the original cloud security
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-01-28

Oracle Outside In VSDX 8.4.0 / 8.5.1 / 8.5.2 / 8.5.3 Use-After-Free
Posted Jan 28, 2017
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a use-after-free error within the vsvsdx.dll when processing PageHeight and PageWidth values of VSDX file, which can be exploited to corrupt memory via a specially crafted VSDX file. Successful exploitation may allow execution of arbitrary code. Versions 8.4.0, 8.5.1, 8.5.2, and 8.5.3 are affected.

tags | advisory, arbitrary
advisories | CVE-2017-3266
MD5 | 0711c13af8883e1a872439ce7381167c
CA Common Services casrvc Privilege Escalation
Posted Jan 28, 2017
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers about a medium risk vulnerability that may allow a local attacker to gain additional privileges with products using CA Common Services running on the AIX, HP-UX, Linux, and Solaris platforms. The vulnerability, CVE-2016-9795, occurs due to insufficient validation by the casrvc program. A local unprivileged user can exploit the vulnerability to modify arbitrary files, which can potentially allow a local attacker to gain root level access.

tags | advisory, arbitrary, local, root
systems | linux, solaris, aix, hpux
advisories | CVE-2016-9795
MD5 | c33651df09a1bf032369d8e33acf84d5
WordPress FormBuilder 1.05 Cross Site Request Forgery
Posted Jan 28, 2017
Authored by Securify B.V., Burak Kelebek

WordPress FormBuilder plugin version 1.05 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | a69e1aad24d87f905f2b72d15d87e252
VirtualBox Privilege Escalation
Posted Jan 28, 2017
Authored by Wolfgang Hotwagner

VirtualBox versions prior to 5.0.32 and prior to 5.1.14 suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-3316
MD5 | efabf266fc1bfe3166c49dc0824e8238
Joomla Store Locator 2.3.1.0 Cross Site Scripting
Posted Jan 28, 2017
Authored by Mojtaba MobhaM

Joomla Store Locator component version 2.3.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 46dcac4e2fe71bd9125b9385a9132691
EMC Data Protection Advisor Path 6.x Path Traversal
Posted Jan 28, 2017
Site emc.com

EMC Data Protection Advisor contains a fix for a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. Versions 6.1.x, 6.2, 6.2.1, 6.2.2, and 6.2.3 prior to patch 446 are affected.

tags | advisory
advisories | CVE-2016-8211
MD5 | 42a898251359bd4f741b8be745ec77f9
Cordova-Android 6.1.1 Insecure Transport
Posted Jan 28, 2017
Authored by Alon Galili

Cordova-Android versions 6.1.1 and below suffer from an insecure transport vulnerability due to the Gradle Distribution URL not using HTTPS by default.

tags | advisory, web
advisories | CVE-2017-3160
MD5 | 510d02c3b4e2726449fe217324969975
EMC Documentum D2 4.5 / 4.6 DQL Injection / Cross Site Scripting
Posted Jan 28, 2017
Site emc.com

EMC Documentum versions 4.5 and 4.6 suffer from DQL injection and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2016-9872, CVE-2016-9873
MD5 | 98f1c7c4d8b3563daf6f6d13fcb0e828
EMC Data Domain DD 5.x OS Command Injection
Posted Jan 28, 2017
Site emc.com

EMC Data Domain DD OS has been updated to fix a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 5.4, 5.5 family all versions prior to 5.5.5.0, 5.6 family all versions prior to 5.6.2.0, 5.7 family all versions prior to 5.7.2.10 are affected.

tags | advisory
advisories | CVE-2016-8216
MD5 | 83e4e0371a971a7d003990024b3ffa02
Joomla JTAG Calendar 6.2.4 SQL Injection
Posted Jan 28, 2017
Authored by Mojtaba MobhaM

Joomla JTAG Calendar component version 6.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ffde45784cd9748849d80109f5f65780
RSA BSAFE Crypto-J Cryptography Failure
Posted Jan 28, 2017
Site emc.com

RSA BSAFE Crypto-J versions prior to 6.2.2 suffer from improper OCSP validation and PKCS#12 timing attack vulnerabilities.

tags | advisory, crypto, vulnerability
advisories | CVE-2016-8212, CVE-2016-8217
MD5 | 49ddf75098380770f8fc8cd1d9e75886
MRF Web Panel 9.0.1 OS Command Injection
Posted Jan 28, 2017
Authored by Filippos Mastrogiannis, Dimitrios Maragkos, Loukas Alkis

MRF Web Administration Panel (SWMS) version 9.0.1 is vulnerable to OS command injection attacks.

tags | exploit, web
advisories | CVE-2016-10043
MD5 | 84c6a68b3068ef25bd399b3da1f75f26
EMC PowerPath Management Appliance Information Disclosure
Posted Jan 28, 2017
Site emc.com

EMC PowerPath Virtual Appliance is affected by a sensitive information disclosure vulnerability that may potentially be exploited by malicious users to compromise the affected system. Versions 2.0 and 2.0 SP1 are affected.

tags | advisory, info disclosure
advisories | CVE-2016-0890
MD5 | b58e787b2dfeb6ee4acce02b96b3f55a
EMC RecoverPoint Information Disclosure / Command Injection
Posted Jan 28, 2017
Site emc.com

EMC RecoverPoint versions prior to 4.4.1.1 and 5.0 suffer from information disclosure and command injection vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2016-6648, CVE-2016-6649
MD5 | a67a0f8d704b8202518dce7f2e69954f
RSA Web Threat Detection 5.x Cross Site Scripting
Posted Jan 28, 2017
Site emc.com

RSA Web Threat Detection contains fixes for a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 5.0, 5.1, and 5.1.2 are affected.

tags | advisory, web, xss
advisories | CVE-2016-0919
MD5 | 11fcceb4fd415308eda84b5a6013a9e3
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    2 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close