This paper describes a pre-auth server-side NULL pointer dereference vulnerability in Call Of Duty: Modern Warfare 3, which is due to an issue related to the DemonWare6 query packets. This vulnerability can be exploited to perform Denial of Service (DoS) attacks against game servers.
1db66d6df1c094eebc40c0809e56c80069be073ae8a823feafea42632a3104daMYREphp Business Directory suffers from cross site scripting and remote SQL injection vulnerabilities.
70cd134c606c7842572913c8c656a1d3cc1d019a4b524b4cadff9d468705d834MYREphp Vacation Rental suffers from cross site scripting and remote SQL injection vulnerabilities.
9bccf8f7c5e08e2baf602e08cb0c1a1e04e78dad4bb5f371893e40e7a2a40d03An overflow error occurs in GroupWise Internet Agent (gwia.exe) when the LDAP service process receives an overly long BIND Request. Successful exploitation may allow execution of arbitrary code. Versions 8.0.2 HP3 and 2012 are affected. Proof of concept code included.
98eedb4ebf1ead9211c4ee8e6803edef89885b9d7e3884dac106b273c25e0aa7Red Hat Security Advisory 2012-1462-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server.
5f398683edce7f8a999f522eb98482c0dae03eec8c5dde0cb44a10f92d46f1a2Red Hat Security Advisory 2012-1461-01 - libproxy is a library that handles all the details of proxy configuration. A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if the proxy settings obtained by libproxy instructed the use of a PAC proxy configuration. This issue was discovered by the Red Hat Security Response Team.
5c7f16dcfba2cf4f5658219235c4db10c46995052fe4628b13d2eb4b3926396aUser Read-only is a module that allows an administrator to prevent modification of user account/profile fields. The administrator can select which fields will allow or disallow editing. The module can mistakenly assign roles when performing unrelated operations against a user's account such as changing a password. The vulnerability is particular to certain combinations of configuration and the number of roles available on the site (more than 3). Versions 6.x and 7.x are affected.
b3749a2a23d2b7fd7294c23b8dd2d592e5e18f599d2de3409510bb3d095036e0Hakin 9's site at hakin9.org suffers from a reflective cross site scripting vulnerability.
602acb060b692832543b8ccb757cf8167a9aa76366afe8f80834c55dd3bdc93cSecunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in the WP-Filebase Download Manager plugin for WordPress.
0fbaa963c0145bc98e102fbe7520a09a607ae1a2b5275015ac9512011dd49525Secunia Security Advisory - A security issue and multiple vulnerabilities have been reported in Bugzilla, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting and script insertion attacks.
60968149970364fe5ad11c1e8d0a92765ca7f45cf076c386c2a406b15faa832eSecunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM WebSphere Real Time, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
8f37f85ef7365c28e2659655aace9ff49e9367c549f39d65d1ff64fb739e7601Secunia Security Advisory - Vulnerability Lab has reported two vulnerabilities in ManageEngine Exchange Reporter Plus, which can be exploited by malicious people to conduct cross-site scripting attacks.
bbb45041e019a4a80ac77bd3f6687a244563ede9627c579f935e4275d5abf94aSecunia Security Advisory - Zhao Liang has discovered a vulnerability in the DX-Contribute plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.
64bd625181399c48e42421fa8bb05dc3f4a9cebfc070dea8061f0e386881ea16Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
125080725cdf7737d0918e4e855d34ba11fd36b7c28a18b1df6a953cfed99ccaSecunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Amazon Associate plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
7ce8279549ae25493b3cd4282fc4fcc1dfeac3a15af6b98f3768a47b8353b56bSecunia Security Advisory - Multiple vulnerabilities with unknown impacts have been reported in Moodle.
57363d43d03cf581db9e433ce93588ac3b92e04f729df42c4af88913479684b7Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
133a84caa9b8b2c0a952a9081e51e7a3997f2d88442b7837a0d61e0787fb8242Secunia Security Advisory - A vulnerability has been discovered in the NextGEN Gallery plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
f79c302642a91faab5f9dc73a42dd5b54bc090f7571cc9db4adbf7b6676a8330Secunia Security Advisory - Vulnerability lab has reported multiple vulnerabilities in idev-Rentals, which can be exploited by malicious users to conduct script insertion attacks.
0a80ad8c5f21b168247ab3b3c0f4849c1351d8037624a1b67974cdda0c178b05Secunia Security Advisory - A vulnerability has been discovered in the Advanced Custom Fields plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
0dc083b1957d752853453fe66877998ca95d5dd5fd0e1d19a44316a7ef9aaf0eSecunia Security Advisory - ERPScan has reported two vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
f87af42cf87954cc53be807cac8cea266cce8c62f640783f081e82fb87a693ccSecunia Security Advisory - Charlie Eriksen has discovered two vulnerabilities in the Buddystream plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
6e6f7f662eea6f8316dc2954e4a3832b3b87a5787b0e0232a27ea9b52d3dea35OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
a595ccb79a807db713d0364b4ad6f158655353dbf3a3bacfe284daa53d506232afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
d848542c2832eaa78bdd6919fdbd7f4f023b16fb5bd5f2d82d6e273f19097ba1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed