exploit the possibilities
Showing 1 - 25 of 40 RSS Feed

Files Date: 2012-11-20

Red Hat Security Advisory 2012-1482-01
Posted Nov 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1482-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A buffer overflow flaw was found in the way Firefox handled GIF images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4201, CVE-2012-4202, CVE-2012-4207, CVE-2012-4209, CVE-2012-4210, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5841, CVE-2012-5842
MD5 | 9ad344a5e6cecc86013df95120983154
Red Hat Security Advisory 2012-1483-01
Posted Nov 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1483-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A buffer overflow flaw was found in the way Thunderbird handled GIF images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4201, CVE-2012-4202, CVE-2012-4207, CVE-2012-4209, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5841, CVE-2012-5842
MD5 | e6e2a581e312b096e55fe25c42aa639a
Red Hat Security Advisory 2012-1481-01
Posted Nov 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1481-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-2313
MD5 | 2b362c15a6012869f47613806a5222c4
Adobe Reader 10.1.4 Memory Corruption
Posted Nov 20, 2012
Authored by coolkaveh

Adobe Reader version 10.1.4 suffers from a WriteAV memory corruption vulnerability.

tags | exploit
systems | linux
MD5 | e7440dadaa5d48ee1b93787459752665
WordPress Facebook Survey SQL Injection
Posted Nov 20, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

WordPress Facebook Survey third party plugin version 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 14cf79e97b97ce33996d318f57b41f3d
TP-LINK TL-WR841N 3.13.9 Cross Site Scripting
Posted Nov 20, 2012
Authored by Matan Azugi

TP-LINK TL-WR841N versions 3.13.9 Build 120201 Rel.54965n and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-6316
MD5 | d8fc78be58ec4880040846eaa1c11862
Webthinkers Cross Site Scripting / SQL Injection
Posted Nov 20, 2012
Authored by Ur0b0r0x

Sites designed by Webthinkers suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 83274e440c7cc206619f8ee849440ba0
Diseno Internet Cross Site Scripting / SQL Injection
Posted Nov 20, 2012
Authored by Ur0b0r0x

Sites design by Diseno Internet Chile suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 750b8a097e20de72ec54959d977c4662
Base Solida Cross Site Scripting / SQL Injection
Posted Nov 20, 2012
Authored by Ur0b0r0x

Sites design by Base Solida suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | d4fa53f24c8af5bd2560b0a55580e0db
SonicWALL CDP 5040 6.x Cross Site Scripting
Posted Nov 20, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

SonicWALL CDP 5040 version 6.x suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | fd4ac6ab3ab19e1786406ff9cb09c32c
WordPress FireStorm Real Estate 2.06.08 SQL Injection
Posted Nov 20, 2012
Authored by B00B5

WordPress FireStorm Real Estate third party plugin version 2.06.08 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 00c61d408fa92142aa2b8a4b18e58c18
Apple QuickTime 7.7.2 Buffer Overflow
Posted Nov 20, 2012
Authored by Senator of Pirates

Apple QuickTime versions 7.7.2 and below suffer from a buffer overflow vulnerability in the handling of TGA files.

tags | exploit, overflow
systems | linux, apple
advisories | CVE-2012-3755
MD5 | 51f56b54b835a34829b063a182ff0806
FormatFactory 3.0.1 Buffer Overflow
Posted Nov 20, 2012
Authored by Julien Ahrens

FormatFactory versions 3.0.1 and below suffer from a profile file handling buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 6d4816b16c9b7258503608b50464682c
Penske Media Corporation Cross Site Scripting
Posted Nov 20, 2012
Authored by Janne Ahlberg

Various Penske Media Corporation sites such as variety.com, la411.com, newyork411.com, and deadline.com all suffer from reflective cross site scripting vulnerabilities. Note that this finding houses site-specific data. Editor's note 01/04/2013: Per the advisory author, the issues have been resolved in all sites listed and Penske Media have addressed the issue.

tags | exploit, vulnerability, xss
MD5 | d40c218999b62a9c8d04b9c051081ec7
HP Security Bulletin HPSBHF02821 SSRT100934
Posted Nov 20, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02821 SSRT100934 - A potential security vulnerability has been identified with HP Integrated Lights-Out iLO3 and iLO4. The vulnerability could be remotely exploited resulting in a disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2012-3271
MD5 | 6e94f7dc526b77fc221a4f71bb9f7050
Ubuntu Security Notice USN-1632-2
Posted Nov 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1632-2 - USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users. Various other issues were also addressed.

tags | advisory, web, arbitrary
systems | linux, ubuntu
MD5 | a03d72050187a7058002aa8235673cb2
Ubuntu Security Notice USN-1634-1
Posted Nov 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1634-1 - Dwayne Litzenberger discovered that Python Keyring's CryptedFileKeyring file format used weak cryptography. A local attacker may use this issue to brute-force CryptedFileKeyring keyring files. This issue only affected Ubuntu 11.10 and Ubuntu 12.04 LTS. It was discovered that Python Keyring created keyring files with insecure permissions. A local attacker could use this issue to access keyring files belonging to other users. Various other issues were also addressed.

tags | advisory, local, python
systems | linux, ubuntu
advisories | CVE-2012-4571, CVE-2012-4571
MD5 | b217ada3ab3a4f3bb1f6a95cd70cd4f1
PHP Secure Communications Library 0.3.1
Posted Nov 20, 2012
Authored by Jim Wigginton | Site phpseclib.sourceforge.net

PHP Secure Communications Library is a set of pure PHP implementations of DES, 3DES, RC4, Rijndael, AES, RSA (PKCS#1 compliant [v2.1]), SSH-1, SSH-2, and SFTP.

Changes: This release added Net_SSH2::enableQuietMode() for suppressing stderr, added Crypt_RSA::__toString() and Crypt_RSA::getSize(), fixes problems with File_X509::validateDate(), File_X509::sign(), and Crypt_RSA::verify(), uses OpenSSL to speed up modular exponentiation in Math_BigInteger, improves timeout functionality in Net_SSH2, adds support for SFTPv2, and adds support for CRLs in File_X509. SSH-2.0-SSH doesn't implement hmac-*-96 correctly.
tags | php, library
MD5 | 75c87f78bcdf6a549c3aea09779e16c7
WordPress Madebymilk SQL Injection
Posted Nov 20, 2012
Authored by Ashiyane Digital Security Team

WordPress Madebymilk theme suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0f30626e26474181469acd1103319958
WordPress Dailyedition-mouss SQL Injection
Posted Nov 20, 2012
Authored by Ashiyane Digital Security Team

WordPress Dailyedition-mouss theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | cea6f2d3689d743cb2f8176b0ad6d6ff
MODx 1.0.6 Brute Force / Path Disclosure
Posted Nov 20, 2012
Authored by MustLive

MODx versions 1.0.6 and below suffer from brute force and path disclosure vulnerabilities.

tags | advisory, cracker, vulnerability, info disclosure
MD5 | 5b561ac137ac4b8eb356ed90fdb76c15
Secunia Security Advisory 51331
Posted Nov 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and a vulnerability have been reported in Opera, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

tags | advisory
MD5 | 50e420928e12bcc303f7f859b95f4b27
Secunia Security Advisory 51286
Posted Nov 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ATutor, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory
MD5 | 51d8bebb5f2dff8d61592cec76b81776
Secunia Security Advisory 51281
Posted Nov 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in IBM WebSphere Portal.

tags | advisory
MD5 | 44a05f410e78ca81b365b7f71737728d
Secunia Security Advisory 51293
Posted Nov 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SEC Consult has reported a vulnerability in dotDefender, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 8862e362d71d60f029539f47404fa0fd
Page 1 of 2
Back12Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    2 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close