This Metasploit module exploits a use-after-free vulnerability in Microsoft Internet Explorer where a CParaElement node is released but a reference is still kept in CDoc. This memory is reused when a CDoc relayout is performed.
c34a481f2b8be1ac2f3b8a01e8ab562889bd7cdb4f5c7a2ba7fee1e09d0c1f5b
Rix4Web Portal suffers from a remote SQL injection vulnerability.
21a5c60f31cc971ba72b095390c902fc6403d9885ffdc35709a60522a7c84a89
Photodex ProShow Producer version 5.0.3297 suffers from an insecure library loading vulnerability. Proof of concept code included.
37042fd4c529e3d7db8443fd5e77c902abe947c3615533a5f6e2701744019f79
IPMap version 2.5 suffers from remote shell upload vulnerabilities.
4ea9f2c5a1e983bec5d9a1f80b38b56539c742b02f0aebdb0efe644b9791b52f
Kayako Fusion version 4.51.1891 suffers from multiple cross site scripting vulnerabilities.
e5a1b421f1331b506120588b7077a7a1b08b387f3bfb66b50b518984683e378b
Onapsis Security Advisory - Abuse of the SAP SMD agent unauthenticated interface will allow a remote attacker to install an arbitrary application and achieve a full compromise of the SMD agent and the SAP instances installed on the server.
36b9779f3920be11724a516d2b460f2187a417205eb2607fd3dedbdb7e5e7b94
Onapsis Security Advisory - The SAP CCMS agent is built as an RFC external server, exposing several RFC functions. One of these functions allows a remote unauthenticated user to execute arbitrary commands which are executed with SIDADM privileges (the highest possible in the SAP world).
dd361885dbd5c02f12bfddbe6e1861c6ae6081f3fcfc5fdbadf9827a88d812e1
Team SHATTER Security Advisory - Some parameters of /em/console/database/instance/rsrcpln in Oracle Enterprise Manager Resource Manager are vulnerable to SQL injection attacks. Versions affected include Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3.
3e0451015ffc224ce11f7401a2782d3c1356e250ea3e9faa7ee1dcc8a739b25b
Team SHATTER Security Advisory - It appears that /em/console/database/dist/advRepl/advReplicationAdmin in Oracle Enterprise Manager suffers from multiple cross site scripting vulnerabilities. Versions affected include Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3.
2792aa7ae5419664ab0b71553d18effc0c29b4e0fc48bb1b6aed69cf14d1a326