what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2010-12-16

Microsoft Internet Explorer Animation Use-after-free Vulnerability
Posted Dec 16, 2010
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when handling certain animation behaviors, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-3343
MD5 | d0617b26a18d7e39bad7b1ebb7e514cc
Microsoft Office Publisher "pubconv.dll" Array Indexing Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error in "pubconv.dll" when processing a malformed value within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-2571
MD5 | ab867095513433250777ea25d0b790f1
Microsoft Office Publisher Record Array Indexing Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error when processing a malformed record within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3955
MD5 | f55000df98256a1be9c34392c1af161e
Microsoft Office Publisher Size Value Heap Corruption Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a heap corruption error in "pubconv.dll" while trusting a size value from a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-2569
MD5 | f300d7e44c0413e5f51fc35d1034333e
Microsoft Office Publisher Memory Corruption Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a memory corruption error when handling malformed Publisher documents, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3954
MD5 | be1aa629d61588de1c6a0bc212de4493
Ubuntu Security Notice USN-1033-1
Posted Dec 16, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1033-1 - It was discovered that Eucalyptus did not verify password resets from the Admin UI correctly. An unauthenticated remote attacker could issue password reset requests to gain admin privileges in the Eucalyptus environment.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2010-3905
MD5 | ce808214b5f0aa0c947a82c2a7cdea17
Zero Day Initiative Advisory 10-292
Posted Dec 16, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-292 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web based management web server. Proper bounds checking is not applied when parsing the Login variable which can result in an exploitable stack overflow. Successful exploitation can lead to complete system compromise under the SYSTEM credentials.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2010-4113
MD5 | d0d0aa5d29f35352ec7df74b978c4ce7
HP Security Bulletin HPSBUX02451 SSRT090137 4
Posted Dec 16, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02451 SSRT090137 4 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 4 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2009-0696
MD5 | f25c26216a4cf9fe1dc704f1dd03f141
HP Security Bulletin HPSBUX02351 SSRT080058 6
Posted Dec 16, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02351 SSRT080058 6 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning. Revision 6 of this advisory.

tags | advisory
systems | hpux
advisories | CVE-2008-1447
MD5 | 9a82a427bb1ddcf83d2fa81b9b4d9a13
Mandriva Linux Security Advisory 2010-256
Posted Dec 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-256 - A cross-site scripting vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2010-3906
MD5 | 77b0767a169823227ee62ad115d8545f
HP Security Bulletin HPSBMA02617 SSRT100338
Posted Dec 16, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02617 SSRT100338 - A potential security vulnerability has been identified with HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely resulting in cross site scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
systems | windows
advisories | CVE-2010-4114
MD5 | 426ca8641d7dba652a55b23576fd7630
HP Security Bulletin HPSBMA02545 SSRT100139
Posted Dec 16, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02545 SSRT100139 - A potential security vulnerability has been identified with HP Power Manager (HPPM) running on Linux and Windows. The vulnerability could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
systems | linux, windows
MD5 | cfc9cf465a23061322f1958ec26b37bf
HP Security Bulletin HPSBST02620 SSRT100356
Posted Dec 16, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02620 SSRT100356 - A potential security vulnerability has been identified with HP StorageWorks Modular Smart Array P2000 G3. This vulnerability could be exploited to allow remote unauthorized access. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2010-4115
MD5 | 0f0d7e47e660853ca31191ac8485781e
Altarsoft Audio Converter 1.1 Buffer Overflow
Posted Dec 16, 2010
Authored by C4SS!0 G0M3S

Altarsoft Audio Converter version 1.1 SEH overwrite buffer overflow exploit.

tags | exploit, overflow
MD5 | fd12dc0da8ce8b20fbe9a0f69f181892
Internet Explorer 8 CSS Parser Exploit
Posted Dec 16, 2010
Authored by Nephi Johnson

This is a CSS parser exploit for Microsoft Internet Explorer 8.

tags | exploit
MD5 | 43ec10baee985d47c3efdcc1c483ec54
Gitweb 1.7.3.3 Cross Site Scripting
Posted Dec 16, 2010
Authored by Emanuele Gentili

Gitweb version 1.7.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e252e831773ff4f9c905cd363059ba14
Aesop GIF Creator 2.1 Buffer Overflow
Posted Dec 16, 2010
Authored by xsploited Security

Aesop GIF Creator versions 2.1 and below buffer overflow exploit that creates a malicious .aep file.

tags | exploit, overflow
MD5 | fb0f24008fca8289a84690ac3982bff6
slickMsg 0.7-alpha Cross Site Scripting
Posted Dec 16, 2010
Authored by Aliaksandr Hartsuyeu | Site evuln.com

slickMsg version 0.7-alpha suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cd0adb2259705bffc0f9d82081c001bf
Joomla JRadio Local File Inclusion
Posted Dec 16, 2010
Authored by Sid3 effects

The Joomla JRadio component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | c032105b2ab1cb3337b9ef533ae700dd
phpRS model-kits.php SQL Injection
Posted Dec 16, 2010
Authored by KnocKout

phpRS suffers from a remote SQL injection vulnerability in model-kits.php.

tags | exploit, remote, php, sql injection
MD5 | 97411ccb869b8a27fa861a15d1d4cbf9
eWRC.cz Portal SQL Injection
Posted Dec 16, 2010
Authored by KnocKout

eWRC.cz Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5a39547dab364c52ff30b452149dc90c
Swiss Cyber Storm 3 Call For Papers
Posted Dec 16, 2010
Site swisscyberstorm.com

The Call for Papers for the third Swiss Cyber Storm Security Conference in Switzerland is now open where the eminent figures in the international security industry will get together and share best practices and technology. The conference will be held at the University of Applied Sciences in Rapperswil lakeside of Lake Zurich on May 12th through the 15th, 2011.

tags | paper, conference
MD5 | d468d90323bab6fdbe60130e0fbbecd5
Joomla Lyftenbloggie Cross Site Scripting
Posted Dec 16, 2010
Authored by Ashiyane Digital Security Team

The Joomla Lyftenbloggie component suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 21c7de8521c7d04f7f8873308dcb7216
QualDev eCommerce SQL Injection
Posted Dec 16, 2010
Authored by ErrNick

The QualDev eCommerce script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b36e292526e402c3446898efe4bc16b9
PHP Universal Web Messenger Cross-Domain Redirect
Posted Dec 16, 2010
Authored by ProCheckUp, Jan Fry | Site procheckup.com

PHP Universal Web Messenger suffers from a cross-domain redirect vulnerability.

tags | exploit, web, php
MD5 | d609a11a45bb52facd4946e95804bd02
Page 1 of 2
Back12Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close