VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by an array indexing error in the "dirapi.dll" component when processing malformed data within the "rcsL" record, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
ebae7c8e4b3e98c31ecdf30a8b7435873c1dc320927f43e66e6c37e4eda6e5eaVUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by a buffer overflow error when processing a malformed ActionScript FileReference method, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
86c6eebd998ef19a66f897c458792f0e8d3b83f1a7b9d3f16cfdd6960d84e4efThe Microsoft Chart Control is vulnerable to an information disclosure vulnerability. By sending a specific GET request to an application implementing the chart control, attackers could read arbitrary files on the system.
b6ea78a725c0fad21b5d60a1b1743538aff281317ee65f07e13bb1913c9acdcdSecunia Security Advisory - A vulnerability has been reported in Intel Active System Console and Multi-Server Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
af589888fbb6ff6a93dc3b9f926df7e9dff499dd2b76ff44d0ae914f27ba2c50Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
12b73653154e4440f29606a7965cfb5449ea98e2aa417855923ff37c112c61d0Secunia Security Advisory - A vulnerability has been reported in Radfa Sabadkharid, which can be exploited by malicious people to conduct SQL injection attacks.
4f8eaddf5b838e7281f8026c3483bf482d09d9bc73e3c5ce27a994d06c457fc3Secunia Security Advisory - Multiple vulnerabilities have been discovered in Symantec Endpoint Protection Manager, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
c22d79cbb65d987e3a7ffd72809ecd4044d10ea30f0121ab04f7686bf4bdbbdeSecunia Security Advisory - Two vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).
cfcafcfaf0f5097d9084a690c1feed4cdc6d6828ddae9bc172439c6c4b00c1dbSecunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
7152ee3fb34a4ea223fa3774995cccbd0df4ea858465bc58111af0a3232e9797Secunia Security Advisory - Red Hat has issued an update for JBoss Communications Platform. This fixes a weakness, which can be exploited by malicious people to compromise a vulnerable system.
4e911829889b3c667b023c781fa2884fa74edec7dd15000d39eeae5fc604700aSecunia Security Advisory - Debian has issued an update for isc-dhcp and dhcp3. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
35988ec7c5bb470398b416b7877194b636917c3096ccf4150ea508532ba31fbeSecunia Security Advisory - A vulnerability has been reported in ffmpeg, which can be exploited by malicious people to potentially compromise an application using the library.
45370aaec2fea66488b56fc323f7caf22d94e9764a8ee758ffefaed5fedd10acSecunia Security Advisory - SUSE has issued an update for cgit. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
a44738af61356563d7d72ce852e027c78281ecde666e0116c862898744f26e6bSecunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in the eShop plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
110dbf73a16d13c83b8eb7a8d33151aac452df9838bf4e779973f683e979440fSecunia Security Advisory - A vulnerability has been reported in X.Org libXfont, which can be exploited by malicious, local users to gain escalated privileges.
b22ac93f51bf950b35a3057bb027b95ec5e76bc77d8b11dc7e5a3f4a1c792b1bSecunia Security Advisory - A vulnerability has been reported in TORQUE Resource Manager, which can be exploited by malicious people to bypass certain security restrictions.
09a18adb762451157aaf7e193b7b3832b5e0f13d1ba889d3af0df1fa0e26f181Secunia Security Advisory - Red Hat has issued an update for dbus. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
d65b7a0ff8e82a2c096dc8aad16d1f9f73d7742cecbf10357091d4849f12eda2Secunia Security Advisory - Fedora has issued an update for openarena. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
7ba0518513f4a5ddb27a848e12ef6104cbefa770420a8d7bcef2e50d26a1c83fThe libavcodec library, an open source video encoding/decoding library part of the FFmpeg and Libav projects, performs insufficient boundary check against a buffer index. The missing check can result in arbitrary read/write of data outside a destination buffer boundaries. The vulnerability affects the Chinese AVS video (CAVS) file format decoder, specially crafted CAVS files may lead to arbitrary code execution during decoding.
2fa88819712d2684e260c17f8e2578209ceca2f13e8054b71311db41b94f041diDefense Security Advisory 08.09.11 - Remote exploitation of an integer overflow vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. During the allocation of an array within a certain internal ActionScript function, a size calculation may cause an integer value to overflow. This condition may lead to the bounds of an undersized array being overflown during a memory copy operation. This can result in arbitrary code execution.
ad96594bfd0771b3e3c7af67f19881e8a68ee7601ad242799dc2d78119f54b9bAdobe RoboHelp version 9.0 suffers from a cross site scripting vulnerability. Versions 9.0.1.232 and below are affected.
030bd02ed87fa9db347042add775e5c107f9d301129ca2e5d309b31c2f06d4aaHP Security Bulletin HPSBGN02696 SSRT100590 - A potential security vulnerability has been identified with HP webOS Calendar Application. This vulnerability could be exploited to execute arbitrary HTML or JavaScript. Revision 1 of this advisory.
82f6829a0910db0807575e7297d3b628387f07b5a81882d18cd18540837b62f5Red Hat Security Advisory 2011-1144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-21, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
733230187505373dba9388c5eaf2fc3a0fa574da0be639a2fd621d05afb20b3dWhitepaper called Jugando en la red. This tutorial focuses on using Backtrack 4 RC2 to hack wireless. Written in Spanish.
49ab9a712c223e031e00ce7e89adcb97b2687ab92b432230c49afcfb1b61fb51Whitepaper called Asaltando Redes Wi-Fi. This manual explains how to crack WEP to recover a password. Written in Spanish.
cf2e1b7ec9e6852b5d0c7bd1a949d48876475ba8ad49f9dbca3206ebcb57148b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed