what you don't know can hurt you
Showing 1 - 25 of 48 RSS Feed

Files Date: 2010-11-12

Joomla JSupport 1.5.6 SQL Injection
Posted Nov 12, 2010
Authored by Valentin Hoebel

The Joomla JSupport component version 1.5.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | dabc1685a10b20c6638b6ea02558208e
Joomla JSupport 1.5.6 Cross Site Scripting
Posted Nov 12, 2010
Authored by Valentin Hoebel

The Joomla JSupport component version 1.5.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 21fd0db776f66d701306a4951ab1d329
Camtron CMNC-200 IP Camera Traversal / Overflow / Bypass / Denial Of Service
Posted Nov 12, 2010
Authored by Trustwave | Site trustwave.com

The Camtron CMNC-200 IP Camera suffers from buffer overflow, administrative bypass, default account and directory traversal vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2010-4230, CVE-2010-4231, CVE-2010-4232, CVE-2010-4233, CVE-2010-4244
MD5 | 5209880422ad4b55c160dffe406e41fe
FreeBSD Security Advisory - pseudofs Spurious Mutex Unlock
Posted Nov 12, 2010
Site security.freebsd.org

FreeBSD Security Advisory - The pfs_getextattr(9) function, used by pseudofs for handling extended attributes, attempts to unlock a mutex which was not previously locked.

tags | advisory
systems | freebsd
advisories | CVE-2010-4210
MD5 | 0d8e2f41e7b9667037d0fb7f96fa86c6
Mandriva Linux Security Advisory 2010-231
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-231 - The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via a PDF file that triggers an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3703, CVE-2010-3704
MD5 | 172505f6e430eff48aa714d4e9ce4489
Mandriva Linux Security Advisory 2010-230
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-230 - The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3704
MD5 | 690dc4f110991ddc7f053412c7aa687e
Mandriva Linux Security Advisory 2010-229
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-229 - The Gfx::getPos function in the PDF parser in kdegraphics, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in kdegraphics, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3704
MD5 | 96a2b8c4f4d92b998cb6d386e89bf0c7
Mandriva Linux Security Advisory 2010-228
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-228 - The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3704
MD5 | 67b259e14c890f89af3b21245ea1faa9
Mandriva Linux Security Advisory 2010-227
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3867, CVE-2010-4221
MD5 | 1da59be56594ffeab73774ef84f6b6eb
iDEFENSE Security Advisory 2010-11-11.1
Posted Nov 12, 2010
Authored by iDefense Labs, Tobias Klein | Site idefense.com

iDefense Security Advisory 11.11.10 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s OfficeImport framework could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing an Excel file with a maliciously constructed Excel record. Specific values within this record can trigger a memory corruption vulnerability, and result in values from the file being used as function pointers. This allows an attacker to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2010-3786
MD5 | b915b7843dfde8af1661dd02354de92c
Power Audio Editor 7.4.3.230 Denial Of Service
Posted Nov 12, 2010
Authored by anT!-Tr0J4n

Power Audio Editor version 7.4.3.230 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 632845cbb0afe3db17589d0e775b1ba3
VbsEdit 4.7.2.0 Buffer Overflow
Posted Nov 12, 2010
Authored by anT!-Tr0J4n

VbsEdit version 4.7.2.0 suffers from a buffer overflow vulnerability when parsing .vbs files.

tags | exploit, overflow
MD5 | e03f4169a564d2b9d8f9c7df81d49a5d
Visual MP3 Splitter And Joiner 6.1 Buffer Overflow
Posted Nov 12, 2010
Authored by anT!-Tr0J4n

Visual MP3 Splitter and Joiner version 6.1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | b34172ee349c92eadf6d9b7b0c2e9087
ASPilot Pilot Cart 7.3 SQL Injection
Posted Nov 12, 2010
Authored by Daikin

ASPilot Pilot Cart version 7.3 suffers from a remote SQL injection vulnerability in newsroom.asp.

tags | exploit, remote, sql injection, asp
MD5 | 7003babc695d0be8dc47bd1eddb642d3
BACnet OPC Client Buffer Overflow
Posted Nov 12, 2010
Authored by Jeremy Brown, MC | Site metasploit.com

This Metasploit module exploits a stack overflow in SCADA Engine BACnet OPC Client v1.0.24. When the BACnet OPC Client parses a specially crafted csv file, arbitrary code may be executed.

tags | exploit, overflow, arbitrary
MD5 | b87f5e14b3836d5dcf19eed00a2a2d23
Ubuntu Security Notice 1017-1
Posted Nov 12, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1017-1 - It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled joins involving a table with a unique SET column. It was discovered that MySQL incorrectly handled NULL arguments to IN() or CASE operations. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled malformed arguments to the BINLOG statement. Various other issues were addressed as well.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2010-2008, CVE-2010-3677, CVE-2010-3678, CVE-2010-3679, CVE-2010-3680, CVE-2010-3681, CVE-2010-3682, CVE-2010-3683, CVE-2010-3833, CVE-2010-3834, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838, CVE-2010-3839, CVE-2010-3840
MD5 | 3507d71ffb1008bb9aba1aed43aada1f
E-Xoopport 3.1 SQL Injection
Posted Nov 12, 2010
Authored by Vis Intelligendi | Site vis-intelligendi.co.cc

E-Xoopport version 3.1 suffers from a remote SQL injection vulnerability in the eCal module.

tags | exploit, remote, sql injection
MD5 | ba3acd91a9fd9384dfd9213209b1cfef
Secunia Security Advisory 42174
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mono, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | 67329584876e067d68f2e568e861488e
Secunia Security Advisory 42187
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dan Rosenberg has reported a weakness in the Linux Kernel, which can be exploited by malicious, local users to disclose certain system information.

tags | advisory, kernel, local
systems | linux
MD5 | e979ed06814e06ea0e0d5577ce315e55
Secunia Security Advisory 42176
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dan Rosenberg has reported some vulnerabilities in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux
MD5 | 75adf2d3e28b1e049a7917a37c691228
Secunia Security Advisory 42224
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to conduct spoofing attacks, bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.

tags | advisory, local, spoof, vulnerability, xss
systems | linux, fedora
MD5 | 742d202029bc30372b7b40c7dc800d5a
Secunia Security Advisory 42188
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LANDesk Management Gateway, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 44ca0eefddb95a726d732a8ed7eb7b95
Secunia Security Advisory 42217
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data and malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, fedora
MD5 | 4ea517213e2e2e8fa735a763f7bbeb29
Secunia Security Advisory 42161
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Pawel h0wl Wylecial has reported a vulnerability in FileCOPA, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
MD5 | d1bc45f8e134325de9e7b827dda66a59
Secunia Security Advisory 42214
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libsmi. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, fedora
MD5 | ea94054283d5db5921b11a816fcd5898
Page 1 of 2
Back12Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close