Debian Linux Security Advisory 3402-1 - Several vulnerabilities have been discovered in symfony, a framework to create websites and web applications.
ff3dbe67d87758463ba6a81b35d259e61d5c04ec87f0c71acbd9647d9057be87Red Hat Security Advisory 2015-2514-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on JBoss Application Server. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
75335dd065056ea1cef0c6b958cc10c427ec1190557c5bc7f6542783c250cd63KNX management software ETS version 4.1.5 build 3246 suffers from a buffer overflow vulnerability that allows for remote code execution.
26fb1ecb52a068327a64aefb6a20a38aa566c00c1c8b2378b3520c7110cdc0a6Neos CMS version 2.0.3 suffers from cross site scripting and remote shell upload vulnerabilities.
32f565a1e4aa0ba4f3cc4e6ff2e96c53df2ff5dc3c7b30ec6666056d0a5ec619The attached testcase crashes Windows 7 32-bit due to a pool buffer overflow in an ioctl handler. Enabling special on ndis.sys netio.sys and ntoskrnl helps to track down the issue, however it will crash due to a bad pool header without special pool as well.
3403491c7fbf36174b15a563987a49c4a34c9dfe661dfceec3ca982b901368adThe 3D Vision service nvSCPAPISvr.exe installed as part of typical driver installations runs at Local System and has an insecure named pipe server. One of the commands in the server can be used to set an Explorer Run key for the system which would allow a user to get code executing in the session of any other user who logs on to the same machine leading to elevation of privilege. In Windows Domain environments it would also be possible to exploit the vulnerability between machines if the attacker has access to a valid user account on one domain joined machine.
05dc63568af8d130fdd2c6b9e0a909e6ec48e67727f943ffc38e725c2e25e0c2The attached poc crashes 32-bit Windows 7 with a screen resolution of 1024x768 and 32bit color depth. The crash occurs during a memmove operation while copying the cursor content from unmapped memory. This could potentially be used by an attacker to leak kernel memory. When reproducing this issue in VMWare, it is necessary to remove VMWare tools. In QEMU the issue reproduces reliably.
4a4737c7da3e9d60d2829fc4216a2923ae3dd4946af77f8b03906129aa0fc6baThe attached testcase crashes Window 7 32-bit with Special Pool enabled on win32k.sys due to a use-after-free condition. The bug appears to be a race condition between two threads and multiple runs on the PoC might be required to trigger the bug. This is more reliable on systems with multiple cores.
98cd61cfa57d50f4a3e3d1dc2c080a9c2743333c59a9c028d17d2c5241c7bd9aThe Microsoft Windows kernel suffers from an NtUserScrollDC memory corruption vulnerability.
9c9d7819c17ae0f14fbcf5250fe9bc87ec36941d7e0e1a71bc9c128bc94d7ef8The Microsoft Windows kernel suffers from a use-after-free vulnerability with device contexts and NtGdiSelectBitmap.
f9138be83b6665e583fb9a0c2edbf82da6a8ba0567aba68654dad7c01ffa36d5MODX Login Extra versions prior to 1.9.1 suffer from a cross site scripting vulnerability.
8866751a93597637a538bf0220137db267a389e38a5051f40a3903cc78ebdc36RXTEC RXAdmin login page from UPDATE 06 / 2012 suffers from a remote SQL injection vulnerability.
940590a69e2048c5513b7eb24f981f9183f5c6fa25601b46fcf091c4812f94f5Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges.
8f7f179c0390f32c61f7e5d9ef5dff39e836b126a057fbd52f32854d89498f84Huawei HG253s V2 suffers from a remote information disclosure vulnerability.
2e2018d16f6a7f8cddf71c09432c4a1048d6e439aa44ce1118910a868470d54cDimofinf version 3.0.0 cookie SQL injection exploit.
ae127634dd77d4b81b85ee2ddebae17c44d195b88e620121ef01740d5ac84f53
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed