Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. An input validation error in the TIFF Import/Export Graphic Filter when copying certain data can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Another input validation error in the TIFF Import/Export Graphic Filter when copying certain data after having encountered a specific error can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Successful exploitation of the vulnerabilities may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
9dba3d0d50ecb04d6b0e88ad279009be8dcf8e519a8e80f0bd5acd274e688272Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by missing input validation within a library used by the bundled Microsoft Office Document Imaging application when converting certain data during parsing of TIFF images. This can be exploited to corrupt memory via a TIFF image containing specially crafted IFD entries. Successful exploitation may allow execution of arbitrary code.
623e21468d54f2db461001bc0b8983f1dc7a59785a4ad47663b3d0349af2f8ceSecunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the TIFF Import/Export Graphic Filter (TIFFIM32.FLT) when converting the endianess of certain data. This can be exploited to corrupt memory via e.g. a specially crafted TIFF image. Successful exploitation may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
28a0cbd4c91dc6908098a5bb540ee31c831d78a7df3e6e91cc796712c465d9faSocial Share version 2010-06-05 suffers from a remote SQL injection vulnerability.
37b624a69b8ebcdf131458a9b529e881fdc8408efdacc819e67a32ae82787f2eSecunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer truncation error in the PICT import filter (PICTIM32.FLT). This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into importing a specially crafted PICT file. Successful exploitation may allow execution of arbitrary code.
3d48dcf13f13e7c0894cc02b34b824a7414ad66514cf0dc9789b003d837a5be5Freenas version 0.7.2.5543 suffers from a cross site scripting vulnerability.
6024eb8d221d86e774861cb5888403ed5bb52c9ce554fa401344f8e854acd59cSecunia Research has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in the handling of errors encountered while decoding "cook" encoded audio content. This can be exploited to trigger the use of uninitialised memory and potentially free an arbitrary address. Successful exploitation may allow execution of arbitrary code.
8ce3f987a47149f84b0f20dda276ecafb1deb4f3712048d4fa372fdc4fe9f31cSecunia Research has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the parsing of AAC audio content and can be exploited to corrupt memory via specially crafted spectral data. Successful exploitation may allow execution of arbitrary code.
e1d707d2fdf5b309bfa5099effc7b3f06ec130515db11e823db3c81a62298aafPlxWebDev Plx AD Trader suffers from a remote SQL injection vulnerability that allows for authentication bypass.
76994603b541cb9e8ad5355cac8f47334bc60809b3e4fbd45df45482c327270dPHP Web Scripts Ad Manager Pro version 3 suffers from a remote SQL injection vulnerability.
317ae38732a6af1ceb81c85b0d31140cfc185bb4cbb40e6e91957a1400cae62fMyBB versions 1.6 and below suffers from multiple cross site scripting vulnerabilities.
564614cfc6a659dbed739106c7897dfd62579a2869a6d127aa4fc6e6893205d0Elcom CommunityManager.NET suffers from an authentication bypass vulnerability. Proof of concept code is included. Version 6.7 is vulnerable.
7acb1f10e416f67bc4734d295a385802936a471c97a267dd98e74911fcfd8dbcWhitepaper called The Joomla Hacking Compendium. This document should provide you with security related information about Joomla and the extensions which are available for it. This paper focuses on how to hack Joomla installations and how to protect them.
467489c738a22376e6abfc1c7ea3f4678310dbccccce20aa044f48669be1df77Vacation Rental Script versions 4.0 and below suffer from a remote shell upload vulnerability.
4d0bce716bd5b3de425fa3db8640d1168f18f6942dce6566c760f8acbaf0059dSecunia Research has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error when parsing RealAudio content encoded using the "cook" codec. This can be exploited to trigger the use of uninitialised memory and potentially corrupt memory via e.g. a specially crafted RealMedia file.
2434eaef6b000eb04efc5bf512381ecffb8c1a973ccfb2c8544b94986d6df588Secunia Research has discovered a vulnerability in SAP Crystal Reports, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "CrystalReports12.CrystalPrintControl.1" ActiveX control (PrintControl.dll) when processing the "ServerResourceVersion" property and can be exploited to cause a heap-based buffer overflow via an overly long string. Successful exploitation allows execution of arbitrary code. Affected is Crystal Reports 2008 SP3 Fix Pack 3.2 Print ActiveX (12.3.2.753).
d28710dbbdb6a4e04bbf0b31230732e1f2ccbb1c884c4ad65e99fc484a3db74dTor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
fe9756bee3228bf01334f743b7c74dd1edc83e5489f032737ce24eb6bdb19cbfThe Joomla Jotloader component version 2.2.1 suffers from a local file inclusion vulnerability.
21c4d007b7cd6cd43f1c5c1dbc08d499d85aa7f5700e963d4c53d2048fcb1b70MaticMarket version 2.02 for PHP Nuke suffers from a local file inclusion vulnerability.
ffcb785ed6463a219582688ec2e05992bdfd9d8b261b4b60855f9c567405504aInout Webmail suffers from a cross site scripting vulnerability.
19a7e22bb4f491ab13aba02b11265fa8009a4e3818e5d6b199ce87ab5bb1a810Mandriva Linux Security Advisory 2010-258 - Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets rules. The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read. Various other vulnerabilities have been addressed in Mozilla Thunderbird.
8303cb81da50d3bd26721e1af3fad9224a8a40b7e910276b23d32824b24e111dREstate Real Estate script suffers from a persistent cross site scripting vulnerability.
648eb1c8edfe3a9b64ea3c66c4db55ff3567aaabd472184f0e0c739f4f418675Linux kernel versions prior to 2.6.37-rc2 ACPI custom_method local root privilege escalation exploit.
8e96652e9d0319db605344763c66b55b3366e06bdb9f068aa4c881ffd48bd76fWord Splash Pro versions 9.5 and below local buffer overflow exploit.
5ffcbcad8fc30b44e94b571c1529d9ac9720ac37e56b839154e7777838dfe66dMP3 CD Converter Professional version 5.0.3 buffer overflow exploit.
65f01e67dc8d7d9832b9cc02f2ce622f659424cab473c0b33daac7952ed0f269
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed