exploit the possibilities
Showing 1 - 25 of 54 RSS Feed

Files Date: 2012-05-16

OpenOffice.org Memory Overwrite
Posted May 16, 2012
Authored by Kestutis Gudinavicius

OpenOffice.org versions 3.3 and 3.4 Beta suffer from a memory overwrite vulnerability.

tags | advisory
advisories | CVE-2012-2149
SHA-256 | 8835dab05febe30ee3df1bb4c48de2c02504156f840dc2d1d9c1e0014179f8ce
Debian Security Advisory 2473-1
Posted May 16, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2473-1 - Tielei Wang discovered that OpenOffice.org does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2012-1149
SHA-256 | 68e370faf2beb6cdbf84c61722cf35114006eff0082075706e518107a0b26ec1
SiliSoftware phpThumb() 1.7.11 Cross Site Scripting
Posted May 16, 2012
Authored by LiquidWorm | Site zeroscience.mk

SiliSoftware phpThumb() version 1.7.11 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b0297f9e69c26f42d51c1e7aaaba6b1b125a76fa647dcd73ccf099f2fd2f43d6
FlashPeak SlimBrowser 6.0.1.38 Denial Of Service
Posted May 16, 2012
Authored by demonalex

FlashPeak SlimBrowser version 6.0.1.38 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | bec3ee10be31916a3a36ac078cec5caf93d30294833af00776ebe8c44bda9670
Drupal Aberdeen 6.x Cross Site Scripting
Posted May 16, 2012
Authored by Jakub Suchy, Premek Sumpela | Site drupal.org

Drupal Aberdeen third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | ee88888847b82bb8706b2dec511d766960874ac9ed9c858f867dbc4171cb1f72
Drupal Hostmaster 6.x Cross Site Scripting / Access Bypass
Posted May 16, 2012
Authored by STE Jones, Ivo Van Geertruyen | Site drupal.org

Drupal Hostmaster third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 7c02451f79ba6d4bfe66bd38a9d30bc0c21b9498c33fec40e740f123d695f5e5
Drupal Post Affiliate Pro 6.x Cross Site Scripting / Access Bypass
Posted May 16, 2012
Authored by Lee Rowlands | Site drupal.org

Drupal Post Affiliate Pro third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 24cfc303df362d58ad5a3d229f184bbbbe3f53d9a28d7441c2155d9f83548fec
OpenOffice.org vclmi.dll Integer Overflow
Posted May 16, 2012
Authored by TieLei Wang

A vulnerability is caused due to an integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. This can be exploited to cause a heap-based buffer overflow via, for example using a specially crafted JPEG object within a DOC file. OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to Apache OpenOffice 3.4. Users who are unable to upgrade immediately should be cautious when opening untrusted documents.

tags | advisory, overflow
advisories | CVE-2012-1149
SHA-256 | 9b9385109737f1c4e076d9b046209fed8fd0d8cc5001274e0f5a3f2bbb355d40
Linux Kernel HFS Plus Buffer Overflow
Posted May 16, 2012
Authored by Timo Warns | Site pre-cert.de

PRE-CERT Security Advisory - The Linux kernel contains a vulnerability in the driver for HFS plus file systems that may be exploited for code execution or privilege escalation. A specially-crafted HFS plus filesystem can cause a buffer overflow via the memcpy() call of hfs_bnode_read() (in fs/hfsplus/bnode.c).

tags | advisory, overflow, kernel, code execution
systems | linux
advisories | CVE-2012-2319
SHA-256 | 8a1ff866f8c109707f489791566f77bc54087a39904a2e9018d41836f35c9f85
SEC-T 2012 Call For Papers
Posted May 16, 2012
Site sec-t.org

The SEC-T 2012 Call For Papers has been announced. It will be held from September 13th through the 14th in Stockholm, Sweden.

tags | paper, conference
SHA-256 | 396756fabc238c4d83767b9e2075975da880c74bad443c78d42a7b5e737cbe3c
Apple Security Advisory 2012-05-15-1
Posted May 16, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-15-1 - QuickTime 7.7.2 is now available and addresses multiple security issues. Multiple stack overflows existed in QuickTime's handling of TeXML files. A heap overflow existed in QuickTime's handling of text tracks. A heap buffer overflow existed in the handling of H.264 encoded movie files. An uninitialized memory access issue existed in the handling of MP4 encoded files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001. Various other issues were also addressed.

tags | advisory, overflow
systems | apple, osx
advisories | CVE-2011-3458, CVE-2011-3459, CVE-2011-3460, CVE-2012-0265, CVE-2012-0658, CVE-2012-0659, CVE-2012-0660, CVE-2012-0661, CVE-2012-0663, CVE-2012-0664, CVE-2012-0665, CVE-2012-0666, CVE-2012-0667, CVE-2012-0668, CVE-2012-0669, CVE-2012-0670, CVE-2012-0671
SHA-256 | 57c27e1b2292d0b0350bc4e9a6a61eb501064eaa248f2cdb7fc88e7fb35ed920
Unijimpe Captcha Cross Site Scripting
Posted May 16, 2012
Authored by Daniel Godoy

Unijimpe Captcha suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c9ffa6f225a88c626b7fb1d77ea68e165963c1478a15e7002f9086141d811ccd
Drupal Smart Breadcrumb 6.x Cross Site Scripting
Posted May 16, 2012
Authored by coltrane | Site drupal.org

Drupal Smart Breadcrumb third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | efa13b22a802826add663af52ab799213ef8c7c5710a4d1d236b277a44d092b9
Drupal Advertisement 6.x Cross Site Scripting
Posted May 16, 2012
Authored by Andrew Berry | Site drupal.org

Drupal Advertisement third party module version 6.x suffers from cross site scripting and information disclosure vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
SHA-256 | 40c8ec8f9df7dad38b0ad224dba92d7d02b70026bf96f514a6175e20c372358f
Drupal Ubercart Product Keys 6.x Access Bypass
Posted May 16, 2012
Authored by Daniel Glucksman | Site drupal.org

Drupal Ubercart Product Keys third party module version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | 63170eba807768a010da595df4dddb13c2785adc91ef336d17dba438e6e4529e
Debian Security Advisory 2472-1
Posted May 16, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2472-1 - Dave Love discovered that users who are allowed to submit jobs to a Grid Engine installation can escalate their privileges to root because the environment is not properly sanitized before creating processes.

tags | advisory, root
systems | linux, debian
advisories | CVE-2012-0208
SHA-256 | fb5e1c809897c9f19723eac2b149d18e7bbd0d84cf8545cb5f93e9b78c5c44fb
Ubuntu Security Notice USN-1442-1
Posted May 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1442-1 - It was discovered that sudo incorrectly handled network masks when using Host and Host_List. A local user who is listed in sudoers may be allowed to run commands on unintended hosts when IPv4 network masks are used to grant access. A local attacker could exploit this to bypass intended access restrictions. Host and Host_List are not used in the default installation of Ubuntu.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2012-2337
SHA-256 | 4324b59d64b342a521a0980f0e685008be9a14f33f0173e24e06a2608c59a814
Gentoo Linux Security Advisory 201205-02
Posted May 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201205-2 - Multiple vulnerabilities have been found in ConnMan, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.0-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2320, CVE-2012-2321, CVE-2012-2322
SHA-256 | ed625e222ec8e2fd20bd7ee907062c3b0e92b9b05983eab68d6d8bdf497f1f1c
Secunia Security Advisory 48739
Posted May 16, 2012
Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ispLEVER Classic, which can be exploited by malicious people to compromise a user's system.

SHA-256 | 48c802d298509fcda8f15ef36b0b3b6c2ef7f668c8d07b800c62d59e30fa0bfb
Secunia Security Advisory 48739
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ispLEVER Classic, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 48c802d298509fcda8f15ef36b0b3b6c2ef7f668c8d07b800c62d59e30fa0bfb
Secunia Security Advisory 49203
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gnutls. This fixes some vulnerabilities, which can be exploited by malicious people to potentially cause a DoS (Denial of Service) in an application using the library and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | 17aa0133e7b523989c4d0996bbca9116436ed57e53c268768e8e1d8b9c34fb20
Secunia Security Advisory 49198
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | hpux
SHA-256 | 400b2d738e070f94ef3fca7538a5c1e2f5673488a2999e0c0897d5deb91b4076
Secunia Security Advisory 49130
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - gainover has discovered a vulnerability in JW Player, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 4f7c0a28e0e8a70a6eb582c6f1cfa65478ce1f72bd4999a46188485fb40cc357
Secunia Security Advisory 48924
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in 3DVIA Composer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | bea660ef1c11ddaadc4629a4f99666b5a7c49ef146ba237564b1370dcd3c7c3d
Secunia Security Advisory 48923
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in 3D XML Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 7936044c8f02e77cf0b42c885997b7e2ee7fae4d7049fc62f15ee500a141f638
Page 1 of 3
Back123Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close