all things security
Showing 1 - 25 of 44 RSS Feed

Files Date: 2012-12-21

Zero Day Initiative Advisory 12-192
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-192 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles consecutive calls to insertRow. When the number of rows reaches a certain threshold the program fails to correctly relocate certain key objects. This can lead to a use-after-free vulnerability which can result in remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-1880
MD5 | 39370c6e23c5e71e38df2b098ae63d90
Zero Day Initiative Advisory 12-191
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-191 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a HTMLMedia element. After a source element is created, an attacker can catch the beforeLoad event before the element is used, and delete the element. The pointer to the source element will then be referenced causing a use-after-free condition, which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3071
MD5 | 3485cc0a5ada64fd70e0b8de1ff12689
Zero Day Initiative Advisory 12-190
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-190 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the 'onpropertychange' user callback function for the document.title. If the function changes the document in the callback function by using, for example, a document.write call, this can result in a use-after-free vulnerability. This can lead to remote code execution under the context of the program.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-1877
MD5 | d48081cc95ac51cd48028c39fb2ca517
Zero Day Initiative Advisory 12-189
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-189 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because it is possible to change system properties through trusted JNLP files. If a JNLP file requests "<all-permissions/>" and only references signed, trusted JAR files, it can set all System properties. By referencing a trusted JNLP file from an untrusted one it is possible to change System Properties that can lead to remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2012-1721
MD5 | 7ed067d5563825d7281f23012634b96f
Zero Day Initiative Advisory 12-188
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-188 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles 'onrowsinserted' callback functions for certain elements. It is possible to alter the document DOM tree in a onrowsinserted callback function which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-1881
MD5 | c792d301ec64c4eea1671788ba504ac1
YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials
Posted Dec 21, 2012
Authored by xistence

YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, info disclosure, csrf
MD5 | 351bbea8ba597d64b1915caf9c09ccb8
4psa VoipNow 2.x Remote Command Execution
Posted Dec 21, 2012
Authored by i-Hmx

4psa VoipNow versions prior to 2.3 suffer from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 84ade909d47213d3acbb88dc99c158df
WordPress BuddyPress Cross Site Scripting / Content Spoofing
Posted Dec 21, 2012
Authored by MustLive

WordPress BuddyPress plugin suffers from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | f14318f875115e478d4d8c8f3fa31a13
Samhain File Integrity Checker 3.0.9
Posted Dec 21, 2012
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Some build errors have been fixed, as well as the 'probe' command for the server (clients could be erroneously omitted under certain conditions). An option has been added to the Windows registry check to ignore changes if only the timestamp has changed, and full scans requested by the inotify module will now only run at times configured for regular full scans.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | d43e3b3d833c11ab3aa5fad3a596e114
Secunia Security Advisory 51635
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Virtuemart 2 Multiple Customfields Filter module for Joomla!

tags | advisory
MD5 | 365848b853a478ded0644c9aae0bc920
Secunia Security Advisory 51628
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in SIMATIC S7-1200, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | b1ecb2fb094133d958979154791280a0
Secunia Security Advisory 46859
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in VMware vCenter Server Appliance, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory, vulnerability
MD5 | 7d0b0084d83e98c2d5c6f5bd44f57548
Secunia Security Advisory 51320
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in CA IdentityMinder, which can be exploited by malicious people to bypass certain security restrictions, manipulate certain data or compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | e2b83e09bb682c7e61200b0daff34c4e
Secunia Security Advisory 51653
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for Fuse MQ Enterprise. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
MD5 | b61dc9c3c0206d69ea96958435a94272
Secunia Security Advisory 51659
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for Fuse ESB Enterprise. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
MD5 | a95b282adcd0b44e5c210a8bf54c88e4
Secunia Security Advisory 51557
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Foreman, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | d05e9d081e015d9fc3a3304792d84cc9
Secunia Security Advisory 51658
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for Fuse Management Console. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
MD5 | de1c15390be133f66e8b861b81036cb3
Secunia Security Advisory 51555
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESXi, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges, by malicious users to compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
MD5 | 992e31473b4011b1a623f35fd10b1654
Secunia Security Advisory 51604
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for BIND in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | hpux
MD5 | ca519f6c64ce03274748446fad1c17a7
Secunia Security Advisory 51582
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libtiff. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | 5dc5bbcef92e03aec9e5059a94196c25
Secunia Security Advisory 51537
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - temp66 has reported a vulnerability in Nagios, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 064b12c96e807986bcaca12f655c4ff0
Secunia Security Advisory 51575
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a security issue and a vulnerability in Apache HTTP Server included in Solaris, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, local, xss
systems | solaris
MD5 | cf7d738a86009243c2bdb5b9d2b64ff3
Secunia Security Advisory 51618
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Java included in Solaris, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | solaris
MD5 | 4765b92b5a953a56d03ed845c47281bc
Secunia Security Advisory 51550
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in IronJacamar, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 376a8adceeda3c3f48fb09fb626ff9c0
Secunia Security Advisory 51564
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Quenlig, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | f27b2da463ae43d55e0250d3e7751f1e
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close