what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2010-12-21

Debian Security Advisory 2135-1
Posted Dec 21, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2135-1 - Joel Voss of Leviathan Security Group discovered two vulnerabilities in xpdf rendering engine, which may lead to the execution of arbitrary code if a malformed PDF file is opened.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2010-3702, CVE-2010-3704
SHA-256 | 08e2892b20cf323e7d84e2a17b2b6793fa3d3356402e188b531beab256a6b2ac
Citrix Access Gateway Command Injection
Posted Dec 21, 2010
Authored by George D. Gal | Site vsecurity.com

Citrix Access Gateway Command Injection Enterprise Edition up to 9.2-49.8 and Standard and Advanced Editions prior to 5.0 suffer from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2010-4566
SHA-256 | cc70050cfc786f1a1df78cc3270117077f714bea62b7947328a95fd0f7ef906a
ImpressCMS 1.2.3 Final Cross Site Scripting
Posted Dec 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

ImpressCMS version 1.2.3 Final suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3f6769c4f60a6445f3f342cea364c1c0ebc7bff8bfbc5d31a7d383a81dbdd445
Hycus CMS 1.0.3 Local File Inclusion
Posted Dec 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Hycus CMS version 1.0.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | cc88bafc5432aac7c85feb23b6e65b3f7e75e83db1c316d023f4bf487ad94579
Social Share 2010-06-05 SQL Injection
Posted Dec 21, 2010
Authored by Aliaksandr Hartsuyeu | Site evuln.com

Social Share version 2010-06-05 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 9309a9ff6f089eea2aec86a542315d5265b1887bceaf13d020baa2d88a833b30
Ziggurat CMS Cross Site Scripting / SQL Injection
Posted Dec 21, 2010
Authored by d3c0der

Ziggurat CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 6517d39d3e882ea3e91822ee9be8e06d8509a5d99add75cbc8e3b758a4fa9e0a
Hycus CMS 1.0.3 SQL Injection
Posted Dec 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Hycus CMS version 1.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 566c93cd86f8bef30612325b1d69636520fc45fbc3145aabad98582d47fdc784
HTML-EDIT CMS 3.1.8 Cross Site Scripting / Path Disclosure / SQL Injection
Posted Dec 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

HTML-EDIT CMS version 3.1.8 suffers from cross site scripting, path disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure
SHA-256 | f45be71abd3490ee29351bd8ec819290611e3665fd0324a9dc76623e772a59d5
Habari 0.6.5 Cross Site Scripting / Path Disclosure
Posted Dec 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Habari version 0.6.5 suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 1b0095d90339378ae79534a78080f0a4f8982c7a2d0034a905a795a2e9b8925b
GetSimple CMS 2.03 Path Disclosure
Posted Dec 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

GetSimple CMS version 2.03 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | eb69c73005d7adfa1b79363531a78a7e2a51f9cc3729dd25d1219c3fc3f7c8f7
Sybase Afaria 6.0 Cross Site Request Forgery
Posted Dec 21, 2010
Authored by Knud | Site nsense.fi

Sybase Afaria version 6.0 suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 0fdfab6c5149f5c8a24dc2ddf5111eb22b65af7ff7790df17a9f9cb42a592af4
Mitel's AWC Command Execution
Posted Dec 21, 2010
Authored by ProCheckUp, Jan Fry | Site procheckup.com

Mitel's AWC (Mitel Audio and Web Conferencing) suffers from an unauthenticated remote command execution vulnerability.

tags | exploit, remote, web
SHA-256 | d8ebd53382f1971b52183a49644b0acc8ffacacf752faf70fcaba699b9613c61
Ecava IntegraXor 3.6.4000.0 Directory Traversal
Posted Dec 21, 2010
Authored by Luigi Auriemma | Site aluigi.org

Ecava IntegraXor versions 3.6.4000.0 and below suffer from a directory traversal vulnerability.

tags | exploit
SHA-256 | 307bd3de5b07f9cc3534f5b020bae6c51c595e3537568512c5d329f78adbb0b9
Serendipity 1.5.4 Shell Upload
Posted Dec 21, 2010
Authored by ahmadbady

Serendipity version 1.5.4 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 172701797dfa579d5437b8c509e3c26dcf87e1b360b382d2cfcd8a2bef3c8f9d
Joomla XGallery 1.0 Local File Inclusion
Posted Dec 21, 2010
Authored by KelvinX

The Joomla XGallery component version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f22b06f5a2576e84f902c4e09c57cc048906c5d94e6563d4dd55a362ed9d8ca6
Apple iPhone Safari decodeURI Crash
Posted Dec 21, 2010
Authored by Pr0T3cT10n

Apple iPhone Safari decodeURI remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
systems | apple, iphone
SHA-256 | bc4130146f2131ce06626c02f3eba4f95821c02964b026ea7262cc3cb813c93a
Apple iPhone Safari decodeURIComponent Crash
Posted Dec 21, 2010
Authored by Pr0T3cT10n

Apple iPhone Safari decodeURIComponent remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
systems | apple, iphone
SHA-256 | 9fe87f9c1607655d89dfbc39b0e9597404289c6c4082f9248276f64a63195b4f
Joomla Classified SQL Injection
Posted Dec 21, 2010
Authored by R4dc0re

The Joomla Classified component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b5eb8a6951806849b5cf399cc3f9c7c6979e4022ba991b0b6e045b0398e64c34
HP Security Bulletin HPSBST02619 SSRT100281
Posted Dec 21, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02619 SSRT100281 - A potential security vulnerability has been identified with HP StorageWorks Storage Mirroring. This vulnerability could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
SHA-256 | cec4c8820cf4c738a1d43e7bc0b5915f08cf54c7bc3e78182d6fc0a4ca1e7f5f
Injader CMS 2.4.4 Cross Site Scripting / SQL Injection
Posted Dec 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Injader CMS version 2.4.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 0b5afef20d4440465cce5bec5686aa5ef4ddd71b3e98bcd573244fcf9ffae4c2
Winamp 5.581 Code Execution
Posted Dec 21, 2010
Authored by JODE | Site nsense.fi

Winamp version 5.581 suffers from an issue where a MIDI file format parsing vulnerability exists in the in_midi plugin and can be exploited with a specially crafted input file. The plugin suffers from an integer wrapping flaw which leads to a heap overflow. If an attacker is able to entice the user to open a malicious file, successful exploitation leads to code being executed in the context of the logged in user.

tags | advisory, overflow
advisories | CVE-2010-4370
SHA-256 | a8b8f3e3e25c067189ac39da517a2ec77d8b99282a4a9bfc5fe1ba596e26901d
Apache Insecure mod_rewrite PCRE Resource Exhaustion
Posted Dec 21, 2010
Authored by Maksymilian Arciemowicz

Apache suffers from an insecure mod_rewrite PCRE resource exhaustion vulnerability.

tags | advisory
SHA-256 | 7d492d273943f22315c2cb19f58a3dea3975e892b72a898b79db1d05e192fe87
Microsoft Office Two FlashPix Tile Data Buffer Overflows
Posted Dec 21, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. A boundary error in the FlashPix graphics filter when parsing certain tile data can be exploited to cause a data section buffer overflow via a specially crafted image. A boundary error in the FlashPix graphics filter when parsing certain tile data can be exploited to cause a stack-based buffer overflow via a specially crafted image. Successful exploitation of the vulnerabilities allows execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2010-3952
SHA-256 | b60f45ab7b6e2a2faa176e81b2106b9d5cd588df7175ba1241a68f372b354aac
Internet Explorer CSS Recursive Import Use After Free
Posted Dec 21, 2010
Authored by jduck, WooYun, d0c_s4vage | Site metasploit.com

This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution.

tags | exploit, arbitrary, code execution
advisories | OSVDB-69796
SHA-256 | 12a12d587013ccc439d5dea27c029bf2ab86f019a399cc8e641060289dc1aa2f
Microsoft Office FlashPix Property Set Parsing Buffer Overflow
Posted Dec 21, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the FlashPix graphics filter when parsing certain property sets. This can be exploited to cause a stack-based buffer overflow via a specially crafted FlashPix image. Successful exploitation allows execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-3951
SHA-256 | da9db2c31643ad2ece4ad028a02978df527f30435b8d0a989495edb5b862b7cf
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close