the original cloud security
Showing 1 - 25 of 27 RSS Feed

Files Date: 2013-01-29

DataLife Engine 9.7 PHP Code Injection
Posted Jan 29, 2013
Authored by EgiX | Site karmainsecurity.com

DataLife Engine version 9.7 suffers from a PHP code injection vulnerability in preview.php.

tags | exploit, php
advisories | CVE-2013-1412
MD5 | f3566f00eb931f00709a388593af300f
PFsense UTM Platform 2.0.1 XSS / CSRF
Posted Jan 29, 2013
Authored by Dimitris Strevinas

PFsense UTM Platform version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 8d065c06d359f38b0740a398bfa11e6a
Apple QuickTime Player 7.7.3 Out Of Bounds
Posted Jan 29, 2013
Authored by Debasish Mandal

Apple QuickTime Player Windows version 7.7.3 suffers from an out of bounds read vulnerability.

tags | exploit
systems | windows, apple
MD5 | 41eca8b72543bfc14e33ba42cb3da7b0
Ruby on Rails JSON Processor YAML Deserialization Code Execution
Posted Jan 29, 2013
Authored by egypt, lian, jjarmoc | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in the JSON request processor of the Ruby on Rails application framework. This vulnerability allows an attacker to instantiate a remote object, which in turn can be used to execute any ruby code remotely in the context of the application. This vulnerability is very similar to CVE-2013-0156. This Metasploit module has been tested successfully on RoR 3.0.9, 3.0.19, and 2.3.15. The technique used by this module requires the target to be running a fairly recent version of Ruby 1.9 (since 2011 or so). Applications using Ruby 1.8 may still be exploitable using the init_with() method, but this has not been demonstrated.

tags | exploit, remote, code execution, ruby
advisories | CVE-2013-0333
MD5 | a94c8b488a79ce550781a982eed5d4a2
Adobe Reader XI Heap Overflow
Posted Jan 29, 2013
Authored by Nisso Kalim

Adobe Reader XI versions 11.x suffers from a heap overflow vulnerability.

tags | advisory, overflow
MD5 | 3e5afa36b4cc53e2d31c9f1299427e96
Secunia Security Advisory 51938
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ruby on Rails, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, ruby
MD5 | eec7e0bd3bc57a042e9e295468c4b30d
Secunia Security Advisory 51993
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libav. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | fdd6b31d51fbb657755e8ac0faa43ee5
Secunia Security Advisory 52004
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apple has acknowledged a vulnerability in Apple TV, which can be exploited by malicious people to compromise a user's device.

tags | advisory
systems | apple
MD5 | d0a3c3d9d865c11797662e5ff21e39e1
Secunia Security Advisory 52002
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two security issues and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's device.

tags | advisory, vulnerability, xss
systems | cisco, apple
MD5 | 8d3f7b94b2b8ef79feca32126390dd54
Secunia Security Advisory 51975
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
MD5 | 3c874c3d0cec7e31f9c4b69befdda028
Secunia Security Advisory 52003
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in libvirt, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
MD5 | 63740a008b0f2a40cf99f0df42bb385f
Secunia Security Advisory 51999
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for rubygem-activesupport. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
MD5 | 0280547eb8184c7befcd2c37e2bb0b23
Secunia Security Advisory 51991
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ffmpeg. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | 8c4614779c9493937ade1707f6899f3a
Secunia Security Advisory 51980
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Symfony, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 5efd6b89cfa6fd27671986f099442833
Secunia Security Advisory 51989
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco, osx
MD5 | 70d9021635a28adadb28a1b6d5651d92
Secunia Security Advisory 51927
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Junaid Hussain has discovered a vulnerability in the SolveMedia plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | b6abe19451d1920e07a791544e37a6d1
Secunia Security Advisory 51982
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libssh. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | b116811fc0c51d745b176808baaab1d4
Secunia Security Advisory 52006
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM WebSphere Message Broker, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 193586ea937ee94cc00e3cf15bcf97c4
Secunia Security Advisory 52001
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, redhat
MD5 | 5cfaffbf6772377969aa701659b57b36
Secunia Security Advisory 52009
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Directory Integrator, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 932f7362cf45ed4739fa5c769e737b47
Secunia Security Advisory 51949
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Rapid7 has reported two vulnerabilities in Portable UPnP SDK, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
MD5 | d54c00cf50f308647723a2fe137a4d58
Red Hat Security Advisory 2013-0202-01
Posted Jan 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0202-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.

tags | advisory, remote, web, arbitrary, sql injection, ruby
systems | linux, redhat
advisories | CVE-2013-0333
MD5 | 023e1a1ca2d6500857b032668d550ee6
Red Hat Security Advisory 2013-0201-01
Posted Jan 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0201-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.

tags | advisory, remote, web, arbitrary, sql injection, ruby
systems | linux, redhat
advisories | CVE-2013-0333
MD5 | bb24b68bdbc6a1947f704d4eebca6ff1
Red Hat Security Advisory 2013-0199-01
Posted Jan 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0199-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in the way libvirtd handled connection cleanup under certain error conditions. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-0170
MD5 | 975bce6c1ee846a57f9415d11287bdea
Ubuntu Security Notice USN-1707-1
Posted Jan 29, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1707-1 - Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-0176
MD5 | a58a0c1bd0d85c5a22ed3a7ac55f952d
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close