HP Security Bulletin HPSBST02890 3 - A potential security vulnerability has been identified with HP StoreOnce D2D Backup System. The vulnerability could be exploited remotely resulting in unauthorized access, modification, and escalation of privilege. Please note that this issue does not affect HP StoreOnce Backup systems that are running software version 3.0.0 or newer. Devices running software version 3.0.0 or newer do not have a HPSupport user account with a pre-set password configured. Revision 3 of this advisory.
422b3375eb717c521ae8728e85ffcb04eb02f34f89ad0731bdbeff7ba22d3908
ZedLog is a robust cross-platform input logging tool (or key logger). It is based on a flexible data logging system which makes it easy to get the required data. It captures all keyboard and mouse events, has a full GUI, and supports logging to a file and basic hiding.
0de4d2153f3495331a767eb87f5a3d42e7bd5e87d00251f505f42ba34c93e0a0
This Metasploit module exploits a buffer overflow in MediaCoder 0.8.22. The vulnerability occurs when adding an .m3u, allowing arbitrary code execution under the context of the user. DEP bypass via ROP is supported on Windows 7, since the MediaCoder runs with DEP. This Metasploit module has been tested successfully on MediaCoder 0.8.21.5539 to 0.8.22.5530 over Windows XP SP3 and Windows 7 SP0.
7d841ff629512953fde2ad0b9d42720ffd2fc843859e5ee5bfe58e990084b709
This Metasploit module exploits a stack-based buffer overflow vulnerability in version 1.11 of Corel PDF Fusion. The vulnerability exists while handling a XPS file with long entry names. In order for the payload to be executed, an attacker must convince the target user to open a specially crafted XPS file with Corel PDF Fusion. By doing so, the attacker can execute arbitrary code as the target user.
916643fb975e5382aef5b8e8b08179bdf4cfd923b7b247577966efc132ea1fa0
BMC Service Desk Express (SDE) version 10.2.1.95 suffers from cross site scripting and remote SQL injection vulnerabilities.
74e4eb8d243a17c5340d032406938b29866d6db49d3fd71d6544cb957ed04e2e
McAfee ePO version 4.6.6 Build 176 suffers from cross site scripting and remote SQL injection vulnerabilities.
5bc2c2825a2b841fc950d28fa7e61d6b5aadf005eca175d8a43288f8aebc17b2
Serendipity version 1.6.2 suffers from multiple cross site scripting vulnerabilities.
481030d108ff5fb5beee22933c98925f5eef0b088e04471fe3ccaba9809718d3
Gentoo Linux Security Advisory 201307-1 - Multiple vulnerabilities have been found in HAProxy, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.24 are affected.
6fbe65c7f8c455d91fb9793263cbcd363c732b4b7cf6a52f71982d44d7efc8bb
MiniBB version 3.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
60efdb16bbc0c67a01ff8f726472ed1cccf342759ebc5a483ba9586b56560491
MintBoard version 0.3 suffers from cross site scripting vulnerabilities.
0174d84652ee11ebd0d8df03e6ea9c0f95630c6d3a8b6ca085db8d8d8df10b24
Mediacoder version 0.8.23.5530 SEH buffer overflow exploit that spawns calc.exe.
f9059da4b8565d2a2be053e35a764c75974e90bcf82f6ad60e76c537d880d579
Linksys WRT110 suffers from root shell command injection and cross site request forgery vulnerabilities.
850308c35db1a6b6413065eb09749bb1a66bb16d4e5f80c535788b446adada12
Ultra Mini HTTPd version 1.21 suffers from a stack buffer overflow vulnerability. This exploit binds a shell.
b39d7035823d90ebf298af86caffb2621a6df69d4546157dd8458dfb62f0ac9a
Camuflage is a short shellscript that makes AES encryption/decryption operations with OpenSSL easier.
77a5d5c0b689028319d8a3180931df3bf00aa5038570239dac656b70d7e35de4
DD-WRT suffers from cross site request forgery and remote command injection vulnerabilities.
71cefeed41482f3cd8e7f0937d18ccfcff76e6e7d15e71a4d8ebe20319e20870