accept no compromises
Showing 1 - 25 of 28 RSS Feed

Files Date: 2011-08-13

Apache Tomcat 7.0.0 Through 7.0.16 Information Disclosure
Posted Aug 13, 2011
Authored by Mark Thomas | Site tomcat.apache.org

The re-factoring of XML validation for Tomcat 7.0.x re-introduced the vulnerability previously reported as CVE-2009-0783. This was initially reported as a memory leak. If a web application is the first web application loaded, this bug allows that web application to potentially view and/or alter the web.xml, context.xml and tld files of other web applications deployed on the Tomcat instance.

tags | advisory, web, memory leak
advisories | CVE-2011-2481
MD5 | fffc75ef02341bc27a0d78a4480c077e
Zero Day Initiative Advisory 11-253
Posted Aug 13, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-253 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for evaluating the scroll method of the Actionscript Bitmap class. The function that uses the parameters to the scroll method performs arithmetic using data from the instantiated Bitmap object. By creating a Bitmap with certain integer values and subsequently calling the scroll method with other large integer values it is possible to force an integer wrap to occur. The resulting value is utilized to calculate a pointer which is operated upon by memory copy operations. By crafting specific values this issue can be exploited to execute remote code in the context of the user running the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2138
MD5 | 598faab01fb99c38b111b111d7057801
Zero Day Initiative Advisory 11-252
Posted Aug 13, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-252 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the PnSize PICT opcode. It converts an unsigned 16 bit value into a signed 32 bit value. This value is later used as the size parameter for a memory copy function that copies from the file onto the stack. The results in a stack based buffer overflow that allows for remote code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2011-0257
MD5 | b1b11ef2403fe7f57538a0383a6d1b2f
Debian Security Advisory 2293-1
Posted Aug 13, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2293-1 - Tomas Hoger found a buffer overflow in the X.Org libXfont library, which may allow for a local privilege escalation through crafted font files.

tags | advisory, overflow, local
systems | linux, debian
advisories | CVE-2011-2895
MD5 | e253916d4b8e2a73d65316c577e8fa03
Al-Jazeera SQL Injection
Posted Aug 13, 2011
Authored by Skote Vahshat

Al-Jazeera suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9e567226a5dc4915a4a94acb033a8e8f
Joomla Soft SQL Injection
Posted Aug 13, 2011
Authored by Skote Vahshat

The Joomla Soft component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5c9499774793f4be7e4200150410c829
MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
Posted Aug 13, 2011
Authored by Javier G. Sanchez, Shahin, juan vazquez, Yamata Li | Site metasploit.com

This Metasploit module exploits a buffer overflow in l3codecx.ax while processing a AVI files with MPEG Layer-3 audio contents. The overflow only allows to overwrite with 0's so the three least significant bytes of EIP saved on stack are overwritten and shellcode is mapped using the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. Please note on IE 8 targets, your malicious URL must be a trusted site in order to load the .Net control.

tags | exploit, overflow, shellcode
advisories | CVE-2010-0480, OSVDB-63749
MD5 | a4fc75931c79408d2af8663e709a2fc9
TeeChart Professional ActiveX Control 2010.0.0.3 Trusted Integer Dereference
Posted Aug 13, 2011
Authored by mr_me, sinn3r | Site metasploit.com

This Metasploit module exploits a integer overflow in TeeChart Pro ActiveX control. When sending an overly large/negative integer value to the AddSeries() property of TeeChart2010.ocx, the code will perform an arithmetic operation that wraps the value and is later directly trusted and called upon. This Metasploit module has been designed to bypass DEP only under IE8 with Java support.

tags | exploit, java, overflow, activex
advisories | OSVDB-74446
MD5 | a64f154430c3e8c54cae0f1c7c7c393b
WebsiteBaker 2.8.1 File Upload
Posted Aug 13, 2011
Authored by Aung Khant | Site yehg.net

WebsiteBaker versions 2.8.1 and below suffer from an arbitrary file upload vulnerability.

tags | advisory, arbitrary, file upload
MD5 | f5b26067e953b8f922422ee4a5ad20f2
Secunia Security Advisory 45568
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for xorg-x11. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, redhat
MD5 | 3532364f94d86173ffc0e94c0cc9614b
Secunia Security Advisory 45589
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for ecryptfs-utils. This fixes multiple security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and potentially gain escalated privileges.

tags | advisory, denial of service, local
systems | linux, suse
MD5 | 6a82c72e119c56d32dbd3c4f18da87a0
Secunia Security Advisory 45591
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 272e7bdbcad0f47ce7a8cdc4523ea65c
Secunia Security Advisory 45551
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Khashayar Fereidani has discovered a vulnerability in Phone Drive, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
MD5 | 21521b52dbecb356c771b22ed4b2b6da
Secunia Security Advisory 45489
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, kernel, local
systems | linux
MD5 | 6901debbfdd8cc612ccc78bd3f7911bc
Secunia Security Advisory 45570
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the VPortfolio component for Joomla!, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
MD5 | 0581ea26f7504e90d6a2a223bf91c8a6
Secunia Security Advisory 45601
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Unitronics OPC Server, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 94c60424045542fe7f495d2d2124ddd6
Secunia Security Advisory 45594
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for foomatic-filters. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, suse
MD5 | 5a73491e2ede76a669f671d6b3b78026
Secunia Security Advisory 45569
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libXfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, redhat
MD5 | 3dfb1a0d267e36ed3b9bdfde08963483
Secunia Security Advisory 45547
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the TeeChart Pro ActiveX control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
MD5 | 741530a8d7c9bcbef0f3ae4f834e7c07
Secunia Security Advisory 45545
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for NetworkManager. This fixes a weakness, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
systems | linux, fedora
MD5 | e98790fe310c9306fb9a10ad9f796216
Secunia Security Advisory 45542
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for glpi, glpi-data-injection, glpi-mass-ocs-import, and glpi-pdf. This fixes a security issue, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
systems | linux, fedora
MD5 | 81b6f00af1901f8e8d4f6448cba2e200
Secunia Security Advisory 45567
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Khashayar Fereidani has discovered a vulnerability in Phone Drive Lite, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | 62469c0f3e9f2681f6cb660c3bc9629f
Secunia Security Advisory 45579
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - antion has discovered a vulnerability in the All in One Adsense and YPN plugin for WordPress, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | aa6909f40a500e59eae401dabac60f49
Secunia Security Advisory 45546
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Lostmon has reported two vulnerabilities in Calisto, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 98174810f7e4c9328b5e2259ace1365f
Secunia Security Advisory 45530
Posted Aug 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose system information, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
MD5 | fe96cb5de61ee6a713ace766c2698903
Page 1 of 2
Back12Next

File Archive:

August 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    30 Files
  • 3
    Aug 3rd
    20 Files
  • 4
    Aug 4th
    17 Files
  • 5
    Aug 5th
    4 Files
  • 6
    Aug 6th
    2 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    18 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    24 Files
  • 11
    Aug 11th
    10 Files
  • 12
    Aug 12th
    3 Files
  • 13
    Aug 13th
    3 Files
  • 14
    Aug 14th
    10 Files
  • 15
    Aug 15th
    16 Files
  • 16
    Aug 16th
    18 Files
  • 17
    Aug 17th
    15 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close