exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files Date: 2012-12-21

Zero Day Initiative Advisory 12-192
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-192 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles consecutive calls to insertRow. When the number of rows reaches a certain threshold the program fails to correctly relocate certain key objects. This can lead to a use-after-free vulnerability which can result in remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-1880
SHA-256 | 99ea9322e505dba8036dea8d3150e9f23d91823239f879e3477401f033570694
Zero Day Initiative Advisory 12-191
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-191 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a HTMLMedia element. After a source element is created, an attacker can catch the beforeLoad event before the element is used, and delete the element. The pointer to the source element will then be referenced causing a use-after-free condition, which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3071
SHA-256 | f8ad76efb6dc7c54fabe36b22f6cc735fa61cf7900c7f5472118ee228b4bde4a
Zero Day Initiative Advisory 12-190
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-190 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the 'onpropertychange' user callback function for the document.title. If the function changes the document in the callback function by using, for example, a document.write call, this can result in a use-after-free vulnerability. This can lead to remote code execution under the context of the program.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-1877
SHA-256 | 4c3c7f5e3250c7b1484ca7357cdefae51d7f8acc72681ad5fc5ebe3a648e80a8
Zero Day Initiative Advisory 12-189
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-189 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because it is possible to change system properties through trusted JNLP files. If a JNLP file requests "<all-permissions/>" and only references signed, trusted JAR files, it can set all System properties. By referencing a trusted JNLP file from an untrusted one it is possible to change System Properties that can lead to remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2012-1721
SHA-256 | 383be539a89377bb33d31a0643c657adf0d7f528c7698591adb195378615975a
Zero Day Initiative Advisory 12-188
Posted Dec 21, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-188 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles 'onrowsinserted' callback functions for certain elements. It is possible to alter the document DOM tree in a onrowsinserted callback function which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-1881
SHA-256 | 4b7933dcb49833c0949097d659101dd0e863d974583fd5392687c7c88066b9f7
YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials
Posted Dec 21, 2012
Authored by xistence

YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, info disclosure, csrf
SHA-256 | 874405777edd847f163325edf73c03b42d16a9c2dc18c2eda37f745725d199aa
4psa VoipNow 2.x Remote Command Execution
Posted Dec 21, 2012
Authored by i-Hmx

4psa VoipNow versions prior to 2.3 suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 9889092cc05ca0c360d1c888ac5dd274723646a753d62f1ba64b7fd58a84be33
WordPress BuddyPress Cross Site Scripting / Content Spoofing
Posted Dec 21, 2012
Authored by MustLive

WordPress BuddyPress plugin suffers from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
SHA-256 | a2a973b41ca8cc4e4212a323806b5d414908948989341121167117923b861155
Samhain File Integrity Checker 3.0.9
Posted Dec 21, 2012
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Some build errors have been fixed, as well as the 'probe' command for the server (clients could be erroneously omitted under certain conditions). An option has been added to the Windows registry check to ignore changes if only the timestamp has changed, and full scans requested by the inotify module will now only run at times configured for regular full scans.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 0a8f79dd910061668fd70cded939a4043e9b5ebd3ae835ceba6e01e93f6bb254
Secunia Security Advisory 51635
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Virtuemart 2 Multiple Customfields Filter module for Joomla!

tags | advisory
SHA-256 | 1f2f86cc7dd38374e660a91c9bab2e7ae524104c5fd8d9e4ed32d60a3fb051fd
Secunia Security Advisory 51628
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in SIMATIC S7-1200, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | efa3398294a94b764a641aed45c01054679866f02d9de917b329d30814314a9a
Secunia Security Advisory 46859
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in VMware vCenter Server Appliance, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory, vulnerability
SHA-256 | 48ab80274f8c8be01aa9de300b3d0bc0ba3a98744acfb7aa04de91011ed16931
Secunia Security Advisory 51320
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in CA IdentityMinder, which can be exploited by malicious people to bypass certain security restrictions, manipulate certain data or compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | d195a43f8ceb69feaea4c7c1a2b22d8e83dd277e7cb535597ab85a889b932b55
Secunia Security Advisory 51653
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for Fuse MQ Enterprise. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 1716bc25403178b74f82d9199e136292927fc3b5fc01f4254c7633171ef51871
Secunia Security Advisory 51659
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for Fuse ESB Enterprise. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | fa3828a1ae7af04e9c9b155cd959d242a74e776b45a1375f6ada773d54f89f25
Secunia Security Advisory 51557
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Foreman, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 504ee87cd39eb127d96eb9afdb6ba23e699c000cf312100113f1cae5c335f7bd
Secunia Security Advisory 51658
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for Fuse Management Console. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 9888a3391b252f1bf92997b92a5e7875b4724b4c8735166b55f20113389d1089
Secunia Security Advisory 51555
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESXi, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges, by malicious users to compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
SHA-256 | fafedf99ade33f0142e5cdf4abea711b8e2504fdae6fc9e7f6bfc6633ffccf0d
Secunia Security Advisory 51604
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for BIND in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | hpux
SHA-256 | 3bd9f64b063c56ab7e18ddee1a19fa289046ae5c18daec47ce77e7e1a746714c
Secunia Security Advisory 51582
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libtiff. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 139410dc76e1261023a8d170407ee4bb93e91eca990b7a62eefd4344d75ba787
Secunia Security Advisory 51537
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - temp66 has reported a vulnerability in Nagios, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 0f94f83e5eec7cd77951165161f7b35dcaf511d086ce9c6113ef8f147c2b8923
Secunia Security Advisory 51575
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a security issue and a vulnerability in Apache HTTP Server included in Solaris, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, local, xss
systems | solaris
SHA-256 | d662d4f52afd07357bec32434cf9750925bb144b01baf1a7d5f2e2def37e3fc7
Secunia Security Advisory 51618
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Java included in Solaris, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | solaris
SHA-256 | 59b1795a503898484b4689f79ff7c55361d0371fec7b2f882eb2cea549d88df0
Secunia Security Advisory 51550
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in IronJacamar, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | c04a23c239c650fc1e88b4d3f037fc3047c4e6138671a9e9264d9a248c5b62eb
Secunia Security Advisory 51564
Posted Dec 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Quenlig, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | e6ea749254ddb3eb288d6da02d31501107d563227be84c7c00a46a5c8905cbf3
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close