what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 48 RSS Feed

Files Date: 2010-11-12

Joomla JSupport 1.5.6 SQL Injection
Posted Nov 12, 2010
Authored by Valentin Hoebel

The Joomla JSupport component version 1.5.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4b803c5016270ee6808924d7ce0a83fc6ac436b22328d84419f6547282a8d99e
Joomla JSupport 1.5.6 Cross Site Scripting
Posted Nov 12, 2010
Authored by Valentin Hoebel

The Joomla JSupport component version 1.5.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4c2779496afa3a01005f153d309b4f041b981023b3039e39e092a4f267eda0d6
Camtron CMNC-200 IP Camera Traversal / Overflow / Bypass / Denial Of Service
Posted Nov 12, 2010
Authored by Trustwave | Site trustwave.com

The Camtron CMNC-200 IP Camera suffers from buffer overflow, administrative bypass, default account and directory traversal vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2010-4230, CVE-2010-4231, CVE-2010-4232, CVE-2010-4233, CVE-2010-4244
SHA-256 | f4179a3a7b9ccf1244b48c4730ed3dbeb4940f45a22b1e54806f6011ae691979
FreeBSD Security Advisory - pseudofs Spurious Mutex Unlock
Posted Nov 12, 2010
Site security.freebsd.org

FreeBSD Security Advisory - The pfs_getextattr(9) function, used by pseudofs for handling extended attributes, attempts to unlock a mutex which was not previously locked.

tags | advisory
systems | freebsd
advisories | CVE-2010-4210
SHA-256 | 3a98ed40616c81e73aa4a0d079237bc71bdc7a6f8d82304312a666edb259fb21
Mandriva Linux Security Advisory 2010-231
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-231 - The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via a PDF file that triggers an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3703, CVE-2010-3704
SHA-256 | bda0eac3fcc6a27bd488c2139b589c44ca9949767c942af7f2231ba7fa93ed4f
Mandriva Linux Security Advisory 2010-230
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-230 - The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3704
SHA-256 | e9987008241858cdc47d939a6ed07854b592b833cbc729fda00bb009ede7dc7a
Mandriva Linux Security Advisory 2010-229
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-229 - The Gfx::getPos function in the PDF parser in kdegraphics, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in kdegraphics, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3704
SHA-256 | 0284f82e91807e1c0672171f87b87c2b401535241a197f83d996bf4d95e65c31
Mandriva Linux Security Advisory 2010-228
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-228 - The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3702, CVE-2010-3704
SHA-256 | c7ea73badedcb929836bc2e5219cb5022c017b5fe4230268ae2adb6ce52c2932
Mandriva Linux Security Advisory 2010-227
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3867, CVE-2010-4221
SHA-256 | a6a929924a2a4e416021de37391ae322365e7a942efcedc03f1b0a657de2be0c
iDEFENSE Security Advisory 2010-11-11.1
Posted Nov 12, 2010
Authored by iDefense Labs, Tobias Klein | Site idefense.com

iDefense Security Advisory 11.11.10 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s OfficeImport framework could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing an Excel file with a maliciously constructed Excel record. Specific values within this record can trigger a memory corruption vulnerability, and result in values from the file being used as function pointers. This allows an attacker to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2010-3786
SHA-256 | ff890312e47483c8b1244f6d7d408e3d962c8062c33a929494899fcca53cf69b
Power Audio Editor 7.4.3.230 Denial Of Service
Posted Nov 12, 2010
Authored by anT!-Tr0J4n

Power Audio Editor version 7.4.3.230 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 82f61fa0c6113ddebebf3ecb45fe23b5694d852df51b3a6e6fb8b7ddd499836c
VbsEdit 4.7.2.0 Buffer Overflow
Posted Nov 12, 2010
Authored by anT!-Tr0J4n

VbsEdit version 4.7.2.0 suffers from a buffer overflow vulnerability when parsing .vbs files.

tags | exploit, overflow
SHA-256 | dfd120575dc4b9e63f7ef4ca6ec6bf6f4492cb662e93004bd60f4e7f1562b6a2
Visual MP3 Splitter And Joiner 6.1 Buffer Overflow
Posted Nov 12, 2010
Authored by anT!-Tr0J4n

