exploit the possibilities
Showing 1 - 25 of 39 RSS Feed

Files Date: 2012-09-11

Microsoft Security Bulletin Summary For September 2012
Posted Sep 11, 2012
Site microsoft.com

This bulletin summary lists 2 released Microsoft security bulletins for September, 2012.

tags | advisory
SHA-256 | b37c73b574740d8905d7df57178229e7e05094fdfc405aaca379cf4a69316b23
Mozilla Firefox nsHTMLEditRules Remote Use-After-Free
Posted Sep 11, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error in the "setUserData()" method within the "nsHTMLEditRules" class, which could allow remote attackers execute arbitrary code via a specially crafted web page. Products affected include Mozilla Firefox versions prior to 15, Mozilla Firefox ESR versions prior to 10.0.7, Mozilla Thunderbird versions prior to 15, Mozilla Thunderbird ESR versions prior to 10.0.7, and Mozilla SeaMonkey versions prior to 2.12.

tags | advisory, remote, web, arbitrary
advisories | CVE-2012-3958
SHA-256 | b959bb054b031b5fb76ff256d6ea33e667b137e39e0b15d5f9ad08cc17dd93af
Microsoft Windows Common Controls MSCOMCTL.OCX Use-After-Free
Posted Sep 11, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft products. The vulnerability is caused by a use-after-free error in the "TabStrip" Control within the "MSCOMCTL.OCX" component, which could allow remote attackers execute arbitrary code via a specially crafted web page or malicious Office document. A large amount of products are affected.

tags | advisory, remote, web, arbitrary
advisories | CVE-2012-1856
SHA-256 | 83d4ac95b7df6d9d0e21446d37657b74bd6349ccb853b935fd08488698d5329f
Adobe Flash Player Matrix3D Integer Overflow Code Execution
Posted Sep 11, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an integer overflow error in the "copyRawDataTo()" method within the "Matrix3D" class when processing malformed arguments, which could allow remote attackers execute arbitrary code via a specially crafted web page. Adobe Flash Player versions 11.3.300.271 and prior are affected.

tags | advisory, remote, web, overflow, arbitrary
SHA-256 | d2ffa29681b8fc88e5a88e349eabd789a616bded95aa6af9e69538a75b01138c
Subrion CMS 2.2.1 Cross Site Scripting
Posted Sep 11, 2012
Authored by LiquidWorm | Site zeroscience.mk

Subrion CMS version 2.2.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 71aa556707546212a6d4ed18794a6e021c18c65c8fdf27d058c7c52dbd76147e
Subrion CMS 2.2.1 Cross Site Request Forgery
Posted Sep 11, 2012
Authored by LiquidWorm | Site zeroscience.mk

Subrion CMS version 2.2.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 8af87e791ee1c2ad086a56411f33adf74456599c5da8043cb2938341e5458e9e
RSA BSAFE SSL-C 2.8.6 BEAST / Buffer Overflow Fixes
Posted Sep 11, 2012
Site emc.com

RSA BSAFE SSL-C version 2.8.6 contains fixes designed to prevent BEAST attacks and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
advisories | CVE-2011-3389, CVE-2012-2131, CVE-2012-2110
SHA-256 | 07866ead31523b9bb7ab72641a09d85bba54b75eb00d3fb5390de3d35846dc0e
IBM Java Security Vulnerabilities
Posted Sep 11, 2012
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations discovered multiple security vulnerabilities in IBM SDK, Java Technology Edition software. This is IBM's implementation of Java SE technology for AIX, Linux, z/OS and IBMi platforms. Among a total of 17 security weaknesses found, there are issues that can lead to the complete compromise of a target IBM Java environment.

tags | advisory, java, vulnerability
systems | linux, aix
SHA-256 | 867ac9eef17a67029d0c83a32794fd6f14dae99bbb8a7705e718b79b7bd50592
Red Hat Security Advisory 2012-1255-01
Posted Sep 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1255-01 - The libexif packages provide an Exchangeable image file format library. Exif allows metadata to be added to and read from certain types of image files. Multiple flaws were found in the way libexif processed Exif tags. An attacker could create a specially-crafted image file that, when opened in an application linked against libexif, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841
SHA-256 | 950eef62427ecffcf4434bea906d1443d0484f2902205545590132231c5202eb
Red Hat Security Advisory 2012-1256-01
Posted Sep 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1256-01 - Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures and an interpreter for Portable Document Format files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library. An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4405
SHA-256 | e992fb046a4ff2889ed6c6092055f9db6deaf8f238ece7cd352e50ae3b1a0446
Ubuntu Security Notice USN-1548-2
Posted Sep 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1548-2 - USN-1548-1 fixed vulnerabilities in Firefox. The new package caused a regression in Private Browsing which could leak sites visited to the browser cache. This update fixes the problem. Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered multiple use-after-free vulnerabilities. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-1956, CVE-2012-3965, CVE-2012-3966, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3973, CVE-2012-3975, CVE-2012-3976, CVE-2012-3978, CVE-2012-3980
SHA-256 | dfaba959f6502b040fab156a51640bd5873540cd3fb41bf5a80683ee08d50f11
Ezylog Photovoltaic Management SQL Injection / Command Injection
Posted Sep 11, 2012
Authored by Roberto Paleari, Ivan Speziale

