Mandriva Linux Security Advisory 2012-045 - Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service via a large SessionTicket. The updated packages have been patched to correct this issue.
572e8c5259414309e786c80cfcc0c353Landshop version 0.9.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
7fe01044382a154e5008d587bd38fab8Bitsmith PS Knowbase version 3.2.3 suffers from a buffer overflow vulnerability.
64e9f716937cf71a42f866d7c3bd0c06This Metasploit module exploits a vulnerability due to the fact that AtomicReferenceArray uses the Unsafe class to store a reference in an array directly, which may violate type safety if not used properly. This allows a way to escape the JRE sandbox, and load additional classes in order to perform malicious operations.
231bc9024a8d1bdd347e7c1c06aeacf5This whitepaper goes into detail on how to bypass tolower() filters in buffer overflows. It uses a stack-based buffer overflow as an example but the technique can also be applied to heap overflows as well.
f64919dfc1aa21cbaaaaeadd847a02ffJAMWiki version 1.1.4 suffers from a reflective cross site scripting vulnerability.
c41d9e87bff147429447751bc99e93e3SocialCMS versions 1.0.2 and below suffer from multiple cross site scripting vulnerabilities.
7e830a0a868616aaaad87062861fe82dSimple PHP Agenda versions 2.2.8 and below suffer from multiple cross site request forgery vulnerabilities.
2115134f72ada62b4a134ceb4137c0d8This is a brief whitepaper discussing the security of contactless smartcard technology.
bec6389370e339eaae8653020480ad03MailMax versions 4.6 and below POP3 USER remote buffer overflow exploit.
24ed1d2a3aced115de4bc69efbd82782SyndeoCMS versions 3.0.01 and below suffer from a persistent cross site scripting vulnerability.
7db0a466f9aa1fc57ae522f0fd0c5f0dVMware suffers from a backdoor ROM overwrite privilege escalation vulnerability.
ac9c357fb3ec066762da9b1543eb0f6dIntuit Help System suffers from protocol file retrieval vulnerability.
a0b26fa201e834e79aa35a5e5bec4c88Dalbum version 144 build 174 suffers from a cross site request forgery vulnerability.
02e8d20381914b8d3f7e4e0f2887a292Intuit Help System suffers from protocol URL heap corruption and memory leak vulnerabilities.
c4a7ca65d102d5fbddb0b26479033d43WebMatter CMS suffers from a remote SQL injection vulnerability.
7a165d9bc3a1e4ec2b323e79c82849a9ArticleSetup versions 1.11 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
7bffcd87c83238fa8ddb16684ba79dadPHP versions 5.4 and 5.3 suffer from a deprecated eregi() memory_limit bypass vulnerability. Proof of concepts included.
0e2bd88a30f6eb4922b26eb8de7a90dcFirstload.com suffers from a cross site scripting vulnerability.
c43557049d2936484768f097613df4aeVMware Security Advisory 2012-0006 - VMware ESXi and ESX address several security issues.
33ec7bc42c9c6c50e69c08c3cf727c79Secunia Security Advisory - A vulnerability has been discovered in Havalite, which can be exploited by malicious users to compromise a vulnerable system.
e17fdc00129e48f44bc7d3790576d5afSecunia Security Advisory - A vulnerability has been discovered in Havalite, which can be exploited by malicious users to compromise a vulnerable system.
e17fdc00129e48f44bc7d3790576d5afSecunia Security Advisory - A vulnerability has been reported in Red Hat Network Satellite, which can be exploited by malicious people to bypass certain security restrictions.
87512db6b9ba0b02f8c296a3c77b18a2Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges, by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
e3e0acc024459e92de0d4e28ec553466Secunia Security Advisory - Antu Sanadi has discovered multiple vulnerabilities in ArticleSetup, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.
f17d03ffa9877392cb08a6c8fefc7137
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed