what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2012-10-24

Microsoft Internet Explorer OnMove Use-After-Free
Posted Oct 24, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "onMove" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
MD5 | dbb1bfa19ce857cbab3ec135761bcf20
Microsoft Internet Explorer "scrollIntoView" Use-After-Free
Posted Oct 24, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "scrollIntoView" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.

tags | exploit, remote, web, arbitrary
systems | windows
MD5 | 88d102b2449e1604440d9e12d3083784
VaM Shop 1.69 Cross Site Scripting / SQL Injection
Posted Oct 24, 2012
Authored by Security Effect

VaM Shop version 1.69 suffers from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 58d72b2d642f2c82c735b3bb809fbbc9
Microsoft Office Picture Manager 2010 Memory Corruption
Posted Oct 24, 2012
Authored by coolkaveh

Microsoft Office Picture Manager 2010 suffers from a memory corruption vulnerability. Proof of concept exploit included.

tags | exploit, proof of concept
systems | windows
MD5 | ce9e7e4db833f644021256254862439a
Debian Security Advisory 2564-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2564-1 - gpernot discovered that Tinyproxy, a HTTP proxy, is vulnerable to a denial of service by remote attackers by sending crafted request headers.

tags | advisory, remote, web, denial of service
systems | linux, debian
advisories | CVE-2012-3505
MD5 | f410cdd9cddf977f2b73007dbc485b2f
Debian Security Advisory 2563-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2563-1 - Several vulnerabilities were found in ViewVC, a web interface for CVS and Subversion repositories.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2009-5024, CVE-2012-3356, CVE-2012-3357, CVE-2012-4533
MD5 | 6296edbcd82061bfa699ee96be9b3191
Debian Security Advisory 2562-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2562-1 - cups-pk-helper, a PolicyKit helper to configure cups with fine-grained privileges, wraps CUPS function calls in an insecure way. This could lead to uploading sensitive data to a cups resource, or overwriting specific files with the content of a cups resource. The user would have to explicitly approve the action.

tags | advisory
systems | linux, debian
advisories | CVE-2012-4510
MD5 | 4bc0ba9bd30fdc950a25e5b6504a07d7
360-FAAR Firewall Analysis Audit And Repair 0.3.3
Posted Oct 24, 2012
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release adds nat capabilities to the Cisco ASA reader. 'static' nat IP IP NM and access-list statements are now added the internal nats table and policy nat rules are identified. Some of the annoying "undefined" variable warnings have been resolved. Various other updates.
tags | tool, perl
systems | unix
MD5 | 8f172bbdc58dfd2dcb2bc49835b8a217
HP Security Bulletin HPSBHF02819 SSRT100920
Posted Oct 24, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02819 SSRT100920 - Potential security vulnerabilities have been identified with HP, 3COM, and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2012-3268
MD5 | 0915ce2a2c8d6d3094c4b8083307c8d2
Facing Facts - FCC Whitepaper
Posted Oct 24, 2012
Authored by FTC Staff | Site ftc.gov

Whitepaper called Facing Facts - Best Practices for Common Uses of Facial Recognition Technologies.

tags | paper
MD5 | 523e33e91c9c21574944447ffe249acb
Apple QuickTime Player 7.7.2 Crash
Posted Oct 24, 2012
Authored by coolkaveh

Apple QuickTime Player version 7.7.2 division by zero crash proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | apple
MD5 | bf1b225db954668046727e2dd7ef9774
Microsoft Office Word 2012 Stack Overflow
Posted Oct 24, 2012
Authored by coolkaveh

Microsoft Office Word 2010 stack overflow / resource exhaustion proof of concept crash exploit.

tags | exploit, overflow, proof of concept
systems | windows
MD5 | c2ca878a956ba63bed63e638ec2fe8ba
Debian Security Advisory 2565-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2565-1 - Multiple vulnerabilities have been discovered in Iceweasel, Debian's version of the Mozilla Firefox web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2012-3982, CVE-2012-3986, CVE-2012-3990, CVE-2012-3991, CVE-2012-4179, CVE-2012-4180, CVE-2012-4182, CVE-2012-4186, CVE-2012-4188
MD5 | 7349ebaa10bd737230ba26d6beaacfa6
Ubuntu Security Notice USN-1615-1
Posted Oct 24, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1615-1 - It was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. This issue only affected Ubuntu 11.04 and 11.10. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, local, python
systems | linux, ubuntu
advisories | CVE-2011-4944, CVE-2012-0845, CVE-2012-1150, CVE-2012-2135, CVE-2011-4944, CVE-2012-0845, CVE-2012-1150, CVE-2012-2135
MD5 | a4f36fce7fd68ed4bdffd995a04733ba
Red Hat Security Advisory 2012-1401-01
Posted Oct 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1401-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw was found in the way socket buffers requiring TSO were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux, redhat
advisories | CVE-2012-3412
MD5 | d6ae1be775c7919eebf61692ffe0a7d7
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close