Gentoo Linux Security Advisory 201402-15 - A vulnerability in Roundcube could result in arbitrary code execution, SQL injection, or reading of arbitrary files. Versions less than 0.9.5 are affected.
5be19c7fe318cdac4f395b199c65d5c4a701c798827254d2a3ea10f68f9f1b22Debian Linux Security Advisory 2860-1 - Holger Levsen discovered that parcimonie, a privacy-friendly helper to refresh a GnuPG keyring, is affected by a design problem that undermines the usefulness of this piece of software in the intended threat model.
b7bdc1b3086c40556cb5fe4377f9a93bc8b6ce87f1c3e9b394654be94bc86065Gentoo Linux Security Advisory 201402-16 - Multiple vulnerabilities have been found in FreeType, allowing context-dependent attackers to possibly execute arbitrary code or cause Denial of Service. Versions less than 2.4.11 are affected.
6381e71236e6912a4b602345bc96615a16154736eabddfc5f3cd27e51b8549f7Red Hat Security Advisory 2014-0159-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information.
d6a3d7905619dde6b0c504958abbe62c6810a747bc516cdf0188bf72df2dcb42Ubuntu Security Notice 2103-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
b76c7d8b3f16a053de40fb5f6de1b0391bcfb08ef4092a06ce7392104170ba14Mandriva Linux Security Advisory 2014-025 - The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service via crafted byte sequences. Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service via a crafted timestamp value in an XMPP message. gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service via a long URL that is examined with a tooltip. util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service via a crafted response. Various other issues were also addressed.
422e9249c13c3d4027bc7cdbcd30bc0b846985f1027544b241a99c5a280f78afApinit and aprun are utilities used to schedule tasks on Cray supercomputers. Apinit runs as a service on compute nodes and aprun is used to communicate with these nodes. The apinit service does not safely validate messages supplied to it through the use of aprun. Users of Cray systems are able to exploit this weakness in order to execute commands on the compute nodes of a Cray supercomputer as arbitrary users, including root (UID 0).
35dc2988dfa5b20f94f03cac3407ffef1d10ffa10d1fe9bd41390ba183fc8f33Open-Xchange AppSuite version 7.4.1 fails to properly neutralize javascript inserted at the header of an SVG image file.
902503927eb1161ffb0b2ded9523ac54b5ca2dc0ca6eb132a17f1234f1998415D-Link DSL 2750B router parameter changing cross site request forgery proof of concept exploit.
fdc0bc06935b3b33fa71af32a970a5a0ee2a862970df531f7dddb948240a9521FreePBX 2.x suffers from a remote PHP code execution vulnerability due to a poor file validation methodology.
20c5cc704d10be24460de25cdb7eff337ee9976184e28a9640960869ae57d7d7This Metasploit module abuses the kxClientDownload.ocx ActiveX control distributed with WellingTech KingScada. The ProjectURL property can be abused to download and load arbitrary DLLs from arbitrary locations, leading to arbitrary code execution, because of a dangerous usage of LoadLibrary. Due to the nature of the vulnerability, this module will work only when Protected Mode is not present or not enabled.
ad47b03cb77be889b47d699cea4b847b22b73010c94c1218576856423018df63This Metasploit module executes Powershell to upgrade a Windows Shell session to a full Meterpreter session.
77f33a93fab9dec0bfbe6f0a7ddb463203a9de47dd740a64deea3ff1282ff494This Metasploit module exploits a vulnerability in win32k.sys where under specific conditions TrackPopupMenuEx will pass a NULL pointer to the MNEndMenuState procedure. This Metasploit module has been tested successfully on Windows 7 SP0 and Windows 7 SP1.
181f4cfbdc09dfbd74b82a9c5495d3a4978f7ba84e532a43bc1638ebaee3ad62This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting Kloxo, as exploited in the wild on January 2014. The SQL injection issue can be abused in order to retrieve the Kloxo admin cleartext password from the database. With admin access to the web control panel, remote PHP code execution can be achieved by abusing the Command Center function. The module tries to find the first server in the tree view, unless the server information is provided, in which case it executes the payload there.
5d8f6cae432196f23f39042e208a9497a1b9380d5de6691ea87d95bd4cffc35bTableau server suffers from a remote blind SQL injection vulnerability. Versions 8.1.X before 8.1.2 and 8.0.X before 8.0.7 are affected.
ebf6b43d894838fe1a6ca916802d8cfcb730ad9a2026321cedbb90facb145ccdTitan FTP server version 10.32 Build 1816 suffers from multiple directory traversal vulnerabilities.
ad132145c900e18a6160d6e6bc4f09d22483fb708a41e244c6b8db6f8d8e046cSymantec Web Gateway version 5.1.1.24 suffers from reflective cross site scripting vulnerabilities.
75211bed40ca813a6ffcfbf3ded066408f28136ccee35261124f78ebb48d981a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed