Authenticator Secret Extraction
Posted Oct 6, 2010
Site emc.com

RSA Authentication Client 2.0.x, 3.0, and 3.5.x contain a potential vulnerability that could allow the unintended extraction, by a properly authenticated user, of secret (or symmetric) key objects stored on an RSA SecurID 800 Authenticator. This potential vulnerability is corrected in RSA Authentication Client 3.5.3.

tags | advisory
advisories | CVE-2010-3321
SHA-256 | 41ebae2a8b510e2bd8181c50df475c394e772dc9ce8fcb156ecb559222b1e530
Core Security Technologies Advisory 2010.0701
Posted Oct 6, 2010
Authored by Core Security Technologies, Ricardo Narvaja | Site coresecurity.com

Core Security Technologies Advisory - Adobe Acrobat Reader is prone to a use-after-free vulnerability due to an invalid usage of a released memory chunk. This vulnerability could be used by a remote attacker to execute arbitrary code, by enticing the user of Adobe Acrobat Reader to open a specially crafted file and click on PAGES thumbnails.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3627
SHA-256 | b904c5a6e5a8de97f43c56644b6a9ba52dae475e7eef0a3f2c048059d81b1e24
Joomla Basdv Local File Inclusion / Directory Traversal
Posted Oct 6, 2010
Authored by Fl0riX

The Joomla Bsadv component suffers from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | f0a91161d93e71c8fa6368ed314fcfb84a017a4068d9a91b9ed954709e8bc003
Zero Day Initiative Advisory 10-191
Posted Oct 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-191 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required in that a target must be coerced into opening a file or visiting a web page. The specific flaw exists within the ACE.dll module responsible for parsing ICC streams. When processing an ICC stream, the process performs math on two DWORD values from the input file. If these values wrap over the maximum integer value of 0xFFFFFFFF a mis-allocation can occur. Later, the process uses one of the original DWORD values as a size to a copy function. This can be abused by an attacker to overflow a stack buffer and subsequently execute code under the context of the user running the process.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2010-3621
SHA-256 | 9d1255f5b4ecf288e999e01be413aba17e903c8feb3faf1f8611a6a3b99010d1
Digital Whisper Electronic Magazine #13
Posted Oct 6, 2010
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 13. Written in Hebrew.

tags | magazine
SHA-256 | b7cc976897c1fbff9b7b4eabf0431487e8385d72fbd8b357810641e70cf6b600
Ubuntu Security Notice 1001-1
Posted Oct 6, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1001-1 - The cluster logical volume manager daemon (clvmd) in LVM2 did not correctly validate credentials. A local user could use this flaw to manipulate logical volumes without root privileges and cause a denial of service in the cluster.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2010-2526
SHA-256 | 60ef4b53af760eed408ee330b96dade5bab28e4714a5817c765994cdd52f9f75
Joomla Club Manager SQL Injection
Posted Oct 6, 2010
Authored by Fl0riX

Joomla Club Manager component remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | f920eb2aa7f437b6fceafa52dd148d54bb4e425ad3d9623492a31e72b84f146b
Technical Cyber Security Alert 2010-279A
Posted Oct 6, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-279A - Adobe has released Security Bulletin APSB10-21, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.

tags | advisory, vulnerability
SHA-256 | 247cff6275d923983e783ca6fe3f07cc6d56411f2a628fb9373e429c1bd4c9dd
HP Data Protector Media Operations Denial Of Service
Posted Oct 6, 2010
Authored by d0lc3

HP Data Protector Media Operations NULL pointer dereference remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 841e28c2f3b05995e7611afe106f1457a4f4820f5d1fcb49ee4289049980fd6b
Mandriva Linux Security Advisory 2010-197
Posted Oct 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-197 - An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-3433
SHA-256 | 60b055a722cc4bc0545e71200d94b800b38708d3e38b1a277486b92cc61f22cb
Microsoft IIS FTP Server NLST Response Overflow
Posted Oct 6, 2010
Authored by H D Moore, Kingcope | Site metasploit.com

This Metasploit module exploits a stack buffer overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account).

tags | exploit, overflow
advisories | CVE-2009-3023
SHA-256 | 03dd84b1fa133f23eef6c093613e5dc4647bab107afd312e34d65559564a1da3
HP Data Protector Manager 6.11 Denial Of Service
Posted Oct 6, 2010
Authored by Pepelux | Site enye-sec.org

HP Data Protector Manager version 6.11 NULL pointer dereference remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 0656224a4a7971dfd8da2db9267e240a02ea3b0541ef905aeba6d75aea755ad4
TomatoCart 1.0.1 Cross Site Scripting
Posted Oct 6, 2010
Authored by LiquidWorm | Site zeroscience.mk

TomatoCart version 1.0.1 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 34e741bd38e2824dc1af50ab1654419bc4ca5aa287742999e631921b7a7d5738
nSense Vulnerability Research Security Advisory NSENSE-2010-001
Posted Oct 6, 2010
Authored by Knud | Site nsense.fi

nSense Vulnerability Research Security Advisory - Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to and including 9.3.4 and 8.2.4 are affected.

tags | exploit, remote, arbitrary
advisories | CVE-2010-3631
SHA-256 | be0006662c3db8dd0bb9877ae4a9ce05a5bb18b964135f696d2609daf428de1a
Feindura File Manager 1.0 Shell Upload
Posted Oct 6, 2010
Authored by KnocKout

Feindura File Manager version 1.0 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 6446bc8ad6e73c6bfd3c9f9125f2753375617e5288fc644f3afcd7035b75102d
AlZip 7.4 DLL Hijacking
Posted Oct 6, 2010
Authored by Pepelux | Site enye-sec.org

AlZip version 7.4 DLL hijacking exploit that leverages ieframe.dll.

tags | exploit
SHA-256 | f11b489fd05b6163a033a2db6af09cd74af7a298a3fb3ea07b6c7388c2ef88f4
My Vacation Tracker DLL Hijacking
Posted Oct 6, 2010
Authored by anT!-Tr0J4n

My Vacation Tracker DLL hijacking exploit that leverages svctaglib.dll.

tags | exploit
SHA-256 | cd774d81a162c4cea916cc060cb86ae6085a8d39ec07877a1a1b1fffd390ff44
Dupehunter Professional DLL Hijacking
Posted Oct 6, 2010
Authored by anT!-Tr0J4n

Dupehunter Professional DLL hijacking exploit that leverages fwpuclnt.dll.

tags | exploit
SHA-256 | fc0c631f01578170965c5664090a0d3a1ec4cae4dce83ea001062041ff69bd44
Secunia Security Advisory 41656
Posted Oct 6, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Foxit Reader, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | cc29aea1d3242e9f3595ca0a7e0db62a9d699ac7d7310219235820fcb79fe512
Secunia Security Advisory 41679
Posted Oct 6, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in BrailleNote Apex devices, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 8d71ac82ad1394c632da1fe6e2c2a9acee28e738eecd8267df2979433d2dbc5d
Secunia Security Advisory 41673
Posted Oct 6, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Foxit Phantom, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 42d067b215d5970b002bac07c6989392dc42731343704879bdde5b439a725526
Secunia Security Advisory 41691
Posted Oct 6, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in TYPO3, which can be exploited by malicious users to conduct script insertion attacks, disclose sensitive information, and perform certain actions with escalated privileges and by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
SHA-256 | ffa8c5691773687c348c685a349950fa14e4bf2f55b0683e1edad86e03fd20c7
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close