exploit the possibilities
Showing 1 - 25 of 39 RSS Feed

Files Date: 2010-12-20

Microsoft Office TIFF Image Converter Two Buffer Overflows
Posted Dec 20, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. An input validation error in the TIFF Import/Export Graphic Filter when copying certain data can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Another input validation error in the TIFF Import/Export Graphic Filter when copying certain data after having encountered a specific error can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Successful exploitation of the vulnerabilities may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2010-3947
MD5 | c936a3c75f287646d175d3e6d8984e12
Microsoft Office Document Imaging Endian Conversion
Posted Dec 20, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by missing input validation within a library used by the bundled Microsoft Office Document Imaging application when converting certain data during parsing of TIFF images. This can be exploited to corrupt memory via a TIFF image containing specially crafted IFD entries. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-3950
MD5 | 534087e2724e5e7c79ecc962f1d30834
Microsoft Office TIFF Image Converter Endian Conversion
Posted Dec 20, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the TIFF Import/Export Graphic Filter (TIFFIM32.FLT) when converting the endianess of certain data. This can be exploited to corrupt memory via e.g. a specially crafted TIFF image. Successful exploitation may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).

tags | advisory, arbitrary
advisories | CVE-2010-3949
MD5 | 780b6c26e88ea2de275ecb5b134156ed
Social Share 2010-06-05 SQL Injection
Posted Dec 20, 2010
Authored by Aliaksandr Hartsuyeu | Site evuln.com

Social Share version 2010-06-05 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0f052c3b77e50957e6928a5ea1383272
Microsoft Office PICT Filter Integer Truncation
Posted Dec 20, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer truncation error in the PICT import filter (PICTIM32.FLT). This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into importing a specially crafted PICT file. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-3946
MD5 | 7bf731352df24835ba84f550c422ab29
Freenas 0.7.2.5543 Cross Site Scripting
Posted Dec 20, 2010
Authored by dave b

Freenas version 0.7.2.5543 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f4d184c2dc2bad34444e9b196e6ea6a9
RealPlayer "cook" Arbitrary Free
Posted Dec 20, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in the handling of errors encountered while decoding "cook" encoded audio content. This can be exploited to trigger the use of uninitialised memory and potentially free an arbitrary address. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-2579
MD5 | bf9a8aae6481396d3102aaf6c125b20c
RealPlayer AAC Spectral Data Parsing
Posted Dec 20, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the parsing of AAC audio content and can be exploited to corrupt memory via specially crafted spectral data. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-0125
MD5 | 0aa1f6e0445e5f5ec810383ec2c8a82f
PlxWebDev Plx AD Trader SQL Injection
Posted Dec 20, 2010
Authored by R4dc0re

PlxWebDev Plx AD Trader suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 94c69f0b6ba1299725828b925827d4cd
PHP Web Scripts Ad Manager Pro 3 SQL Injection
Posted Dec 20, 2010
Authored by R4dc0re

PHP Web Scripts Ad Manager Pro version 3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, php, sql injection
MD5 | 6148eb9abb84cd9350dbfd4e5744f3bd
MyBB 1.6 Cross Site Scripting
Posted Dec 20, 2010
Authored by Aung Khant | Site yehg.net

MyBB versions 1.6 and below suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 2f9623a48e184f7fae2491f521342d25
Elcom CommunityManager.NET Authentication Bypass
Posted Dec 20, 2010
Site senseofsecurity.com.au

Elcom CommunityManager.NET suffers from an authentication bypass vulnerability. Proof of concept code is included. Version 6.7 is vulnerable.

tags | exploit, proof of concept, bypass
MD5 | 3ebe42d6583cc4d751f8ef019fe06ef5
The Joomla Hacking Compendium
Posted Dec 20, 2010
Authored by Valentin Hoebel

Whitepaper called The Joomla Hacking Compendium. This document should provide you with security related information about Joomla and the extensions which are available for it. This paper focuses on how to hack Joomla installations and how to protect them.

