CMSimple suffers from a cross site scripting flaw.
e3a4325525739c8cf3593aec5e74a36f070cacc060a6eb0c88b877d1f04079d8Secunia Research has discovered a security issue in PC Tools AntiVirus version 2.1.0.51, which can be exploited by malicious, local users to gain escalated privileges. Successful exploitation allows execution of arbitrary commands with SYSTEM privileges.
83c92f48a356ec3bbbcc54a63e89c46fa42cdc8b58d424b520367adccacb22c9Vwar version 1.5.0 and below suffer from SQL injection and cross site scripting flaws.
15d14a06b9bcc2e848898db3aeb737ace31f508d07d6463e35a40fbf24c3d0d7HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Sendmail processing malformed multipart MIME messages. This vulnerability could potentially allow a remote unauthenticated user to cause a Denial of Service (DoS).
68f99f2177a039f4746a1b6b316fc5e24faeb27955f72abf60dea54d60ffc081HP Security Bulletin - A potential security vulnerability has been identified in the ProCurve Series 3500yl, 6200yl, and 5400zl Switches. The vulnerability could be exploited remotely resulting in a Denial of Service (DoS).
6d901b97ccb5abb88d197bae38cbf3c521a996b0a358f1cb969f3a787610d707Technical Cyber Security Alert TA06-214A - Apple has released Security Update 2006-004 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, Mail, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypass of security restrictions and denial of service.
36aa936f9b7bd92ff79fdc176de4d2d07ef1dd1543b3c71e6e7d1fa59d5831ebUbuntu Security Notice USN-330-1 - Tavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity. By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application's privileges.
02e8f7a4c424124d22e17346178b9572a0ee2b0c30f9d6f5ea1a83396cac5441Debian Security Advisory 1138-1 - Carlo Contavalli discovered an integer overflow in CFS, a cryptographic filesystem, which allows local users to crash the encryption daemon.
d4f4912c27b869860408b27545b9dae1cb57283bbfc90a5c1f1aa230ff32112eDebian Security Advisory 1137-1 - Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library.
35dd59f756d92b64f5716ea63b858fac3d771b002aa63e45e87c38f2235d59eeOZJournal version 1.5 suffers from a cross site scripting vulnerability.
5d6b05c9089b7e31ee5c0bb3b6497d047c41ee4755b01ded42f8456dc95f40cdWhitepaper discussing the methodology demonstrated in the Microsoft PowerPoint 2003 SP2 exploit.
18a9798ab16576aac7dac8c0da34b42161c5b9e5254fbcaf52a8ec462748cf7fDebian Security Advisory 1136-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which are also present in gpdf, the viewer with Gtk bindings, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
5c0cf7aefc51b063845696294db059d520a282066b9b9ab668fa4ab4db46465bSecunia Research has discovered some vulnerabilities in Jetbox CMS version 2.1 SR1, which can be exploited by malicious people to conduct session fixation attacks, disclose certain system information, conduct cross-site scripting, script insertion, and SQL injection attacks, and compromise a vulnerable system.
9f04052cf29a6c2a2789c34d885d6c38cca5d32aabb96f773f141859450e1776Proof of concept exploit that takes advantage of a buffer overflow in the /server directive of mIRC versions 6.17 and below. In a default install, this does not elevate privileges.
faeff6b29609fcd7cc837a37cb26366988e997241fd67e93e33221f8b168a3f6SaveWeb Portal version 3.4 suffers from a remote file inclusion vulnerability.
e81db7ac387d0421b97e56db490615227c2fc3b7f5e86e93d7f4c85d27bc77a2MyBB versions 1.1.6 and below suffer from a cross site scripting vulnerability.
decbade3396fd427f3e0b5e781172aa75733e48225cb57c71423d38637266dd9The G3 Content Management Framework suffers from a cross site scripting flaw in its search functionality.
ed0b96675e9bb1b768f29e787bddb29303b2349d4a6b1cb18611de65d5734d18Debian Security Advisory 1135-1 - Kevin Kofler discovered several stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp, a MusicBrainz tagging library, which allows remote attackers to cause a denial of service or execute arbitrary code.
d87b6e6b510003a0b0295297cb97437a8b545dc9fdbeb523d6de1237756c66c6The Simpliciti Locked Browser interface jail can be broken out of using simple JavaScript.
31c51ec9f1335cb8936ef3d4bcd381e588378f1959fe7c6f88f870611fcf2a21Exploit for fetchmail on Mac OSX versions 10.4.7 and below on the x86 architecture.
abc8c5b9a5bc11f1d75838f33a3f66f9084ed5b0f340b4ec323a19ef3bb3c7c7Shellscript exploit for fetchmail on Mac OSX versions 10.4.7 and below.
a7bcf7de5e8c976b85f2fa9843daaa6d420c62fa3d036f99c66a984a01557bbfExploit for fetchmail on Mac OSX versions 10.4.7 and below on the PPC architecture.
8fefc8253056f33ef76e022136819d38456365ed244f5190a475b2f1a4db32edfetchmail on Mac OSX versions 10.4.7 and below suffer from an arbitrary code execution flaw.
a79a85fa9c78b353f28bab9c307f950ae95726f9619a959e9e455eb143f10992The Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 are vulnerable to arbitrary file disclosure via the preview_email.cgi script.
8363029dcc673fedc8a62cebf430f37662f1cabb8e3673ab097dc0ee0fc14f0dThe Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 have a hardcoded password for the guest account in the Login.pm script.
a3fcc3dd2bedb5c6af2f3a9c0ba005f5a2e6ef2c19975142dd9f1d41ab2e55cb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed