what you don't know can hurt you
Showing 1 - 25 of 28 RSS Feed

Files Date: 2011-06-08

WordPress Star Rating SQL Injection
Posted Jun 8, 2011

WordPress WP Star Rating plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | af0cf27310df76fad1d0fc948953e58f
Zero Day Initiative Advisory 11-185
Posted Jun 8, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-185 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way java handles color profiles. When parsing a color profile containing a invalid 'bfd ' tag it is possible to specify an integer that can cause an integer to wrap. This integer is then used to specify the size of a heap allocation. By providing a specially crafted tag value an attacker can cause memory corruption that can lead to remote code being executed under to user running the browser.

tags | advisory, java, remote, arbitrary
advisories | CVE-2011-0862
MD5 | a2f6d2c79a0da9e603d5e1c0261b8879
Zero Day Initiative Advisory 11-184
Posted Jun 8, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-184 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way Java handles color profiles. When parsing a color profile containing a invalid 'pseq' tag, the process can be forced to overflow an integer value during an arithmetic operation. The newly calculated value is then used to allocate memory on the heap. By providing specific values it is possible to cause a memory corruption that can lead to remote code being executed under to user running the browser.

tags | advisory, java, remote, overflow, arbitrary
advisories | CVE-2011-0862
MD5 | c89432d6d17782422993c3688c9dba6b
Zero Day Initiative Advisory 11-183
Posted Jun 8, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-183 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way Java handles color profiles. When parsing a color profile containing a invalid MultiLanguage 'mluc' tag it is possible to cause an integer to wrap during an arithmetic operation. This new value is used to allocate memory on the heap. A remote attacker can abuse the faulty code to execute code under the context of the user running the browser.

tags | advisory, java, remote, arbitrary
advisories | CVE-2011-0862
MD5 | 601e85b233b6c62d5036bf074c74f3d0
Zero Day Initiative Advisory 11-182
Posted Jun 8, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JP2IEXP.dll browser plugin. The module creates a window hook when an applet is instantiated within the context of a browser. If the underlying DOM element is cloned and the parent object removed, a dangling reference can exist. When the module attempts to walk the relationship list to call the window hook, the process can be made to jump into uninitialized heap memory. This can be exploited by an attacker to execute code under the context of the user running the browser.

tags | advisory, java, remote, arbitrary
advisories | CVE-2011-0817
MD5 | be8ca1c62897c17995c15cd52d628ded
Red Hat Security Advisory 2011-0858-01
Posted Jun 8, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0858-01 - The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition defines the legal syntax for certain types of files, such as XML files. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A remote attacker could provide a specially-crafted XML file, which once parsed by an application using the Apache Xerces2 Java Parser, would lead to a denial of service . Various other issues were also addressed.

tags | advisory, java, remote, denial of service
systems | linux, redhat
advisories | CVE-2009-2625
MD5 | daaf139d748661c78dd937c1e7a1660a
Red Hat Security Advisory 2011-0857-01
Posted Jun 8, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0857-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Integer overflow flaws were found in the way Java2D parsed JPEG images and user-supplied fonts. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted applet or application. It was found that the MediaTracker implementation created Component instances with unnecessary access privileges. A remote attacker could use this flaw to elevate their privileges by utilizing an untrusted applet or application that uses Swing. Various other issues were also addressed.

tags | advisory, java, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-0862, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871
MD5 | a655c4a521f276615f7ce8b067d36676
Red Hat Security Advisory 2011-0856-01
Posted Jun 8, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0856-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Integer overflow flaws were found in the way Java2D parsed JPEG images and user-supplied fonts. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted applet or application. It was found that the MediaTracker implementation created Component instances with unnecessary access privileges. A remote attacker could use this flaw to elevate their privileges by utilizing an untrusted applet or application that uses Swing. Various other issues were also addressed.

tags | advisory, java, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-0862, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871
MD5 | b24e3c8531118da077efbd3f5f02a2ad
Secunia Security Advisory 44852
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Prosody, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 77d6448c3c93d91f27967cccda56376a
Secunia Security Advisory 44866
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LuaExpat, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
MD5 | 681d20cd1ba1c12a79dbaedd71dc2210
Secunia Security Advisory 44811
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 0956071e65bf89a6f8bccffa2ba0b454
Secunia Security Advisory 44869
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for couchdb. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
MD5 | 5558146f5431a2a32279bef6dcf4a621
Secunia Security Advisory 44790
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for oprofile. This fixes a weakness, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, debian
MD5 | aefa614035b80cbf0a9b33422e5ed88b
Secunia Security Advisory 44757
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Black Box Veri-NAC, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | c6e20534a4b781bcf75cb157bc8f0f25
Secunia Security Advisory 44833
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Patrick Webster has reported multiple vulnerabilities in Squiz Matrix, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 6a24407bfd113a7d4a075a1a7749b1dc
Secunia Security Advisory 44862
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for tor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
MD5 | dfdbd2cbcac4d4acdbc1d22bcd9e4812
Secunia Security Advisory 43756
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Russ McRee has discovered a vulnerability in Silex, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | fc3ea911c078568cd72f93d79e291ec4
Secunia Security Advisory 44759
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered multiple vulnerabilities in BLOG:CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | df114f070d209c7bcbaa42b741de9965
Secunia Security Advisory 44829
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, conduct injection attacks, bypass certain security restrictions, and potentially compromise a user's system.

tags | advisory, vulnerability
MD5 | 163c9797c4be978419857a821259f6d2
Secunia Security Advisory 44758
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
MD5 | b5ab744e15ac2af78c6215aff9aa8a16
Secunia Security Advisory 44793
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 83f3a0b92abd07a82574360830218173
Secunia Security Advisory 44836
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Service Manager and Service Center, which can be exploited by malicious, local users to gain access to potentially sensitive information, by malicious users to conduct script-insertion attacks and bypass certain security restrictions, and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, hijack a user's session, and bypass certain security restrictions.

tags | advisory, local, vulnerability, xss
MD5 | 000da460cc6917617792f05f10db8f5d
Secunia Security Advisory 44832
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Data::FormValidator module for Perl, which can be exploited by malicious people to disclose potentially sensitive information and bypass certain security restrictions.

tags | advisory, perl
MD5 | 2cc6098837d2b7b231c8f4c8d577a04d
Secunia Security Advisory 44740
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Revelation Space has reported a security issue in NetGear ProSafe Wireless-N Access Point WNDAP350, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 6596f9fa58dae63ce9615bc92c16b748
Secunia Security Advisory 44789
Posted Jun 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting or script insertion attacks.

tags | advisory, xss, ruby
MD5 | 1f81ff4f75eebe1050a34057c2f47508
Page 1 of 2
Back12Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    9 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close