tags | paper
MD5 | 8abebf1b297ee5676b85a46aab72d70c
Vacation Rental Script 4.0 Shell Upload
Posted Dec 20, 2010
Authored by Br0ly

Vacation Rental Script versions 4.0 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 915fa36d5903a61aafaf7dcadc5ea10b
RealPlayer "cook" Uninitialised Memory
Posted Dec 20, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error when parsing RealAudio content encoded using the "cook" codec. This can be exploited to trigger the use of uninitialised memory and potentially corrupt memory via e.g. a specially crafted RealMedia file.

tags | advisory
advisories | CVE-2010-0121
MD5 | b0014920356215921be540f29e5a83c7
SAP Crystal Reports Print ActiveX Control Buffer Overflow
Posted Dec 20, 2010
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in SAP Crystal Reports, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "CrystalReports12.CrystalPrintControl.1" ActiveX control (PrintControl.dll) when processing the "ServerResourceVersion" property and can be exploited to cause a heap-based buffer overflow via an overly long string. Successful exploitation allows execution of arbitrary code. Affected is Crystal Reports 2008 SP3 Fix Pack 3.2 Print ActiveX (12.3.2.753).

tags | advisory, overflow, arbitrary, activex
advisories | CVE-2010-2590
MD5 | c2b2dabc43977438dc7a03510f11c28f
TOR Virtual Network Tunneling Tool 0.2.1.28
Posted Dec 20, 2010
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release does some code cleanup to reduce the risk of remotely exploitable bugs. The Common Vulnerabilities and Exposures project has assigned CVE-2010-1676 to this issue.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2010-1676
MD5 | 11e8384414623b50fe50ba7da85893db
Joomla Jotloader 2.2.1 Local File Inclusion
Posted Dec 20, 2010
Authored by v3n0m

The Joomla Jotloader component version 2.2.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | f444f77f1a086178d884f4c0fae26c47
MaticMarket 2.02 Local File Inclusion
Posted Dec 20, 2010
Authored by xer0x

MaticMarket version 2.02 for PHP Nuke suffers from a local file inclusion vulnerability.

tags | exploit, local, php, file inclusion
MD5 | 85d1e3bd7725ed139480f3b5e8805288
Inout Webmail Cross Site Scripting
Posted Dec 20, 2010
Authored by Sid3 effects

Inout Webmail suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 068c988b7e5da1150720e7a90e4edc56
Mandriva Linux Security Advisory 2010-258
Posted Dec 20, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-258 - Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets rules. The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read. Various other vulnerabilities have been addressed in Mozilla Thunderbird.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, windows, mandriva
advisories | CVE-2010-3768, CVE-2010-3769, CVE-2010-3776, CVE-2010-3777, CVE-2010-3778
MD5 | 1012c08e3f3d4527e2cf8ace65125955
REstate Real Estate Script Cross Site Scripting
Posted Dec 20, 2010
Authored by Sid3 effects

REstate Real Estate script suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 067f01bca2ef102c565e288be80b4491
Linux 2.6 Kernel ACPI custom_method Privilege Escalation
Posted Dec 20, 2010
Authored by Jon Oberheide

Linux kernel versions prior to 2.6.37-rc2 ACPI custom_method local root privilege escalation exploit.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2010-4347
MD5 | a41939e57f2a957032e77705b515d89f
Word Splash Pro 9.5 Buffer Overflow
Posted Dec 20, 2010
Authored by h1ch4m

Word Splash Pro versions 9.5 and below local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | f9306f31e15b5990266513fb2587ea6e
MP3 CD Converter Professional Buffer Overflow
Posted Dec 20, 2010
Authored by C4SS!0 G0M3S

MP3 CD Converter Professional version 5.0.3 buffer overflow exploit.

tags | exploit, overflow
MD5 | 7374b86bd52c68164363b88ddf2c9bb1
Page 1 of 2
Back12Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    15 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close