libmikmod versions 3.2.2 and below suffer from a heap overflow vulnerability.
e4f2fa017d87393fcdd9fd3af1926e26e391eb96ff0167d34f68042a40596698
Whitepaper titled "Forging HTTP Request Headers With Flash".
ea05b3536fe449fc3fedd3dda363fbd5f77eefea62b709a6e4e00a23c016c940
Modified version of the Achilles Windows Attack Tool that Microsoft claims does not demonstrate a denial of service vulnerability.
564614ac339c305d4dbfa6c62e1cd6f17eebc97d75ee17486b08afe3aedaa552
Debian Security Advisory 1124-1 - Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer contains a typo, which prevents the intended filter against malicious postscript commands from working correctly. This might lead to the deletion of user data when displaying a postscript file.
28a8ab2c26bc78f88abfe4aa11f3466930ae816def547c9061a2d3b44acdeb09
Debian Security Advisory 1123-1 - Luigi Auriemma discovered that DUMB, a tracker music library, performs insufficient sanitising of values parsed from IT music files, which might lead to a buffer overflow and execution of arbitrary code if manipulated files are read.
8049daf9fd0613e5ac2cabd6a844ea7d8cde087b0cafc977d4c93d16f461e4c1
Check Point Firewall-1 R55W suffers from a directory traversal flaw via hex encoded strings.
9c0a6b5a637da1a84c5fc2b5cbe5eefdb1057192f42d14363af650817f0c384b
Ubuntu Security Notice 322-1 - A Denial of Service vulnerability has been reported in the replaceChild() method in KDE's DOM handler. A malicious remote web page could exploit this to cause Konqueror to crash.
92238ad599a2e708ed8a3a4b773b440b56203bc2b5f20456818c8867e272f827
Music Box version 2.3.4 is riddled with SQL injection and cross site scripting flaws.
9e0166ec540c61278d256f5f2ee491e9c8059ddefed81ec99e6788c60f945ba5
PHP Live! version 3.2 suffers from a remote file inclusion flaw.
3c66e54e187d38720ffa5d658bb86accda9b06d2390a750d8c5345c093c217fa
Slides from the PaiMei presentation given at RECON2006. PaiMei is a reverse engineering framework consisting of multiple extensible components. T
79d922cf0e59a4d205fd7c3a5de2dfe26ffd04a589e92b01772f64ecd60c715c
PaiMei is a reverse engineering framework consisting of multiple extensible components. The goal of the framework is to reduce the time from "idea" to prototype to a matter of minutes, instead of days. PaiMei is written entirely in Python and exposes at the highest level a debugger, a graph based binary abstraction and a set of utilities for accomplishing various repetitive tasks. The framework can essentially be thought of as a reverse engineer's swiss army knife and has already been proven effective for a wide range of both static and dynamic tasks such as: fuzzer assistance, code coverage tracking, data flow tracking and more.
f027a3b0b418697874b0a94638fd5384a09eea2e16778ac1bf21c0ea708b4c9a
Debian Security Advisory 1122-1 - Peter Bieringer discovered that the "log" function in the Net::Server Perl module, an extensible, general perl server engine, is not safe against format string exploits.
026c988e233a271655e771f074bf62a910589dfa6b32815a46a951c3f9bf90da
The Opsware Network Automation System (NAS) version 6.0 installs a world readable init script with the mysql root password in it.
4550be19404c759e050718b068c9b89c1a55c99e8fab5794adae7d6e43258c1b
Siemens Speedstream routers are susceptible to a denial of service condition when sent a malformed packet.
f9de422e5fc5e02225651dbbadd3d3bec8451c59341be68d36ec8f685de15501
All TippingPoint appliances with TOS versions 2.2.3.6514 and below suffer from a flaw where a malformed packet can force the appliance to fallback to layer 2 mode. In this mode the appliance forwards all traffic without inspection.
2cdf76ce77a8b1d92b80c66ba2713dcb1827621993374c4f869b6af6c113a55e
Various scripts from RadScripts, such as RadBids Gold, RadLance Gold, and RadNics Gold all suffer from a remote file inclusion vulnerability.
37bca0d4159bfbd99c25ded3f7421e10291787bf06d08f723a001e923ac4250f
Debian Security Advisory 1121-1 - Peter Bieringer discovered that postgrey, an greylisting implementation for Postfix, is vulnerable to a format string attack that allows remote attackers to the daemon.
17f31b6d3b1c1b47b1bb8b7743d69602d0196c679d20c3ff3b6df748b4695d8c
Freeciv versions 2.1.0-beta1 and below and versions SVN 15 and below suffer from memcpy crash and invalid memory access flaws.
0d93eeabdf6cf2576129c70c4877d7c1ccf923581a8fd3393d36ed24f4b1e695
Warzone Resurrection versions 2.0.3 and below and versions SNV 127 and below suffer from multiple buffer overflow vulnerabilities.
fae5b6b541dbe9c20c3a4556ba99764b8b6ad8b285d070545298adab53e52f47
Proof of concept exploit for Cheese Tracker versions 0.9.9 and below which suffer from a buffer overflow vulnerability in Loader_XM::load_instrument_internal.
d4f16a0d1bf448b328ea4fa7172dd8133fa86f779e53731854ebf766bdc834dd
Cheese Tracker versions 0.9.9 and below suffers from a buffer overflow vulnerability in Loader_XM::load_instrument_internal.
52ca47842117014347d6c0d4117805aa3857b33ccf668849194969997e1990b1
A remote file inclusion vulnerability exists in MoSpray, a component of Mambo.
2eebc92775ec3bbcfb8ec60c982f22aaaabd54251349351996cc2de8e29da988
Woltlab Burning Board suffers from multiple cookie manipulation and session fixation flaws. Versions found affected are 1.1.1, 1.2, 2.1.3, 2.1.5, 2.2, 2.2.1, and 2.2.2. Others may also be affected.
6d9eef20a9a8ec1a0b20616d1a24ce55638a3ae8133bb23607e6ed2436980daf
Vanilla CMS versions 1.0.1 and below suffer from a remote file inclusion vulnerability.
16859d04625857e31cb817f95cf005d07c8249b470d38d119deda65c34a0626d
Symantec Vulnerability Research Security Advisory SYMSA-2006-008 - Password Safe versions 2.11, 2.16, and 3.0BETA1 are susceptible to a flaw where the Lock Password Database Configuration functionality may not be enforced.
b3a6b6da4eca8b2c4e546264c82a14fc0b399f9524a727e8398e78c8b995f864