Endonesia 8.5 CMS publisher module suffers from a remote SQL injection vulnerability.
2b7945c56a8f9846517260ec379412697319a8da8f902141f87eb1058681b581squidGuard version 1.4 may suffer from a denial of service vulnerability when fed a long URL.
fc2b35ea47586fba7304892ac8282bfcbf545aead94d1ecb4627ea55270709b0Winlog Lite SCADA HMI system version 2.06.17 suffers from a SEH overwrite vulnerability.
65763c2d8beef5f0757ae8cb84213f5458a558619a807c7ffc08f54e8de3a0d9YourOnlineAgents CMS suffers from a remote blind SQL injection vulnerability.
6e4aaf2fcf81a9aefc84e43c1f9c90e1b7bfd1cc5114b7b861c96dc50dc8a7e9This is a rudimentary runtracer for Windows 7 on x86 (ASLR resilient).
0c338f0abacb1298c6e3159ef4e1383419cd701b04ef15d5434f37c70994813aiSolution CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
1a08a1a12a801bc316f73078633539d6a650fbcb8bc90023cfe06640eece4665Disqus Blog Comments suffers from a remote SQL injection vulnerability.
d153d27a4a6e5a7b4b64cb53d6872723f2de5a385ce4b520ca8623a249712a95WordPress HD Webplayer version 1.1 suffers from a remote SQL injection vulnerability.
794f8fb3c3303c1fd8753b97a7fade46db699ff0285978b9dae1170f973058adMandriva Linux Security Advisory 2012-147 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. Security researcher Abhishek Arya of Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution. Security researcher Mariusz Mlynski reported that it is possible to shadow the location object using Object.defineProperty. This could be used to confuse the current location to plugins, allowing for possible cross-site scripting attacks. Various other vulnerabilities were also addressed.
ac842d060e5a71fbd19379a59603aad1eb68341ea634c795cd15a6abd94be521Zero Day Initiative Advisory 12-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WxSuperCtrl650.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files inside arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.
6aa38dcf56266cca5031793e281cb153a6a3cbeed54f22bddc1b5e8754cbf960Zero Day Initiative Advisory 12-181 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins as well as the Microsoft Windows spooler service. When handling certain requests the client-file-name parameter is improperly copied to a local stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM.
8979b4441be91dc89370ce5a0c381bc13ea650e7ac616526aaef1318d9a9dff3Zero Day Initiative Advisory 12-180 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Admin Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ISGrid.dll ActiveX control. The process performs insufficient bounds checking on user-supplied data passed in the DoFindReplace() method which results in heap corruption. This vulnerability can be leveraged to execute code under the context of the process.
6cda57ac5d2dddf4b3b0a51b759fbd94b82e7766e18694fd0cc41e25bf65aec3Zero Day Initiative Advisory 12-179 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AEXView.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files in arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.
a7465b5401eae09d86f86686525c56e6d712583245d647f15ff28395259f58e1Zero Day Initiative Advisory 12-178 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is update() which allows an unauthenticated user to update the admin credentials. This can lead to remote code execution under the context of the current process.
a7d7cad7879c61819dbc94f08be01be1e8d0afbc314b1e6219a955b923aa173fZero Day Initiative Advisory 12-177 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is loadFileContent() which will return the content of any local file on the server including the configuration files containing password information. This can lead to remote code execution under the context of the current process.
a981f2b2198bcd2e57cbfd68417c9cbccf607abda086d08e670d5451e2b885dbZero Day Initiative Advisory 12-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is getFileInternal() which will return the content of any local file on the server including the configuration files containing password information. This can lead to remote code execution under the context of the current process.
70a89850ac9dc1cd883c181aae929ff4a71d499727264d2562593c361f329253Zero Day Initiative Advisory 12-175 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is create() which allows unauthenticated user to create a new user account for the service. This account has access to an DownloadFilesHandler which contains a flaw that allows you to download any file from the server including the server configuration files that contains the admin credentials. This can lead to remote code execution under the context of the current process.
63c7d0cb64b93026d854c51c9d224b782e10faf19f32dc134c2e2f728d9539c3Zero Day Initiative Advisory 12-174 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw is a directory traversal in the UploadFilesHandler url that allows you to upload files to the server into a directory on the server that allows for scripting. This vulnerability could lead to remote code execution under the context of the current process.
4ee84abc0ed60faa0ef4eaf23e562588e583a3ba9fdbd25999ffb6342ecf1e64Zero Day Initiative Advisory 12-173 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is getSiteScopeConfiguration() which will return the current configuration of the server including the administrator login and password information. A remote attacker could abuse this vulnerability to login to SiteScope with administrative privileges then execute arbitrary code through the underlying functionality.
3664679a0798fdfd213eb09c398b686510ec5256a83ac88387b3ba49d44830c2Zero Day Initiative Advisory 12-172 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Operations Orchestration. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RSScheduler service JDBC component of Operations Orchestra which listens by default on TCP port 9001. The component is vulnerable to SQL injection attacks. Remote, unauthenticated attackers can exploit this vulnerability by injecting malicious SQL into the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.
2e6296934e9eb31a41004fb77a403dabf9b037e9f8ff4edde0c15edcccb89a28Zero Day Initiative Advisory 12-171 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the uam.exe component which listens by default on UDP port 1811. When logging received actions to a log file, sprintf is used to build the log message. The process does not properly verify the destination buffer on the stack is of sufficient size to handle the newly created string. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
72b76f5f036df5670bf0135032f957301d5d812167752414d6bc378a702e8dc4Zero Day Initiative Advisory 12-170 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Application Lifecycle Management. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XGO.ocx ActiveX control. The control exposed two vulnerable functions: 'SetShapeNodeType', which is vulnerable to a type confusion allowing user specified memory to be used as an object; and 'CopyToFile' which allows an attacker to create and overwrite files on the system of the user invoking the control. The attacker can utilize these vulnerabilities to execute remote code under the context of the process.
d3c9828441c320ddd3cc9e187105d893074559a023cf494f12db26998b203caeZero Day Initiative Advisory 12-169 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy Historian. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the KeyHelp.ocx ActiveX control. The control contains a LaunchTriPane function that allows launching of the HTML Help executable (hh.exe) with customized command line parameters. By using the -decompile switch, an attacker can specify the folder to decompile to and a UNC path to a specially crafted .chm file. The attacker can utilize this vulnerability to execute remote code under the context of the process.
1d9cc5e9c9e4b44c3492912b95ec7b4338a90ddb678216b44fd28eec565c9802Zero Day Initiative Advisory 12-168 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ISSymbol.ocx ActiveX component. The process performs insufficient bounds checking on user-supplied data passed in as the 'InternationalSeparator' parameter which results in a heap overflow. This vulnerability can be leveraged to execute code under the context of the user running the browser.
d3906c04c1551295a1d49431e04af6182300549f596f348f989e9e3ea751e535Zero Day Initiative Advisory 12-167 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within NFRAgent.exe which communicates with the Agent component over HTTPS on TCP port 3037. When parsing tags inside the VOL element, the process performs insufficient bounds checking on user-supplied data prior to copying it into a fixed-length buffer on the stack. This vulnerability can result in remote code execution under the context of the SYSTEM account.
69ef2ff5d98292fa291bf2211351fecf6a6b0eb8a1a5ff2d20882a59592c9bb3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed