exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2011-10-26

Gentoo Linux Security Advisory 201110-24
Posted Oct 26, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-24 - Multiple vulnerabilities were found in Squid allowing attackers to execute arbitrary code or cause a denial of service. Versions less than 3.1.15 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-2621, CVE-2009-2622, CVE-2009-2855, CVE-2010-0308, CVE-2010-0639, CVE-2010-2951, CVE-2010-3072, CVE-2011-3205
SHA-256 | 81093ea2eca3730ec409b6fd39ca3a3cb38e02d4ea76813b10e63d559aef7276
Zero Day Initiative Advisory 11-310
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-310 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe Reader handles compound glyphs. When a glyph has more then 0x7FFF 'numberOfContours' a sign extension occurs resulting in a buffer under-read. Simple glyphs are checked when Adobe Reader parses the font info, but the value for 'numberOfContours' in an compound glyph is the sum of all its child glyphs, and this is not checked. This could result in remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2441
SHA-256 | 7030aad50dc86ab675db40672e540dd821362ccc35c6d3fe64d0b20caaffa95f
Zero Day Initiative Advisory 11-309
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-309 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib.dll component. When handling the exposed method GetDriverSettings the application assembles a string for logging consisting of the hostname/port provided as a parameter. When building this message the process will blindly copy user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-3173
SHA-256 | fcfa13f3866ffb2da52e2b870070db15b517bc752a13de271d5322d307789361
Zero Day Initiative Advisory 11-308
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-308 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in ATAS32.DLL during the parsing of values defined within the WRF file format. The vulnerable code trusts the linesProcessed value from the file, and uses it in some logic to determine the destination pointer for a memcpy. By supplying an overly large linesProcessed value, the subtraction would cause an integer underflow and allows an attacker control of the destination buffer pointer. This can be further leveraged to execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary
systems | cisco
advisories | CVE-2011-4004
SHA-256 | 80b8fd02c6cb7ca21bac8379fedbed3901106726a585dd6053d06553ac42c269
Zero Day Initiative Advisory 11-307
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-307 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because Java does not sufficiently verify parameters certain functions. The function MixerSequencer.nAddControllerEventCallback fails to check for negative index numbers before writing user supplied data into a static array. This allows a malicious applet to write user controlled data outside the array boundaries resulting in remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2011-3545
SHA-256 | 060a302119a9b97e9bbab4d11daf2343cda725d77cd345adbb06190183d3233f
Zero Day Initiative Advisory 11-306
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-306 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java handles IIOP deserialization. Due to insufficient type checking it is possible to trick java into allowing access to otherwise protected and private fields in built-in objects. This could be used, for example, to disable to security manager normally in place for applets. This leads to remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2011-3521
SHA-256 | 361a262ae72479a4afab85c66c4c74c4946348a51ecd9466a86252761ade0d32
Zero Day Initiative Advisory 11-305
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-305 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java handles Rhino Javascript errors. The built-in javascript engine in Java fails to perform sufficient sanitation on javascript error objects. The effect is that untrusted code can run in privileged context. This can result in remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, javascript, code execution
advisories | CVE-2011-3544
SHA-256 | 8a3723fe7c54a5088622225ce98018e3a031f042a887786272ec3f3a310e375d
Online Subtitles Workshop Cross Site Scripting
Posted Oct 26, 2011
Authored by M.Jock3R

Online Subtitles Workshop suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9cbb9700dbfdbd15641db3845b8658946376a74750116516f4e3f542a962eb68
Zero Day Initiative Advisory 11-304
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-304 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. Authentication is not required to exploit this vulnerability. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses an audio stream encoded with the advanced audio codec. A field will be read from the file in order to calculate a length that is later used in a memory copy operation into a statically sized buffer. Successful exploitation can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3252
SHA-256 | a04b546a6d8a8d8ee735e3331d119ed96ffa58ea22d293e200782060f0133779
Zero Day Initiative Advisory 11-303
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-303 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles H.264 streams. When parsing the Sequence Parameter Set data for a H.264 stream it reads the frame cropping offset fields. When those fields contain incorrect data Quicktime will eventually write outside the buffer allocated for the movie stream. This can result in remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3219
SHA-256 | f2c77eceb08491b41749f60147a7c89c25332d5e192f9324e1306462eb246237
HP Security Bulletin HPSBMU02714 SSRT100244
Posted Oct 26, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02714 SSRT100244 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows, solaris, hpux
advisories | CVE-2010-0738
SHA-256 | df1fb5dc4f370f57e8fb63766b14aedc68b391941b231bfb7e693e68ee16c5c8
MG For Media Solutions SQL Injection
Posted Oct 26, 2011
Authored by nGa Sa Lu

MG For Media Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5854e56c6d82eb0e3a4619ba64ea0aa2129db006cd53f457e44bf00c1152c052
Trendmicro IWSS 3.1 Privilege Escalation
Posted Oct 26, 2011
Authored by Jose Ramon Villa

A vulnerability was found in the software IWSS of TrendMicro that could allow an attacker to gain root access in the system. The binary "patchCmd" has sticky permissions for the "setuid" and "setgid" with the user root. The execution is allowed to all users. The code performs a setuid(0) before an a system() by that the execution will take root permissions regardless of user permissions.

tags | exploit, root
SHA-256 | 5c58e2ec89a7aa0742214e1aec3ff4472b0358ec1afdb3c3b4436e5f3f5fc91b
Zero Day Initiative Advisory 11-302
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-302 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within because Adobe Reader X includes an old version of libtiff. Adobe can be tricked in using this library by parsing a specially crafted PDF file containing U3D data. Due to the old version of libtiff Adobe Reader is vulnerable to the issue described in CVE-2006-3459 which can be leveraged to execute remote code under the context of the user running the application.

tags | advisory, remote, arbitrary
advisories | CVE-2006-3459, CVE-2011-2432
SHA-256 | fe46d7a57b0e88f1c4ee58713d2a9fcb8a6fd911ea38779a0a88cd29be04b5d1
Zero Day Initiative Advisory 11-301
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-301 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe handles PICT images. When Adobe parses a PICT image containing an 0x0E opcode and it is read the following word in the file will be interpreted as a loop counter that copies data from the file into a heap buffer that has been created using the height and with of the picture. The resulting heap overflow can result in remote code execution under the rights of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-2434
SHA-256 | bd695122f0088d7e19492af4cb43ec0019f66baf1a92779fe730526aee1847e3
Cisco Security Advisory 20111026-webex
Posted Oct 26, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. Cisco has released free software updates that address these vulnerabilities.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | cisco
advisories | CVE-2011-3319, CVE-2011-4004
SHA-256 | 93098b1c8b18a2d59ce380850b242f12efed51851a996b3df39030b3402f083e
Cisco Security Advisory 20111026-csa
Posted Oct 26, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Security Agent is affected by vulnerabilities that could allow an unauthenticated attacker to perform remote code execution on the affected device. These vulnerabilities are in a third-party library (Oracle Outside In) and are documented in CERT-CC Vulnerability Note VU#520721. Cisco has released free software updates that address this vulnerability. No workaround is available to mitigate these vulnerabilities.

tags | advisory, remote, vulnerability, code execution
systems | cisco
advisories | CVE-2011-0794, CVE-2011-0808
SHA-256 | ab4bea1ebd1ba57b4060bcb395b0421cdfff78b3bd1dd7eb1abae189ecc567b8
Red Hat Security Advisory 2011-1409-01
Posted Oct 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1409-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An uninitialized variable use flaw was found in OpenSSL. This flaw could cause an application using the OpenSSL Certificate Revocation List checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past. All OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2011-3207
SHA-256 | 01d987f9abd7ae51e42235e9f23f32301971df3606cf424fa91e6650de6cd06a
Red Hat Security Advisory 2011-1408-01
Posted Oct 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1408-01 - An updated rhev-hypervisor package that fixes several security issues is now available. The RHBA-2011:1254 update introduced a regression in the Linux kernel's Ethernet bridge implementation. If a system had an interface in a bridge, and an attacker on the local network could send packets to that interface, they could cause a denial of service on that system. A flaw in the Linux kernel could lead to GRO (Generic Receive Offload) fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service. GRO is enabled by default in all network drivers that support it. Various other issues have also been addressed.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-2723, CVE-2011-2942, CVE-2011-3188, CVE-2011-3347
SHA-256 | eaa751b6a72414e3c2ff93e3ab04ec5a934c18a66c443d19e1becc9cd0e9a109
Zero Day Initiative Advisory 11-300
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-300 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe handles PICT images. When Adobe parses a PICT image containing an 0x10 opcode the following word in the file will be interpreted as a loop counter that copies data from the file into a heap buffer that has been created using the height and with of the picture. The resulting heap overflow can result in remote code execution under the rights of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-2433
SHA-256 | 8370bc09ee04e37a43558a1625a5126e99161028a6996fce0a4b6ea177b2205e
Cisco Security Advisory 20111026-uccx
Posted Oct 26, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Contact Center Express (UCCX or Unified CCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) contain a directory traversal vulnerability that may allow a remote, unauthenticated attacker to retrieve arbitrary files from the filesystem. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

tags | advisory, remote, arbitrary
systems | cisco
advisories | CVE-2011-3315
SHA-256 | f0a1764cc981219b3d27b980fae79b2af26ed707cf6df83f2e1317f8ace81208
Xampp 1.7.4 For Windows Cross Site Scripting
Posted Oct 26, 2011
Authored by Sangteamtham

Xampp version 1.7.4 for Windows suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | windows
SHA-256 | cd1c116e00f67c7bd2d9a1dffc91e3af3e2a36d6d43eac27b4dc04258e04bcc5
Zero Day Initiative Advisory 11-299
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-299 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe 2D.x3d PICT image parsing routines. When Adobe Reader parses an PICT image it uses a static buffer to store certain image header values. Due to insufficient checks for the end of the buffer it is possible to write outside the stack buffer. The resulting stack overflow could result in remote code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-2435
SHA-256 | 5dc9c58b3cea78921a78163458edd743c68322a03eaccfabc9a632cc1d2e2788
Zero Day Initiative Advisory 11-298
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-298 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .IFF image. While it tries to copy the image data from the RGBA chunk insufficient boundary checks are performed on a row counter which could lead to a heap overflow. This could result in remote code execution with the rights of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-2436
SHA-256 | 7a7c5fc669ce9201949022c7f4d2f348d5a3a5565c7784c167c86cd5c86f2f9b
Zero Day Initiative Advisory 11-297
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-297 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .PCX image it creates a 32 bits loop counter based on the height and width of the image. It then enters a loop to copy data from the file in to a memory buffer, but the loop counter used in that function is only a 16 bit integer and as such can never reach the end of the loop when the max loop counter is bigger then 0xFFFF. Exploitation of this issue allows for remote code execution under the context of the user running the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2437
SHA-256 | 954b803177f00023d2845cf0ca614c721fb681020e92b0cb677c68dc7751c440
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close