AdPlug versions 2.0 and below and suffer from multiple heap and buffer overflows. Also affected are CVS versions 04 and below.
9a561711fa30bad0a6dfb33e67187555578102fba789bd2b29356ff5a300d711Kaillera versions 0.86 and below suffer from a buffer overflow that can lead to arbitrary code execution.
8d893be1b7d1bddac06b42077b6dfe562392162fb5b57efed984dfa5ff54b7e9Test exploit for Kaillera versions 0.86 and below which suffer from a buffer overflow that can lead to arbitrary code execution.
2442244fe890ba3726b5be5b0b3cac350bb06b1a50a1b00ac6e74c031a6dbbb6Sparklet versions 0.9.4try3 and below suffer from a format string vulnerability.
27c4e996e211c9cef7b6019b3b4c278d5039f5443e2a2ee00564d238aa1a115aMicrosoft Excel 2000 and 2003 exploit for WinXP SP2 French. Microsoft Excel is prone to a remote code execution issue which may be triggered when a malformed Excel document is opened. The issue is due to an error in Excel while handling malformed URL strings.
40882e8520abc41ebfdefadeb031680cce166d0d6adb096192cf1d51c831e499CMS Aura version 1.62 suffers from cross site scripting flaws.
902088be2e6a2356f53d0950c4bfff705ed575ecee46e2a0630f794c16007c59Debian Security Advisory 1104-2 - Loading malformed XML documents can cause buffer overflows in OpenOffice.org, a free office suite, and cause a denial of service or execute arbitrary code. It turned out that the correction in DSA 1104-1 was not sufficient, hence, another update.
c6319298893756fd6f1bb68402e39757063adf93ebad24721623a55f94b1d361Simple C program written to display open ports on a given host. Useful for when things like netstat and sockstat might be backdoored.
7bdd2bc0f877bcc6f227fdd9146ddde8305ddc011d929f2ce2de1fc813be58e4Ubuntu Security Notice 310-1: Marcus Meissner discovered that the winbind plugin of pppd does not check the result of the setuid() call. On systems that configure PAM limits for the maximum number of user processes and enable the winbind plugin, a local attacker could exploit this to execute the winbind NTLM authentication helper as root. Depending on the local winbind configuration, this could potentially lead to privilege escalation.
42d21cfdc0050f71eb9b237a87948f8196e4110da61297f23db2ddae90f5a4d4Ubuntu Security Notice 309-1: Several buffer overflows were found in libmms. By tricking a user into opening a specially crafted remote multimedia stream with an application using libmms, a remote attacker could overwrite an arbitrary memory portion with zeros, thereby crashing the program.
738d5cc3e24e50104089ad40ef1dd8a18a7ace061834fd035ff935cf956a6448Ubuntu Security Notice 308-1: Ilja van Sprundel discovered that passwd, when called with the -f, -g, or -s option, did not check the result of the setuid() call. On systems that configure PAM limits for the maximum number of user processes, a local attacker could exploit this to execute chfn, gpasswd, or chsh with root privileges.
56a78fb2b567d366f6743cc0814e1f70b8e509ab332097901894958e3b388c64Horde versions 3.1.1 and 3.0.10 suffer from multiple cross site scripting issues.
c12ee01c2de161a799d0c280c8d2857872ff9d822da35f1f7625ebe7a1c9b6eavbulletin version 3.5.4 is susceptible to a remote file inclusion flaw.
72846c8dadcf154eb899171c7ea4b7832c2797560842ea21d5e2408dbaa28c8aThe TTCalc script version 1.0 is susceptible to a cross site scripting flaw.
1f321ff4f20359c9de237bec78932841abe949f651396298207d9f133f71abbaMandriva Linux Security Advisory MDKSA-2006-116 - A ridiculous number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.
759b312a3f455768d17a07c039ec763b62fef60c589fb1291983a5e1e0dae094LifeType version 1.0.5 remote SQL injection exploit.
7cb3dc6c234b81ecb6a1977eec55a71c40c959d192c299baa5bde267e114d3b6BLOG:CMS version 4.1.0 suffers from SQL injection and remote file inclusion flaws.
500a039d80a1cee73a5d6a739c0563f00697bacdf17741f3d8bf3ddd52506bb8sNews version 1.3 suffers from cross site scripting and SQL injection vulnerabilities.
de8016afebed4caa397edfe29156a1195bda580a6f5e970abf35d895c84ad150phpSysInfo version 2.5.1 has a remote flaw that allows for an attacker to verify if a file exists on the underlying system.
87e91a7833ecef51e46f55aa5f510504fbbd816ec1682fdfe7e2a3901d6f3f34Touch Control is susceptible to a remote file execution vulnerability.
a5cdb563932079eead91fa88877eef5639e20694b86983fbc406bc78205a4a39When Windows Explorer (explorer.exe) parses a malformed .url file it is susceptible to a denial of service.
c3856e94dae33fcecb3dd9550d99ff03a19ebbd7adf295e105b72716f12a1615Google is vulnerable to a cross site scripting attack.
de8922231afc17424f73b88b7bcba8472e6045337ba69d1aa62e9253e4b5199fShopping Cart version 0.9 is susceptible to cross site scripting attacks.
0e50a1a7aac19623aa458198e90ce54913e8f8bebf133a48cf835f259d38532eSUSE Security Announcement SUSE-SA:2006:041 - Various unspecified security problems have been fixed in Acrobat Reader version 7.0.8.
5e16b0c0b734860dd08a909b6db3bb3e949c27dceff320beee58e0ad86c8dd8cWonderEdit Pro CMS is susceptible to remote file inclusion vulnerabilities.
31531dff706169fce2a2c8802f666995e4106870e0c8ada3b6369ae0678fe468
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed