what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2012-10-04

JPEGsnoop 1.5.2 Code Execution
Posted Oct 4, 2012
Authored by Jean Pereira

JPEGsnoop version 1.5.2 suffers from a WriteAV arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
SHA-256 | a106a4b486db7909dcbee3661ab4941a5788b191b8246f580eb52671715d140f
Ogg DirectShow Vulnerable Libraries
Posted Oct 4, 2012
Authored by Stefan Kanthak

Ogg DirectShow filters are distributed and installed with vulnerable MSVC++ 2008 runtime libraries.

tags | advisory
SHA-256 | b06efefa49fe4a839ba260c3501c2c5e9f23dfff7b6ac56b0a3f398118641d05
phpMyChat Plus 1.94 RC1 LFI / XSS / RFI / SQL Injection
Posted Oct 4, 2012
Authored by L0n3ly-H34rT

phpMyChat Plus version 1.94 RC1 suffers from cross site scripting, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, xss, sql injection, file inclusion
SHA-256 | d9626844cb02819f221ed1ea5a274e573e77484d4acae3b0ffe3b8d801141449
Cyme ChartFX Client Server Array Indexing
Posted Oct 4, 2012
Authored by Francis Provencher

Cyme ChartFX client server suffers from a vulnerability that is caused due to an indexing error in the "ShowPropertiesDialog()" method (ChartFX.ClientServer.Core.dll) of the ChartFX ActiveX Control. This can be exploited to write a single byte value to an arbitrary memory location via the "pageNumber" parameter. Successful exploitation may allow execution of arbitrary code.

tags | exploit, arbitrary, activex
SHA-256 | 5710bd2cdef00b1beebd3eb5db71e3e75a63f51295473d4c9d8eb9549ef60db6
Secunia Security Advisory 50861
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in HP Network Node Manager i, which can be exploited by malicious people to disclose certain sensitive information.

tags | advisory
SHA-256 | 1dced3b4b67d49f7c69eb9653866e06e0882bdae852c5840da317437e685ef78
Secunia Security Advisory 50865
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ibrahim M. El-Sayed has reported some vulnerabilities in OSSIM, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 441cc0588db4e3e28728d30db8fed8ef8cc78fff52f613c94a7a398326ffaa2a
Secunia Security Advisory 50859
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Apple OS X Server, which can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, vulnerability
systems | apple, osx
SHA-256 | 6f9f37fcf8c287dfc0efdbddef018fb6120447ed6a2f762614c9671d8f041911
Secunia Security Advisory 50802
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Commerce extra panes module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 0547df3ce7b43b0a02c636f1ee08502a4437ae3f0e96099780494ae0dd0f854b
Secunia Security Advisory 50792
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ibrahim El-Sayed has reported two vulnerabilities in Omnistar Mailer, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 5c4d95a255f82315fd6b89a2a0139a31e28ede841c78ed47a37af8b9c763d71a
Secunia Security Advisory 50852
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - McAfee has acknowledged a vulnerability in McAfee Firewall Enterprise, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 261c15f53198d9718eea56e6516ff1d037383ce45eabf22bcf7ac18fa1a07919
Secunia Security Advisory 50803
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge has discovered two vulnerabilities in Template CMS, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
SHA-256 | fbba16a8bba496a81219c8c7c6f6d1305146049374000f15d826abda28783c84
Secunia Security Advisory 50841
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the MijoFTP component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | c5d2f5d88ab96c45973a851df2f6c46cfa1c84766d2fe225b79a5e3f7fae8f00
Secunia Security Advisory 50863
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Operations Network. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | bef65c8219ccbe6941009492eba8b7d28c51b66930ead160a4e6e9bb378d1d7a
Secunia Security Advisory 50825
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Reaction Information Security has discovered a vulnerability in XnView, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 07738acdfdc3dd5f6bcea902bfa1fdd4e07607e6b9bd68c1a01d87002fb1fdc3
Secunia Security Advisory 50846
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | 2a9d819cb88d74ec9e0ba8c303d461aa11f2ef57ec533119ce890fa2df0a6bf8
Secunia Security Advisory 50790
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Linux Kernel, which can be exploited by malicious, local users to disclose system information and cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
SHA-256 | 776c9cd0da49fd97fab27ebf8c3ec4f9859cd0019828321634cd732913fd32ae
Secunia Security Advisory 50812
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in Spider Calendar plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | da85f412d5fc6bdb16e226f45256c0f0b60a5cbb258d24c75dacd3aa531ee5a0
Secunia Security Advisory 50799
Posted Oct 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Scott Herbert has discovered a vulnerability in Zenphoto, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2ebf189822f6dd50256e8429d05cbb0218aa8f751c8a2281364984a2a0e83f64
InduSoft Web Studio Arbitrary Upload Remote Code Execution
Posted Oct 4, 2012
Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a lack of authentication and authorization on the InduSoft Web Studio Remote Agent, that allows a remote attacker to write arbitrary files to the filesystem, by abusing the functions provided by the software. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of InduSoft Web Studio on Windows pre Vista. It has been successfully tested on InduSoft Web Studio 6.1 SP6 over Windows XP SP3 and Windows 2003 SP2.

tags | exploit, remote, web, arbitrary
systems | windows
advisories | CVE-2011-4051, OSVDB-77179
SHA-256 | 3fdafb054398a32fb8b23fd92f9caabbc9e00bce705897aaeb32c9f0b57d9a2a
RFIDIOt Python Library For RFID Readers 1.0d
Posted Oct 4, 2012
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).

Changes: Detection of more ACS readers and a bug fix.
tags | tool, python, wireless
systems | linux
SHA-256 | 09c73cb29fda1b5a15f58a65deceecfdca1eeff82b18873bdec2879f8aacc9a2
HP Security Bulletin HPSBMU02817 SSRT100950
Posted Oct 4, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02817 SSRT100950 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows, solaris, hpux
advisories | CVE-2012-3267
SHA-256 | e9d4821f4ceaf1020b29d4d16d5b74369c66f4c26aeda5c8fae454140856e46c
WordPress Remote Command Execution
Posted Oct 4, 2012
Authored by Nafsh

WordPress may suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 3ddeffcccbff53b5e13af69c322ebfd90f4169d91e4e3de98ef09a1c11e26077
Oracle Identity Management 10g Cross Site Scripting
Posted Oct 4, 2012
Authored by LiquidWorm | Site zeroscience.mk

Oracle Identity Management suffers from a reflected cross site scripting POST injection vulnerability when parsing user input to the 'username' parameter via POST method thru '/usermanagement/forgotpassword/index.jsp' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session. Version 10.1.4.0.1 is affected.

tags | exploit, arbitrary, xss
SHA-256 | 11ad165297c46531c1bd989c2c880dd5e46fce591848aa84984ee7c5353bca88
Mandriva Linux Security Advisory 2012-159
Posted Oct 4, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-159 - Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long not after timestamp in a client certificate. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-3547
SHA-256 | 4bd0e5c1e1f4bac97382e07b834a7234e367cc73c4575ca442fe2b2cdbffc204
Mandriva Linux Security Advisory 2012-158
Posted Oct 4, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-158 - Multiple integer overflows in the calloc functions in malloc.c, and the GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected. The updated packages have been patched to correct this issue.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-2673
SHA-256 | 88b0f00c58533372ad08311ae93c93dc5a627ff295fd192460b3e451c48ae741
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close