what you don't know can hurt you
Showing 1 - 25 of 30 RSS Feed

Files Date: 2011-10-15

Zero Day Initiative Advisory 11-290
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-290 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within mshtml.dll and is a logic bug in the way it handles the 'extra size index' in certain CDispNode classes within the SetExpandedClipRect function. When the 'extra size index' is zero, the code fails to correctly adjust the class instance pointer before and uses the vftable pointer as a flag field. This corrupts the vftable pointer and can lead to remote code execution under the context of the current user. This issue is closely related to CVE-2009-3672.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2001
MD5 | ebc951ea3d9ca447a4c14ea9cf496733
Zero Day Initiative Advisory 11-289
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-289 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles calls to the method swapNode(). When a call to swapNode is issued on an node within a document that has two body nodes, Internet Explorer frees an attribute field for one of the body nodes and then later re-uses the freed field during the node swap. This behavior could result in remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2000
MD5 | 7b9e423b62ef2ada8de046c8de5f1b78
Zero Day Initiative Advisory 11-288
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-288 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer 8. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application verifies arguments for a certain operation performed on an element. When parsing one of the operands of a method, the application will pass the argument straight to a method that will use the variant as an index. Due to bypassing the argument check, an aggressor can set the index to point to data outside the bounds of the array. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-1999
MD5 | d6582e8b95f499fb1939f063cd18ed1e
Zero Day Initiative Advisory 11-287
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-287 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the caching implementation of a Select element. When modifying this cache, there are certain methods that do not update the cache correctly. Due to these inconsistencies, one can desynchronize the cache with elements that have been freed. While using these freed elements, the application's perception of type-safety becomes skewed and usage of the object can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-1996
MD5 | b5ebec42ff3db215b08593562b8736bb
Gentoo Linux Security Advisory 201110-12
Posted Oct 15, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-12 - Multiple denial of service vulnerabilities were found in Unbound. Versions less than 1.4.10 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0969, CVE-2011-1922
MD5 | afa7fc1cab25350284e94571996a3e4e
Mandriva Linux Security Advisory 2011-150
Posted Oct 15, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-150 - Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service or possibly have unspecified other impact via a long line in a response.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2011-3208
MD5 | 80f10402a0d944593d1312c682a0a988
AV Arcade Pro 5.4.3 Cookie Manipulation
Posted Oct 15, 2011
Authored by indoushka

AV Arcade Pro version 5.4.3 suffers from an insecure cookie vulnerability that allows for access bypass.

tags | exploit, insecure cookie handling
MD5 | b19fe616cfb1489b4b4a4db51c1623c0
aSgbookPHP 1.9 Cross Site Scripting
Posted Oct 15, 2011
Authored by indoushka

aSgbookPHP version 1.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 65098431d03eda5b7a90133730f97bff
Perl CGI Shell
Posted Oct 15, 2011
Authored by Marshall Whittaker

This is a Perl CGI backdoor that provides shell-like capability.

tags | tool, shell, cgi, perl, rootkit
systems | unix
MD5 | e09fcae11cb6f6b92baca45b082449ce
Secunia Security Advisory 46373
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xerox ColorQube, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 3a98c67cdcab49f50e6f3985ca22a15c
Secunia Security Advisory 46372
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes two weakness and a vulnerability, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux, suse
MD5 | 93ed736e1e4f4c03108d4b3a251ccecb
Secunia Security Advisory 46351
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in ICONICS GENESIS32, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | b4034200edfd3cb1affab4f73677a9f0
Secunia Security Advisory 46361
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for dokuwiki. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
systems | linux, debian
MD5 | 03356e7dc0b5d70ab0d359412e31cfcb
Secunia Security Advisory 46395
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability have been reported in Kent Web Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
MD5 | a3840cb39e91bb2ce795995565166e77
Secunia Security Advisory 46283
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported two vulnerabilities in GenStat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 3252ad1494438aa0498f7acc396c281f
Secunia Security Advisory 46267
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Time Returns component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 95e31e73373348ad0b29008a9b92a309
Secunia Security Advisory 46368
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Barter component for Joomla!, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 8e9e970a5ea3abf65ca525bf833bfae2
Secunia Security Advisory 46343
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
MD5 | 1d10eb3f0c3278e15b45f9524b4e8868
Secunia Security Advisory 46378
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in JAKCMS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 8d8200122cfed88fe107a34fd96bc69d
Secunia Security Advisory 46164
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for bugzilla. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain access to potentially sensitive information, by malicious users to conduct script insertion attacks, and by malicious people to disclose potentially sensitive information, conduct HTTP response splitting, cross-site request forgery, and spoofing attacks, and bypass certain security restrictions.

tags | advisory, web, local, spoof, vulnerability, csrf
systems | linux, debian
MD5 | 3568f2c425a98a8193cb075dc8034f44
Secunia Security Advisory 46342
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for openssl. This fixes multiple vulnerabilities, where one has unknown impacts and others can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), conduct spoofing attacks, and compromise an application using the library.

tags | advisory, denial of service, spoof, vulnerability
systems | linux, gentoo
MD5 | 4c770e9ff0bf62b0e698bb634cf38958
Secunia Security Advisory 46276
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in KaiBB, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | ab93d31ff8e081bc197a04b182fb815c
Secunia Security Advisory 46338
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported multiple vulnerabilities in atvise webMI2ADS, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 399431c19403cfbc73e10a109a46f92c
Secunia Security Advisory 46385
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Onboard Administrator, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | a01dd03f01d572e76c5546acaac45f97
Secunia Security Advisory 46367
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability have been reported in Kent Web Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
MD5 | e0511b1d79f6756172ea68d756719724
Page 1 of 2
Back12Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    1 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close