Macromedia Shockwave Flash Malformed Header Overflow #2 - Macromedia Flash Player versions less than 6.0.65.0 allows remote code execution via HTML email and web pages. Fix available here.
018888a6c288f72d88dd0f5fddd22ecea22e5d438947c9dabdd5059490d624a6iDEFENSE Security Advisory 12.20.02 - Microsoft"s Hotmail service contains cross site scripting vulnerabilities which allow session hijacking and arbitrary action execution.
aafa3e18425d9f046e54dc567ee2fcce025cf56610f8af6c1a137a6f802f4ecaRealNetworks Helix Universal Server v9.0 and below for Windows, FreeBSD, HP-UX, AIX, Linux, Sun Solaris 2.7 & 2.8 contains buffer overflows which can cause code to be executed as SYSTEM over tcp port 554.
b39acaf9964d4389121ef064fdeeef266502772719c45556094be1fe82988b89Common use of 'tmpwatch' utility and its counterparts triggers race conditions in many applications, sometimes allowing privilege escalation. Includes information on races, file removal, fixes, and more.
b15d4299f68a0564b2dbf1976f2695381bb7cba4b78e5f66221c135ce941492eThe Enceladus Web and FTP server suite for Windows below v3.9.11 contains a buffer overflow which allows remote command execution. More information available http://www.mollensoft.com.
bc56ff8f7fcff42ba61b72dc3e45978976994ff033fe3cee6516d6863ba75f6ePHP-Nuke v6.0 allows remote users to send email to any address on the internet by entering malformed email addresses. Patch included.
f324c19dbb506141832f85077a736850e56b7b492f689c7d1dbbcc19a71e156ePine v4.44 contains a local buffer overflow in the -x command line option.
1ef3e1c8a908d842ce87bbcf654b3e3ef0f8778d1b327a332d6955a77aa0658fCERT Advisory CA-2002-37 - A buffer overflow vulnerability in the Microsoft Windows Shell allows remote attackers to execute arbitrary code via malicious email message, malicious web page, or browsing through a folder containing a malicious .MP3 or .WMA file. More information available here.
b026b59e3f14b7596aad9085a7b4d8183bb3649a364863979123a168facb9351CERT Advisory CA-2002-36 - Multiple vendors' implementations of the secure shell (SSH) transport layer protocol contain vulnerabilities that could allow a remote attacker to execute arbitrary code with the privileges of the SSH process or cause a denial of service. The vulnerabilities affect SSH clients and servers, and they occur before user authentication takes place. OpenSSH is not vulnerable. More information available here.
fc2411c6232f4bec9861e44cc3a10cda790c69eb0b22484d00b48e73b52c0febiEasy Software Products' Common Unix Printing System (CUPS) vCUPS-1.1.14-5 to 1.1.17 contains an integer overflow in the CUPSd interface which allows attackers to gain the permissions of the LP user and the sys GID. In addition, a race condition allows any file to be overwritten as root. Affected systems include Red Hat 7.3, 8.0, and OS/X 10.2.2.
7c6ba1d4608fa090e656e197e22e24c9627af18d3d3a39b6434f0b189bc7eae8The Polycom ViewStation FX set top video system allows users to change configuration of the video conferencing system. A bug introduced in the Polycom ViewStation FX Release v4.2 allows users full access to the video conferencing system including changing the admin password.
efc1399c213252cbb952cdd78a552988b8c768fd731044eb40928f453a8af4c3Smbrelay.cpp is a TCP NetBT level SMB man-in-the-middle relay attack for Windows in c++ which uses Winsock.
25be6d08cf50dae600f844fd91c3a35cfea28bd3048af0b343fac39a45b76dee
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed