Secunia Security Advisory - A vulnerability has been reported in various F-Secure products, which can be exploited by malware to bypass certain scanning functionality.
389e7a086c68090c1bed105709bab5506c0ab87ef1c14ee200459f5d18b070ce
Secunia Security Advisory - A vulnerability has been reported in SecretSanta, which can be exploited by malicious users to bypass some security restrictions. The problem is that a new group can be created with the same name as a previously created group, which causes the administrative user of the new group to be incorrectly assigned to the previous group.
80919f7962c074e557ac17ec135275f984b63d7ab1ac17af4f25e8e20661b0a8
Secunia Security Advisory - Aaron has reported a vulnerability in iCal, which potentially can be exploited by malicious people to compromise a user's system.
8c978be524bfedbc28f079ef669a2f0be1424780f3c14801c35461d33cd961e1
Gentoo Linux Security Advisory GLSA 200411-30 - pdftohtml includes vulnerable Xpdf code to handle PDF files, making it vulnerable to execution of arbitrary code upon converting a malicious PDF file.
e4f94235bf496047e0941b96736112af2b446ddb21535a91517bdee5dc0ed54d
A vulnerability in Java Plugin allows an attacker to create an Applet which can disable Java's security restrictions and break out of the Java sandbox. The attack can be launched when a victim views a web page created by the attacker. Further user interaction is not required as Java Applets are normally loaded and started automatically. Versions affected are below 1.4.2_06.
3fc1aebf9c24ebd6d4a7590deec5c1bd21fa4d2e6d42b587ee39c12de45f3036
Detailed analysis and overview of the Winamp 5.05 vulnerability recently patched.
0f5de7b9ebfaf2752d6409fddc9fe0ca060c3f20c2977f51e0bb33c53aa41958
SecureCRT versions 4.1 and 4.0 suffer from flaws that allow for remote compromise due to links automatically launching the application.
23f493ba4fa09931d770c4c1e637bbc6b6dda5d8dd4f0c52a75179eeb017df5a
Cyrus IMAP server versions 2.2.8 and below suffer from several vulnerabilities that allow for remote code execution.
7d272318585dcd23335de60a53dfe23852040f2eb2bfe3c21f847207fdd71ba2
Halo: Combat Evolved versions 1.05 and below suffer from a remote denial of service vulnerability.
70dbdf7b40426f8c8a614d387f5fd305b314f39014a45e051dcf05b5374904db
Halo: Combat Evolved versions 1.05 and below remote denial of service exploit.
0d3cef695d9fdc47fdfd95ee798dad5deadd30a99fcef14209bc6b476fb3f98e
CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10 both suffer from an overflow that allows for arbitrary code execution. Exploit included that spawns a shell on port 5555.
c9c0e8b484d3a06402a6c82a42672cbd98ac77e8c0eda4fe6e231b78eb1cc7da
WodFtpDLX versions below 2.3.2.97 are susceptible to a classic buffer overflow attack. Denial of service exploit included.
195769a65ca00316eed591f6fcee2829057831d8d052f6c924409e82b66d029c
Prevx Home's registry and buffer overflow protection features are implemented by hooking several native APIs in kernel-space by modifying entries within the SDT ServiceTable. This means that a malicious program with Administrator privilege can disable these features by restoring the running kernel's SDT ServiceTable with direct writes to \device\physicalmemory. Verified against Prevx Home Version 1.0 Build 2.1.0.0 on WinXP SP0, SP2.
cdbe8aa011cc24d5f6c3a5f694ae3235e1744f064bd8ed4e13f8f9f7a62e832f
PHP KIT versions 1.6.03 through 1.6.1 suffer from SQL injection and cross site scripting vulnerabilities. Demonstration exploitation included.
c1523a9e55bac436ae0076df04b931392281380687c061e2ed6cbe1a3ce97264
Gmail suffers from multiple vulnerabilities including denial of service and cross site scripting flaws.
698272ceac4aa2ecd656a297da9f9d16d6ecacfd8a250f638aad77532a688a80
It is possible to reset a ZyXEL Prestige 650 HW router without any authentication.
a4d1db6918bceedfe9f7495d7a6ac3ec6560609a00d906f07dc41dc206aaf241
Sacred versions below 1.0.6.2 suffer from a denial of service flaw.
8a2f2388c32b4c8625142cf85960a2a8f5a5e78cbc5fab19aa74d5add1da549b
IPB Pro Arcade versions 1.x and 2.x are susceptible to SQL injection attacks. Exploitation included.
f7454942a43b8b3ffbf7722175ca2bf2521b5ec0146a700b1e8b374d7351a54e