what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2010-11-11

Metinfo 3.0 Cross Site Scripting / File Disclosure
Posted Nov 11, 2010
Authored by anT!-Tr0J4n

Metinfo version 3.0 suffers from cross site scripting and file disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | 70ee480991075fea7f6c6bc35f4db189
Atarim CMS SQL Injection
Posted Nov 11, 2010
Authored by Cru3l.b0y

Atarim CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1a8840f48dda9427818b77fc14f22566
XT:Commerce Cross Site Scripting
Posted Nov 11, 2010
Authored by Philipp Niedziela

XT:Commerce versions prior to 3.04 SP2.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c466756eda55cc8386a99f02837c9891
Apple Directory Services Memory Corruption
Posted Nov 11, 2010
Authored by Rodrigo Rubira Branco

Apple Directory Services suffers from a memory corruption vulnerability.

tags | advisory
systems | apple
advisories | CVE-2010-1840
MD5 | 9f94bf7c9adbbaf642667f098ec4143c
MP3-Nator 2.0 Buffer Overflow
Posted Nov 11, 2010
Authored by C4SS!0 G0M3S

MP3-Nator version 2.0 buffer overflow exploit that uses SEH.

tags | exploit, overflow
MD5 | 10daed1f9e6c1777aa53b758b58f37fe
QuickTime Sorenson Video 3 Array-Indexing
Posted Nov 11, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an array-indexing error when parsing Sorenson Video 3 content and can be exploited to corrupt memory during decompression via a specially crafted file. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-3793
MD5 | 19e4a12ee66721e2d22ea536d5b490aa
Core Security Technologies Advisory 2010.1018
Posted Nov 11, 2010
Authored by Core Security Technologies, Aureliano Calvo | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: The Landesk web application does not sufficiently verify if a well-formed request was provided by the user who submitted the request. Using this information an external remote attacker can run arbitrary code using the 'gsbadmin' user (that is the user running the web-server). In order to be able to successfully make the attack, the administrator must be logged in to the appliance with the browser that the attacker uses to make the attack (for instance, exploiting a XSS in a different tab in the browser).

tags | exploit, remote, web, arbitrary
advisories | CVE-2010-2892
MD5 | 2412d34e2de095ab25c8443ce011e238
Mandriva Linux Security Advisory 2010-226
Posted Nov 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-226 - ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field. The updated packages have been upgraded to 4.1.2 which is not vulnerable to this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2010-3611
MD5 | 4512907188d625ace855cef76259c7df
eBlog 1.7 SQL Injection
Posted Nov 11, 2010
Authored by Salvatore Fresta

eBlog version 1.7 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 1d14603f3adb86f550ba282a86c9aa7e
Ubuntu Security Notice 1016-1
Posted Nov 11, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1016-1 - Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2010-4008
MD5 | 1dc8c79807f341f5c42fdc66b212d4e6
Ubuntu Security Notice 1015-1
Posted Nov 11, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1015-1 - Christoph Diehl discovered that libvpx did not properly perform bounds checking. If an application using libvpx opened a specially crafted WebM file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2010-4203
MD5 | 1f1d608807db1f3a143d5b4a398a18b5
vBulletin Downloads FileInfo SQL Injection
Posted Nov 11, 2010
Authored by jos_ali_joe

vBulletin Downloads FileInfo suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ca8dbc907c0bf97984fcc41aa25a41d5
Babylon Cross-Application Scripting Code Execution
Posted Nov 11, 2010
Authored by Yair Amit, Roee Hay

The Babylon online dictionary and translation software fails to sanitize user input before rendering it on the Trident control, effectively leading to a cross-application scripting vulnerability. The Trident control runs in Local Machine Zone (LMZ) which is not Locked down and due to this the vulnerability can allow for code execution.

tags | advisory, local, code execution
MD5 | 95d9c792fd52924420472ade3d4115d4
Ganesha Digital Library 4.2 SQL Injection
Posted Nov 11, 2010
Authored by Arianom

Ganesha Digital Library version 4.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5fb141e185078cfaa25ac81654409e66
ACROS Security Problem Report 2010-11-10.2
Posted Nov 11, 2010
Authored by ACROS Security, Simon Raner | Site acrossecurity.com

ACROS Security Problem Report #2010-11-10-02 - A binary planting vulnerability in Microsoft Word 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-3337
MD5 | dfb3198d601aab3c583bf2f46b120716
ACROS Security Problem Report 2010-11-10.3
Posted Nov 11, 2010
Authored by ACROS Security, Simon Raner | Site acrossecurity.com

ACROS Security Problem Report #2010-11-10-03 - A binary planting vulnerability in Microsoft Excel 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-3337
MD5 | ae0fa2362c6d74f756165de7a5ed2966
ACROS Security Problem Report 2010-11-10.1
Posted Nov 11, 2010
Authored by ACROS Security, Simon Raner | Site acrossecurity.com

ACROS Security Problem Report #2010-11-10-01 - A binary planting vulnerability in Microsoft PowerPoint 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-3337
MD5 | 8a2078dc594374b3546051f06332d9c7
Mandriva Linux Security Advisory 2010-225
Posted Nov 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-225 - A vulnerability was discovered and corrected in libmbfl (php). The updated packages have been patched to correct these issues. The MDVSA-2010:225 advisory used the wrong patch to address the problem, however it did fix the issue. This advisory provides the correct upstream patch.

tags | advisory, php
systems | linux, mandriva
advisories | CVE-2010-4156
MD5 | 6b8ad09d49f15b810745d8c961b6938e
GNU SIP Witch Telephony Server 0.9.2
Posted Nov 11, 2010
Authored by David Sugar | Site gnutelephony.org

GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.

Changes: Fixes were made for issues related to TLS SIP support, publishing of contact information in registration replies, and clean shutdown on server failure.
tags | telephony
MD5 | 965746888e574ca98acd9dfb05031bf8
Qtweb Browser 3.5 Buffer Overflow
Posted Nov 11, 2010
Authored by PoisonCode

Qtweb Browser version 3.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 77420e3bc37443478262c12b7f39aa05
Ricoh Aficio Web Image Monitor 2.03 Cross Site Scripting
Posted Nov 11, 2010
Authored by The Light Cosine

Ricoh Aficio Web Image Monitor version 2.03 suffers from cross site scripting and redirection vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | 9f22d4281b66cb94edc1759383094408
FCKeditor 2.4.3 Arbitrary File Upload
Posted Nov 11, 2010
Authored by grabz

FCKeditor versions 2.4.3 and below suffer from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | fb27211d96f65ffec13d50b48726f1e9
Free CD To MP3 Converter 3.1 Buffer Overflow
Posted Nov 11, 2010
Authored by C4SS!0 G0M3S

Free CD to MP3 Converter version 3.1 buffer overflow exploit leveraging SEH.

tags | exploit, overflow
MD5 | 026e8be48529e4fa336511e5a7c78e79
Free CD To MP3 Converter 3.1 Buffer Overflow
Posted Nov 11, 2010
Authored by C4SS!0 G0M3S

Free CD to MP3 Converter version 3.1 buffer overflow exploit.

tags | exploit, overflow
MD5 | e93263396edd6fed565d45daa370b022
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close