exploit the possibilities
Showing 1 - 25 of 54 RSS Feed

Files Date: 2012-04-19

xRadio 0.95b Buffer Overflow
Posted Apr 19, 2012
Authored by b0telh0

This Metasploit module exploits a buffer overflow in xRadio 0.95b. Using the application to import a specially crafted xrl file, a buffer overflow occurs allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
MD5 | d1967b21c5543133760db56cb87e6b90
OpenSSL Memory Corruption
Posted Apr 19, 2012
Authored by Tavis Ormandy

OpenSSL versions up to and including 1.0.1 are affected by a memory corruption vulnerability. asn1_d2i_read_bio in OpenSSL contains multiple integer errors that can cause memory corruption when parsing encoded ASN.1 data. This error can be exploited on systems that parse untrusted data, such as X.509 certificates or RSA public keys.

tags | advisory
advisories | CVE-2012-2110
MD5 | 2bf130ff51f153d5d7a967c16cb24e15
Oracle GlassFish Server 3.1.1 Cross Site Request Forgery
Posted Apr 19, 2012
Authored by Roberto Suggi Liverani | Site security-assessment.com

Oracle GlassFish Server version 3.1.1 build 12 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2012-0550
MD5 | c7da8a95e3f553d94d68cb727da735e8
Oracle Enterprise Manager Session Fixation
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5 and 11.1.0.7 (and previous patchsets) suffer from a session fixation vulnerability.

tags | advisory
advisories | CVE-2012-0528
MD5 | 1894a14b5bb37c8ff3d21f788c6469a5
Ruxcon 2012 Call For Papers
Posted Apr 19, 2012
Site ruxcon.org.au

Ruxcon 2012 Call For Papers - Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. This year the conference will take place over the weekend of 20th and 21st of October at the CQ Function Centre, Melbourne, Australia.

tags | paper, conference
MD5 | b80710263313a4cf99938ecf24e17bbc
Oracle Enterprise Manager prevPage HTTP Response Splitting
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7 and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the prevPage parameter.

tags | advisory, web
advisories | CVE-2012-0526
MD5 | 6baf46cb9232452978e7352e72863bfa
Oracle Data Lock Account Protection
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Data Server versions 10gR1, 10gR2 (10.2.0.5 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) suffer from incomplete protection of locked accounts.

tags | advisory
advisories | CVE-2012-0510
MD5 | c118e002b2a768709a7363f5b2344509
Oracle Enterprise Manager pageName HTTP Response Splitting
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7, and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the pageName parameter.

tags | advisory, web
advisories | CVE-2012-0527
MD5 | 27a76fc7e6bb37728dc021ee5a147638
Oracle Failed Logging On Password Attempts
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database Server versions 10gR1, 10gR2 (10.2.0.4 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) have an issue where failed authentication attempts using the OCIPasswordChange API are not recorded.

tags | advisory
advisories | CVE-2012-0511
MD5 | 3e25a4e65d6288bc5e58d726eeb0edd9
Comodo Internet Security Blue Screen Of Death
Posted Apr 19, 2012
Authored by Ange Albertini

Comodo Internet Security versions until 5.9 suffered from a blue screen of death denial of service condition on Microsoft Windows 7 x64 if a 32b PE with a kernel ImageBase is executed.

tags | advisory, denial of service, kernel
systems | windows, 7
MD5 | 2661aaf906b34a13596c4af7c97648d7
Oracle Enterprise Manager searchPage SQL Injection
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 11.1.0.7 and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control versions 10.2.0.5 and 11.1.0.1 (and previous patchsets) suffer from a remote SQL injection vulnerability in the searchPage web page.

tags | exploit, remote, web, sql injection
advisories | CVE-2012-0525
MD5 | ce03999aad65483f39fedf75e230595a
ReadyDesk Cross Site Scripting
Posted Apr 19, 2012
Authored by Sony

ReadyDesk suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 40a0a1b4153c7cad98cd63943901cd25
Oracle Enterprise Manager compareWizFirstConfig SQL injection
Posted Apr 19, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 11.1.0.7 and 11.2.0.2 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.4 (and previous patchsets) suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2012-0512
MD5 | 5503861e0f353e5fd095bc0d01b2cc49
ChatBlazer Flash Chat Cross Site Scripting
Posted Apr 19, 2012
Authored by Sony

ChatBlazer Flash Chat suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 061275d9d49eca0868ef22a71560f1b2
PG-MailingList 3.0 Cross Site Scripting
Posted Apr 19, 2012
Authored by KedAns-Dz

PG-MailingList versions 3.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 22da6a8c8d279128968cf159701d13bd
Bugzilla Unauthorized Access / Cross Site Scripting
Posted Apr 19, 2012
Authored by Soroush Dalili, Frederic Buclin, Byron Jones | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 3.5.3 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from an authorized access vulnerability. Bugzilla versions 2.17.4 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2012-0465, CVE-2012-0466
MD5 | 080f4edb5da8c3f2bcc784a578a6d7a2
Adobe Flash Player NetStream Remote Code Execution
Posted Apr 19, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.

tags | advisory, remote, arbitrary
advisories | CVE-2012-0773
MD5 | 1b4870f5f879eec739f728121975c5c5
VLC 2.0.1 Division By Zero
Posted Apr 19, 2012
Authored by Senator of Pirates

VLC version 2.0.1 suffers from a division by zero vulnerability during the handling of mp4 files.

tags | exploit, denial of service
MD5 | 7145caf8e0bb8a40b843ae226873de7c
Wireshark call_dissector() Denial Of Service
Posted Apr 19, 2012
Authored by Wireshark

Wireshark suffers from a call_dissector() NULL pointer dereference denial of service vulnerability. Proof of concept pcap included.

tags | exploit, denial of service, proof of concept
systems | linux
advisories | CVE-2012-1593
MD5 | 817850b427bd1cd44213e9803dba4327
EMC Data Protection Advisor Denial Of Service
Posted Apr 19, 2012
Site emc.com

EMC Data Protection Advisor (DPA) contains vulnerabilities that can potentially be exploited by malicious users to cause denial of service.

tags | advisory, denial of service, vulnerability
advisories | CVE-2012-0406, CVE-2012-0407
MD5 | 77b529a904905e1b948cbf7832e4bf6c
Secunia Security Advisory 48870
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Enterprise Manager Grid Control, which can be exploited by malicious users and malicious people to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | a51161803da301f07c3f912f4bfda97b
Secunia Security Advisory 48864
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Oracle JRockit, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 4a1396af73d7f890f1056704b344c912
Secunia Security Advisory 48867
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 14946ea31cff5efa85c61277a0ef91c9
Secunia Security Advisory 48869
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle WebCenter Forms Recognition, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | dce0aafb4fbea799bbd0ba9101f0e5c2
Secunia Security Advisory 48861
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Identity Manager, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory
MD5 | 1d872965d40a9a05f73ed75fab787ba9
Page 1 of 3
Back123Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close