Ezylog Photovoltaic Management Server suffers from remote SQL injection, broken session management, hard-coded credential, and command injection vulnerabilities. The vendor has ignored the researcher.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | c08de71fe982a59f6dfe14d76d8893338a491e1cf4c84021950bc3a71f354cac
SiteGo Remote File Inclusion
Posted Sep 11, 2012
Authored by L0n3ly-H34rT

SiteGo suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c797879792ae8c7301e769c55cd13c98f92f854719dec1a9a9bece53c0598d6c
Wordpress Download Monitor 3.3.5.7 Cross Site Scripting
Posted Sep 11, 2012
Authored by Joseph Sheridan, Chris Cooper | Site reactionpenetrationtesting.co.uk

Wordpress Download Monitor version 3.3.5.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-4768
SHA-256 | 62a3d6dc277efb88b7649f9126607e4ef62d62c1c19ec0fb2fabddcef3b89547
RSA BSAFE Micro Edition Suite Security Update for BEAST Attacks
Posted Sep 11, 2012
Site emc.com

RSA BSAFE Micro Edition Suite contains updates designed to prevent BEAST attacks. There is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important. The BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time.

tags | advisory
advisories | CVE-2011-3389
SHA-256 | 4e56495de2b69ef7d68078731b4a833e5b7e7e1fcf37eae6b23402acdfe8f530
Openfiler 2.x NetworkCard Command Execution
Posted Sep 11, 2012
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a vulnerability in Openfiler version 2.x which could be abused to allow authenticated users to execute arbitrary code under the context of the 'openfiler' user. The 'system.html' file uses user controlled data from the 'device' parameter to create a new 'NetworkCard' object. The class constructor in 'network.inc' calls exec() with the supplied data. The 'openfiler' user may 'sudo /bin/bash' without providing a system password.

tags | exploit, arbitrary, bash
SHA-256 | ef6788fdc2bbdb21b278fd22582c6c12fb18b12cc2341fe8561207bf69d634a8
WAN Emulator 2.3 Command Execution
Posted Sep 11, 2012
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a command execution vulnerability in WAN Emulator version 2.3 which can be abused to allow unauthenticated users to execute arbitrary commands under the context of the 'www-data' user. The 'result.php' script calls shell_exec() with user controlled data from the 'pc' parameter. This Metasploit module also exploits a command execution vulnerability to gain root privileges. The 'dosu' binary is suid 'root' and vulnerable to command execution in argument one.

tags | exploit, arbitrary, root, php
SHA-256 | 1fb42426dc819635f534f9d0dfa8faeb1296d0151e8ddec91cb563bd1c4e5011
Winamp MAKI Buffer Overflow
Posted Sep 11, 2012
Authored by juan vazquez, Monica Sojeong Hong | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow in Winamp 5.55. The flaw exists in the gen_ff.dll and occurs while parsing a specially crafted MAKI file, where memmove is used with in a insecure way with user controlled data. To exploit the vulnerability the attacker must convince the attacker to install the generated mcvcore.maki file in the "scripts" directory of the default "Bento" skin, or generate a new skin using the crafted mcvcore.maki file. The module has been tested successfully on Windows XP SP3 and Windows 7 SP1.

tags | exploit, overflow
systems | windows
advisories | CVE-2009-1831, OSVDB-54902
SHA-256 | 5adb71bf40d8f22c0a8d648e7bf1a6e8306425ec34b9602f5ae6bdf26e12970b
Secunia Security Advisory 50523
Posted Sep 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ColdFusion, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | f3071207e7f8e86e85d6f2836a32c0cc0b5f4b33bce46970540f89454d37d3f9
Secunia Security Advisory 50511
Posted Sep 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Reaction Information Security has discovered a vulnerability in the Download Monitor plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 12303c97b0425864a9e60b3c2c40d0491533bad148beb92d0cf2f8161f04cfba
Secunia Security Advisory 50463
Posted Sep 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Visual Studio Team Foundation Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 21f35933183e0919284e7319ce1384c80b84a5bf9f19906551110896554a5825
Secunia Security Advisory 50497
Posted Sep 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in System Center Configuration Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 34c5a266f839f4c1566b598db39d95e8d5b5f2b2bcebb64f00598909c6547a97
ANTEMENE SQL Injection
Posted Sep 11, 2012
Authored by TUNISIAN CYBER

ANTEMENE suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | c3e7b70af7b0947686b188fd14292ff4d33683e0fceaedbbd8ac149bee6b305e
FBDj Stats SQL Injection
Posted Sep 11, 2012
Authored by TUNISIAN CYBER

FBDj Stats suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 861a7c32cf329f736c93f97b2e4990dc1dc0bb799232aff5a7865a1c87005cc7
Secunia Security Advisory 50564
Posted Sep 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for gimp. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 7a0165da3bb779e6447f8a361eb19ce169d01c886e018f048150cf7031604480
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close