Visual MP3 Splitter and Joiner version 6.1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 9f5ce66a248bc9368466b4b84c6e7bd3e594338d45a873b65bcd89142ee2296d
ASPilot Pilot Cart 7.3 SQL Injection
Posted Nov 12, 2010
Authored by Daikin

ASPilot Pilot Cart version 7.3 suffers from a remote SQL injection vulnerability in newsroom.asp.

tags | exploit, remote, sql injection, asp
SHA-256 | 25c921d96e4877a9c5613869df60ae1315e06185b08d6b2060e42c97c375e217
BACnet OPC Client Buffer Overflow
Posted Nov 12, 2010
Authored by Jeremy Brown, MC | Site metasploit.com

This Metasploit module exploits a stack overflow in SCADA Engine BACnet OPC Client v1.0.24. When the BACnet OPC Client parses a specially crafted csv file, arbitrary code may be executed.

tags | exploit, overflow, arbitrary
SHA-256 | 2c6eff3365a8cd3ef62a57d222795cb41fc95f13bba51789e6bb9bd0f996aeda
Ubuntu Security Notice 1017-1
Posted Nov 12, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1017-1 - It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled joins involving a table with a unique SET column. It was discovered that MySQL incorrectly handled NULL arguments to IN() or CASE operations. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled malformed arguments to the BINLOG statement. Various other issues were addressed as well.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2010-2008, CVE-2010-3677, CVE-2010-3678, CVE-2010-3679, CVE-2010-3680, CVE-2010-3681, CVE-2010-3682, CVE-2010-3683, CVE-2010-3833, CVE-2010-3834, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838, CVE-2010-3839, CVE-2010-3840
SHA-256 | 12f74318d601ad71c04de02b7f2984a919b4f5c8e5d6f180e143084260daa6f4
E-Xoopport 3.1 SQL Injection
Posted Nov 12, 2010
Authored by Vis Intelligendi | Site vis-intelligendi.co.cc

E-Xoopport version 3.1 suffers from a remote SQL injection vulnerability in the eCal module.

tags | exploit, remote, sql injection
SHA-256 | c5b9bda59e9bab2823be3e32d3e3b6ba7eb16bb2e261df0e71d913e5fab29351
Secunia Security Advisory 42174
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mono, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | bc2fa89462e9f3d59a6671df7982c87262927750023f4892206e0e833f750b7d
Secunia Security Advisory 42187
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dan Rosenberg has reported a weakness in the Linux Kernel, which can be exploited by malicious, local users to disclose certain system information.

tags | advisory, kernel, local
systems | linux
SHA-256 | 28e7c8444cd75ec2810750d0bf3305c5efb44ccb2d9510319d43691c8c524469
Secunia Security Advisory 42176
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dan Rosenberg has reported some vulnerabilities in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux
SHA-256 | 5746089dd217b779da567a63664fb56a168cb54f343164a621837cfd5e69a28c
Secunia Security Advisory 42224
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to conduct spoofing attacks, bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.

tags | advisory, local, spoof, vulnerability, xss
systems | linux, fedora
SHA-256 | b08482246851b917e6b622fb4f851647f75f06043426ae93d19cc304b4b05295
Secunia Security Advisory 42188
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LANDesk Management Gateway, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | a77dfece1fbc2c8d46e9139ddbb927ccb30354f623487a626bf324b2c528f7f9
Secunia Security Advisory 42217
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data and malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | 935835595154a67760183f1ef165aa344fad7c5c20bb9da7d93531059c0837b0
Secunia Security Advisory 42161
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Pawel h0wl Wylecial has reported a vulnerability in FileCOPA, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
SHA-256 | 3564d00a1e6bd7b89a70c9b25456d6bbe10bc52e9d57abcd3c170f58d8f50605
Secunia Security Advisory 42214
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libsmi. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, fedora
SHA-256 | 3d8e5a8c487123fe386a1fef466ad7e49825f3d23de55791eeb7299991cfdbd6
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close