Zero Day Initiative Advisory 11-263 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within vxsvc.exe. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack during the handling of the ascii strings (opcode 6) where the 32-bit field supplied by the attacker is used for allocating a destination buffer by adding an additional byte to its value. This integer overflow can be used to create a small allocation which will be subsequently overflowed, allowing the attacker to execute arbitrary code under the context of the SYSTEM.
0fcbff142d7610a53b48282940d56393214feea54905383c4a36f0cf94dbadb5
Check Point Security Management Products suffer from multiple symlink vulnerabilities. Due to the combination of inadequate file checks, predictable file names and writing of temporary configuration files to /tmp it is possible for a unprivileged local user to exploit the post-installation script to overwrite arbitrary files on the security management system through symlink following. The script also contains a second-order symlink vulnerability which makes it possible for an attacker to gain control of the SMS configuration file: $FWDIR/conf/sofaware/SWManagementServer.ini.
9c9530656dc7486ce3d99175a4a77905ed90e3d797246e746914fe8311174a28
Mozilla Firefox version 3.6.16 mChannel Object use-after-free exploit for Windows 7.
1e44b9126b0d7869d8928eb0f6c65977f1d59a9eb27da3b8a266464e729e227d
Zero Day Initiative Advisory 11-262 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vxsvc.exe process. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack where a 32-bit field holds a value that, through some calculation, can be used to create a smaller heap buffer than required to hold user-supplied data. This can be leveraged to cause an overflow of the heap buffer, allowing the attacker to execute arbitrary code under the context of SYSTEM.
369c480b1433f3a1b7d765b6183a369c5a8cb2b449ae0983ec599f68611a09fd
Microsoft Windows 7 Ultimate SP1 32 bit and 64 bit suffers from a RPC denial of service vulnerability due to mishandling of malformed DHCPv6 packets.
c5dce36fdf75da8e6e2691aa8865253724e1cb7f7bd8fe3cf50839029dafad31
Zero Day Initiative Advisory 11-261 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor class ActiveX control (CLSID 466576F3-19B6-4FF1-BD48-3E0E1BFB96E9). The SaveXML() method is vulnerable to directory traversal, which allows an attacker to write arbitrary content to the filesystem. A remote attacker could leverage this vulnerability to gain code execution under the context of the web browser.
977a07c8783022390a2076d71e7c65838ea903374ca8c321c181d7450fe5e5d5
Sagem Router Fast versions 3304, 3464, and 3504 remote telnet authentication bypass exploit.
1fe135275c9cd49eeac9517457a7fdd1233d171f3c101cf87644b2e6a4f3a9f4
Zero Day Initiative Advisory 11-260 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Nortel Media Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the cstore.exe component which listens by default on TCP port 52005. When handling a CONTENT_STORE_ADMIN_REQ packet type the process trusts length value provided by the 'cs_anams' parameter and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
7779f3c7bb1a89ef01d022bbb09d2fc249844c39f363a24524bad1945afac2fe
Zero Day Initiative Advisory 11-259 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles corrupt Sample Size atoms. When the value for 'Number of Entries' in this atom differs from the 'Number of Entries' in the Time-To-Sample atom, QuickTime will fill the Atom Sample Table with uninitialized data read from memory. This can later on result in a heap overflow when the data is used to calculate a loop counter to fill a heap buffer.
4042c59dc976e1482717baaf40d66c37a84d10130895354cee891e7e9212fb8e
Zero Day Initiative Advisory 11-258 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the Sample-to-Chunks table in media files with 'twos' audio codec. If a value for 'samples per chunk' is bigger than 8 times the sample rate from the 'Sample Description Atom' it will cause a buffer overflow during the parsing of the atom sample table. This can result in remote code execution under the context of the current user.
750e0fd65e0457f33544cbda420a5aff5e0d6dcfe999be68d9fd684d7a74ea65
WordPress IP-Logger plugin versions 3.0 and below suffer from a remote SQL injection vulnerability.
6e6ca5b4fa9f5919691469be6ce948364415e86dc3af82231bf9542d13f95415
Code Widgets Databound Shopping Cart suffers from a remote SQL injection vulnerability.
da741b279e7afb90745376c9e4895675884a96a5a94b87d0eb4aaa9385bcd68a
Code Widgets Web-based Help System Web Application suffers from a remote SQL injection vulnerability.
9066dc62caaabf0747d9e2758cfbafbb77937ff7404956478482ea2e107341c3
Zero Day Initiative Advisory 11-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.
cdb1fff5d1189aa470f9941b86f7f44595f91c34c0571417c67f93bf2b3f6afb
Dpconsulenze suffers from a remote SQL injection vulnerability in dettaglio.php.
d6504a41cd4904a4dcc02a833504dd1dd059cc3549adf20277125a59f6b53fd7
KvVM suffers from a remote SQL injection vulnerability.
6d9315aac44739538bddfb4187bc836411347339c7fbab53a68c77bed7a3c53b
phpList versions 2.10.1 through 2.10.14 suffer from improper access control and information leakage vulnerabilities.
b3615532e16776b5cf2859f7aede85c346cb7619bc40fc4060021b24f356ae2f
Code Widget Database Driven Product Catalogue suffers from a remote SQL injection vulnerability.
32cb5f176c11e552091323187ccae1f0cea34e4ab14f2d961a343187063052ae
Dedacom suffers from a remote SQL injection vulnerability.
ee75ccdcffa8c7f959452981fff2ef9b1eeccab4dcf3108bd92e8226a2deb9d3
Code Widgets Web-based Alpha Tabbed Address Book suffers from a remote SQL injection vulnerability.
d46ce0592e59ffd2edd98f7f1d58ae2bdb83f70a57a0dc98d9289899221e7c6e
Code Widgets SpiderTrap-Spider,Robot and Harvester Blocking suffers from a remote SQL injection vulnerability.
a1885c295400b3789e198665fb1d935f92e721da81a26fd30b3fa24373b2fcb2
Zero Day Initiative Advisory 11-256 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime parses QuickTime Media Link (.qtl) files. The code which parses the .qtl parameter files fails to properly validate the size of the src parameter before copying it into a fixed length stack buffer. By supplying an overly long value for the src parameter, an attacker can leverage this flaw to execute malicious code within the context of the browser.
5306ec97e09c85dea4b3f2a494f14a62a4532c3063b3a7f6c4c9855dcebff5e1
The phpWebSite Userpage module suffers from a cross site scripting vulnerability.
d8503ff48c835602b89771890805b97e089e05233297a4720d724b9a262f3788
Zero Day Initiative Advisory 11-255 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.
eb22a6085f298a0e2ddb2331f396d5648396388c8b27503cb5dcb3901124e6fa
Zero Day Initiative Advisory 11-254 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles the 'trun' atom. QuickTime uses user supplied data in the 'sampleCount' field to calculate a buffer size. An integer wrap can occur that results in the allocation of a memory buffer that is smaller than intended. When QuickTime writes to this buffer it causes a memory corruption that can lead to remote code execution under the context of the current user.
2eae2f1a2ecaad9be0997ec66789b0041464a81dabe75da74fdd5dc2b482aa7c